URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Submission: On December 01 via api from GB — Scanned from GB

Summary

This website contacted 26 IPs in 5 countries across 19 domains to perform 149 HTTP transactions. The main IP is 2606:4700:3034::ac43:a5ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is gbhackers.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2021. Valid for: a year.
This is the only time gbhackers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 36 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
9 9 192.0.77.2 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:fa87:fff... 2635 (AUTOMATTIC)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 192.0.76.3 2635 (AUTOMATTIC)
14 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.130 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.0.78.33 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.75.88.209 16625 (AKAMAI-AS)
1 2a03:2880:f05... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 192.0.77.32 2635 (AUTOMATTIC)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 192.0.78.22 2635 (AUTOMATTIC)
149 26
Domain Requested by
24 gbhackers.com gbhackers.com
23 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 fonts.gstatic.com fonts.googleapis.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
13 pagead2.googlesyndication.com gbhackers.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
13 1.bp.blogspot.com gbhackers.com
7 s0.wp.com jetpack.wordpress.com
s0.wp.com
public-api.wordpress.com
5 www.gstatic.com googleads.g.doubleclick.net
5 www.googletagservices.com gbhackers.com
googleads.g.doubleclick.net
4 fonts.googleapis.com gbhackers.com
googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
3 pixel.wp.com gbhackers.com
3 i0.wp.com 3 redirects
3 i2.wp.com 3 redirects
3 i1.wp.com 3 redirects
2 onesignal.com cdn.onesignal.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.co.uk pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 cdn.onesignal.com gbhackers.com
cdn.onesignal.com
1 public-api.wordpress.com jetpack.wordpress.com
1 1.gravatar.com jetpack.wordpress.com
1 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 graph.facebook.com gbhackers.com
1 api.pinterest.com gbhackers.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 jetpack.wordpress.com gbhackers.com
1 stats.wp.com gbhackers.com
1 secure.gravatar.com gbhackers.com
1 lh6.googleusercontent.com gbhackers.com
1 lh5.googleusercontent.com gbhackers.com
1 www.googletagmanager.com gbhackers.com
149 34
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-12 -
2022-07-11
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-14 -
2022-11-16
2 years crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.wordpress.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-12 -
2022-11-14
2 years crt.sh
*.google.co.uk
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-26 -
2022-08-05
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-09-09 -
2021-12-08
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh

This page contains 17 frames:

Primary Page: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Frame ID: 3B08157AB096A3B634A233F0FD8C3298
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 4826072D65D2B9A89DF4033F4D9852CC
Requests: 1 HTTP requests in this frame

Frame: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=51914&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=84dc9d8a10bd810cfee4280cc2408c06cd72313a
Frame ID: 8FA815E5052D10D503B77DBDA3BE9D2B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&h=600&slotname=3739790355&adk=435275958&adf=3749288796&pi=t.ma~as.3739790355&w=160&lmt=1638339082&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082474&bpp=12&bdt=496&idt=286&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1440&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1gTakauBAp&p=https%3A//gbhackers.com&dtd=303
Frame ID: 4A18ED2D3BCF5EB7D60290167DD66204
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Frame ID: 96CDA11CFA3704E99FEFC22AE2209CCF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Frame ID: AACD8630B2D397FD70F8DE941E1A40CF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
Frame ID: 46CBDEAC5EE4F0D430E4E49BDB48BC1F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7C72BA18CF5B0BD99107C3291AB9B765
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: 4E5348189A83C0EB3D9BA51BB7CA39B5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: 88F73DD683947BE8B046CD77136B2281
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: B52DA15D418DFB0BF6DFE008DE452CCE
Requests: 1 HTTP requests in this frame

Frame: https://public-api.wordpress.com/connect/?googleplus-sign-in=https%3A%2F%2Fjetpack.wordpress.com&color_scheme=light
Frame ID: D033E51B38B61D9B0D24437E652470B3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 06FD9A880610BE85D31EC61A0D196071
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&adk=1812271804&adf=3025194257&lmt=1638339084&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339084209&bpp=1&bdt=2230&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dca98c6367590ee8b-226d32ee1bcc0009%3AT%3D1638339083%3ART%3D1638339083%3AS%3DALNI_MaywBYGuMCC0W1vAFnZTPUw0SctxA&prev_fmts=696x280%2C300x250%2C300x250&prev_slotnames=3739790355&nras=1&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&psts=AGkb-H_7inL_NN3XlQHICnJPoQ7qBDhcKKIcdTHG1Mtgv_KlgiaIYC5hBMXj4shZ34AFN3t7849t1fN3cEoO&pvsid=1041919069958849&pem=981&tmod=491487009&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=10
Frame ID: A9EED619DB8A36B0EEBBD26DF46818A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: F5B8FE25B1F73D3BE60177360FF7FFA4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D8A919F2A0899E4853A79458194E3BD0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1808381C22685604782EEC4072B4EE98
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

North Korean Hackers Group Posed as Samsung Recruiters To Target Security Firms

Page Statistics

149
Requests

93 %
HTTPS

73 %
IPv6

19
Domains

34
Subdomains

26
IPs

5
Countries

2960 kB
Transfer

6639 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://i1.wp.com/1.bp.blogspot.com/-kV_vaYDONDw/YaUd8m9LDII/AAAAAAAAPWw/HDt80mD0_Xs34fRxaI838lPV5Tdq1F69gCLcBGAsYHQ/s16000/North%2BKorean%2BHacker%2BGroup.png?w=696&ssl=1 HTTP 302
  • https://1.bp.blogspot.com/-kV_vaYDONDw/YaUd8m9LDII/AAAAAAAAPWw/HDt80mD0_Xs34fRxaI838lPV5Tdq1F69gCLcBGAsYHQ/s16000/North+Korean+Hacker+Group.png
Request Chain 23
  • https://i2.wp.com/1.bp.blogspot.com/--oHNYgHF3sg/YaT2ZOllacI/AAAAAAAAPWo/YxW05xgS9Jg06vZrZgqrug9vYBvIZmiAwCLcBGAsYHQ/s16000/E-Commerce.jpg?ssl=1 HTTP 302
  • https://1.bp.blogspot.com/--oHNYgHF3sg/YaT2ZOllacI/AAAAAAAAPWo/YxW05xgS9Jg06vZrZgqrug9vYBvIZmiAwCLcBGAsYHQ/s16000/E-Commerce.jpg
Request Chain 24
  • https://i0.wp.com/1.bp.blogspot.com/-fqHINAHbPR0/YaDLDIP0HwI/AAAAAAAAPVU/ZJqjljOiVJMO7bYEByrlGDsLqPla9Y9WgCLcBGAsYHQ/s16000/9%2BMillion%2BAndroid%2BPhones%2BRunning%2BMalware%2BApps%2BThat%2BDownloaded%2Bfrom%2BHuawei%2527s%2BAppGallery.png?ssl=1 HTTP 302
  • https://1.bp.blogspot.com/-fqHINAHbPR0/YaDLDIP0HwI/AAAAAAAAPVU/ZJqjljOiVJMO7bYEByrlGDsLqPla9Y9WgCLcBGAsYHQ/s16000/9+Million+Android+Phones+Running+Malware+Apps+That+Downloaded+from+Huawei%27s+AppGallery.png
Request Chain 25
  • https://i2.wp.com/1.bp.blogspot.com/-vZUHDti3ec4/YZvIJ6f9KMI/AAAAAAAAPUA/cwytJi0Nbd01fxfyWeheZc8ER8ygv1umACLcBGAsYHQ/s16000/AI%2BSecurity.jpeg?ssl=1 HTTP 302
  • https://1.bp.blogspot.com/-vZUHDti3ec4/YZvIJ6f9KMI/AAAAAAAAPUA/cwytJi0Nbd01fxfyWeheZc8ER8ygv1umACLcBGAsYHQ/s16000/AI+Security.jpeg
Request Chain 30
  • https://i0.wp.com/1.bp.blogspot.com/-fqr4z63PEOE/YYUIdQ_Qk4I/AAAAAAAAPNE/KeIs31G3hV4D1RkU2jjWsNB0JfOngCs7wCLcBGAsYHQ/s16000/soc%2Bas%2Ba%2Bservice%2B%25281%2529.png?ssl=1 HTTP 302
  • https://1.bp.blogspot.com/-fqr4z63PEOE/YYUIdQ_Qk4I/AAAAAAAAPNE/KeIs31G3hV4D1RkU2jjWsNB0JfOngCs7wCLcBGAsYHQ/s16000/soc+as+a+service+%281%29.png
Request Chain 31
  • https://i1.wp.com/1.bp.blogspot.com/-75WwKXwlvHo/YYLdziYU-SI/AAAAAAAAPMk/xNnXPPku1TI7LNOWK2W56-J6ssXiJsL2QCLcBGAsYHQ/s16000/IP%2BGIO%2BLOCATION.PNG?ssl=1 HTTP 302
  • https://1.bp.blogspot.com/-75WwKXwlvHo/YYLdziYU-SI/AAAAAAAAPMk/xNnXPPku1TI7LNOWK2W56-J6ssXiJsL2QCLcBGAsYHQ/s16000/IP+GIO+LOCATION.PNG
Request Chain 32
  • https://i1.wp.com/1.bp.blogspot.com/-AnCQsfd5xB4/XR-rjbPavnI/AAAAAAAACtM/Zc-fYuH31JMNsEUd17_mKlN03V8KrcwSgCLcBGAs/s1600/Linux-VPS.jpg?ssl=1 HTTP 302
  • https://1.bp.blogspot.com/-AnCQsfd5xB4/XR-rjbPavnI/AAAAAAAACtM/Zc-fYuH31JMNsEUd17_mKlN03V8KrcwSgCLcBGAs/s1600/Linux-VPS.jpg
Request Chain 33
  • https://i2.wp.com/1.bp.blogspot.com/-tqtVXm6JNJQ/XTyRNuRRR9I/AAAAAAAADSo/qVet8cnwiNUC7y5udVsd6RGtv9wM7Ut6ACLcBGAs/s1600/active%2Bdirectory%2Bpenetration%2BTesting.jpg?ssl=1 HTTP 302
  • https://1.bp.blogspot.com/-tqtVXm6JNJQ/XTyRNuRRR9I/AAAAAAAADSo/qVet8cnwiNUC7y5udVsd6RGtv9wM7Ut6ACLcBGAs/s1600/active+directory+penetration+Testing.jpg
Request Chain 34
  • https://i0.wp.com/1.bp.blogspot.com/-r5_7z5UdCjQ/YV7nO1S0_fI/AAAAAAAAO_s/Q2ztigMSx9sDDX5gdw_thRVl37vbJU-vACLcBGAsYHQ/s16000/Apache%2B0-Days%2BBug.png?ssl=1 HTTP 302
  • https://1.bp.blogspot.com/-r5_7z5UdCjQ/YV7nO1S0_fI/AAAAAAAAO_s/Q2ztigMSx9sDDX5gdw_thRVl37vbJU-vACLcBGAsYHQ/s16000/Apache+0-Days+Bug.png
Request Chain 85
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD3mNe39wEQkAEYkAEyCHRL-Hucl-M4 HTTP 301
  • https://tpc.googlesyndication.com/simgad/11676170405747505892
Request Chain 120
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 140
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

149 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
131 KB
29 KB
Document
General
Full URL
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a42bf5f2a09874e30d1a3027977dd07bc20e1abca1a35884e48fcb06299c473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-type
text/html; charset=UTF-8
x-pingback
https://gbhackers.com/xmlrpc.php
x-mod-pagespeed
1.13.35.2-0
cache-control
max-age=0, no-cache, must-revalidate
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-varnish
3474788
age
0
x-cache
MISS
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hw32pR%2FkM1PusvQK%2BfgF9P3%2BiaclxOwmIc7bmqKYE9n2OZATvh7zC9OwvfJGjjlclxS9L5drpoVHROdlsQ20%2FZ95AWWme%2FRkX%2FZo1AcHVKvPg2Tdvdpr0K8vj6sz0rCQsUCZgfj4%2BgyE1kAI"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b6a285ec88559e3-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
gbhackers.com/wp-includes/css/dist/block-library/
52 KB
8 KB
Stylesheet
General
Full URL
https://gbhackers.com/wp-includes/css/dist/block-library/style.min.css?ver=4cc0e90e607ad87706fb34633047a82d
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96a2fc04e5f82d1b6fed397c6954cecd40fbb8383d422a4d39f3ab7d0687693a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
53593
age
266948
cf-ray
6b6a28620e3f59e3-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"PSA-aj-_93gOJAMuK"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uN2gJj32oHudgwyejDmcSGu3w49k7r31v41n%2FAEY17BjAG7%2B84ALmw9OcIgHXAyqoRM0j%2FbTTfSOyjI4WCErQbt34RO1uKmRNwEKU8q2oTUY8lOtp53RpbLzTl5ICU6WSCeBU%2B7Ja84T%2FoaA"}],"group":"cf-nel","max_age":604800}
x-varnish
26086619
vary
Accept-Encoding
cache-control
public, max-age=2591498
content-type
text/css
expires
Sat, 04 Dec 2021 11:06:25 GMT
email-subscribers-public.css
gbhackers.com/wp-content/plugins/email-subscribers/lite/public/css/
1 KB
967 B
Stylesheet
General
Full URL
https://gbhackers.com/wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=4.4.4
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d22757b5d6d70bb4a66040eb6ba44389922a08c588e4e46f14ec141e028540
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
1822
age
1246311
cf-polished
origSize=1300
cf-ray
6b6a28620e4059e3-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
etag
W/"PSA-aj-P_IhAR--LJ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpkQUM0bMb8m%2BqgSLx02U6Bi8Ai5UZbG1jH2ZiHyG3HIb1hjIT5kP%2BCbDIqeMxyHC1KinK3naGZE7zrN82Onu8T%2FoWdjsqDaLbyqbbQLj3wQsZ4bhpWIOpD9vEqpqMCWqskBr32g%2BkY4%2B%2FG1"}],"group":"cf-nel","max_age":604800}
x-varnish
73574993
vary
Accept-Encoding
cache-control
public, max-age=2591767
content-type
text/css
expires
Sat, 04 Dec 2021 11:06:25 GMT
css
fonts.googleapis.com/
30 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CDroid+Sans%3A400&ver=8.5.1
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79b93ce1d5b919bd7d6c3b5f59a0533837ad6ee414edd0322f1f481b69375996
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 05:49:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 06:11:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Dec 2021 06:11:22 GMT
default.min.css
gbhackers.com/wp-content/plugins/tablepress/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://gbhackers.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.11
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6a28620e4459e3-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 14 Apr 2020 02:59:37 GMT
server
cloudflare
etag
W/"322034-13e4-5a33763e180f0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBT1i2loH3TIR22eaucCORU4p6499lnEqIexC1ETpddxtm%2F4rsFNxsha1iSVc8Bzu%2Bzq0kkUMuIefBV6g86TloY1tttzh5d9nQieJ89Vhlz7%2BmFSfv2wIwMRW%2BSycAbBVjSqKRi6Gx%2FGg9AW"}],"group":"cf-nel","max_age":604800}
x-varnish
75524959
cache-control
public, max-age=2592000, s-maxage=10
content-type
text/css
expires
Wed, 02 Feb 2022 11:06:25 GMT
js_composer.min.css
gbhackers.com/wp-content/plugins/js_composer/assets/css/
474 KB
46 KB
Stylesheet
General
Full URL
https://gbhackers.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.2
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b5aaa9e0ebee58b5994d83379b096ec993976d68ddba4a4fb0d53f4cd8ce24
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
481374
age
1296734
cf-ray
6b6a28620e4659e3-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"PSA-aj-FSZdArOxHz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZW2jHUMSJpC%2FFm6kMcJGFTUuNISErkoGyjGJIQWRKaZxNg8BEfwW7orpjup39LSmqcIx6xr%2FPY7IwbrZdPVFnizVh%2F0Zh6UmZ25maoy1UDSvCxXyYPjON%2BI%2FoYMNRW%2Blz%2FE7%2Bs7udWqPgaa"}],"group":"cf-nel","max_age":604800}
x-varnish
54209607
vary
Accept-Encoding
cache-control
public, max-age=2542925
content-type
text/css
expires
Fri, 03 Dec 2021 21:39:25 GMT
style.css
gbhackers.com/wp-content/themes/Newspaper/
859 KB
95 KB
Stylesheet
General
Full URL
https://gbhackers.com/wp-content/themes/Newspaper/style.css?ver=8.5.1
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc1c9310b4e7ce78149bfc5a27a511c73fe3b83f1345bafb62d7a94f484e2151
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
1112087
age
434324
cf-polished
origSize=884995
cf-ray
6b6a28620e4959e3-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
etag
W/"PSA-aj-pulD_dW8Vv"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2F3AvKz%2BObxhv%2FIOEqizTT3R8UqL8V%2Fx%2BZUDqdgUedSzIZO18UhCpdCADByMKX1VxD83nkVa9VmbCvt5IXZhDZYCkbTkf%2FcZMjjbNyUApBIrAp2VmB4y%2BpEMPr8J10VjIXyfVr0mWOZR%2FlKj"}],"group":"cf-nel","max_age":604800}
x-varnish
65020426
vary
Accept-Encoding
cache-control
public, max-age=2590566
content-type
text/css
expires
Sat, 04 Dec 2021 11:06:25 GMT
demo_style.css
gbhackers.com/wp-content/themes/Newspaper/includes/demos/sport/
284 B
521 B
Stylesheet
General
Full URL
https://gbhackers.com/wp-content/themes/Newspaper/includes/demos/sport/demo_style.css?ver=8.5.1
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
033ac4de550c02006f3ad635fab1d85fe4c08179481725a25c14862b503a1912
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
544
age
1251154
cf-ray
6b6a28620e4a59e3-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
etag
W/"PSA-aj-67kD1uWlVx"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inV9bpaI%2FxyiYmYQj%2FI5j5t8k7C3Ndb6Lk3Ujz%2F3ONnxsx3MwO%2BZRA4KD8zIL5%2BLcd9yzAE4JDQL7rOWdFlordGPkNbFlki36oZJDCMZTwPgji7YaDhU7nBlSQ6o2OX1FP58f2Zjv%2FVeJF5L"}],"group":"cf-nel","max_age":604800}
x-varnish
77410115
vary
Accept-Encoding
cache-control
public, max-age=2591416
content-type
text/css
expires
Sat, 04 Dec 2021 11:06:25 GMT
social-logos.min.css
gbhackers.com/wp-content/plugins/jetpack/_inc/social-logos/
26 KB
19 KB
Stylesheet
General
Full URL
https://gbhackers.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e1ced1bd0736a56a0c44fd7b3bf8134850398ecddd52a0f5e6e437c5d527999
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6a28620e4b59e3-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 04 Jun 2021 06:55:32 GMT
server
cloudflare
etag
W/"fe3c7-6866-5c3eb2d8c8621-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQHqPCXT9hYJwPlI886WRuA9EjvKczYzXdp8h2YSKjHRxOmoSMrG1yUyifHYqtLcwfkGh2PTUg33P7Uzzl8TghfDrs1ZO2uXgxSJDXBq1HSAD%2FATF1cfhpmoHDXMXsN5I54SLywMTBfDeZbg"}],"group":"cf-nel","max_age":604800}
x-varnish
75524965
cache-control
public, max-age=2592000, s-maxage=10
content-type
text/css
expires
Wed, 02 Feb 2022 11:06:25 GMT
jetpack.css
gbhackers.com/wp-content/plugins/jetpack/css/
73 KB
14 KB
Stylesheet
General
Full URL
https://gbhackers.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.4.3
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b7cc57cec37ddd48856f6328f6f2b8798cc22fd3fb37eae4227c05fa1e8453
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
74081
age
2097045
cf-polished
origSize=74499
cf-ray
6b6a28620e4d59e3-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
etag
W/"PSA-aj-7sCfve8p-d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiAsxBjGb18z66XWcnoKpQgYm0PrXoCeITuyj1OU9Cgz6xSccfKnwoGLiJSk3InpYJHL95To0BBgXVlfEyb0mPJ4qK9IrMIndwUeDrEL6VcbV0dIAPwxDUkWdlJpmZopX%2FzwRbuoFJzuFnea"}],"group":"cf-nel","max_age":604800}
x-varnish
65559603
vary
Accept-Encoding
cache-control
public, max-age=2582219
content-type
text/css
expires
Sat, 04 Dec 2021 08:26:19 GMT
jquery.js
gbhackers.com/wp-includes/js/jquery/
95 KB
34 KB
Script
General
Full URL
https://gbhackers.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
96873
age
676469
cf-ray
6b6a28621e4f59e3-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
etag
W/"PSA-aj-gp20iU5FlU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LarFhf79ulWR8fR%2BsNxzWyigma%2FuHKD11i68ALs6XITidkPUGb9UZ2njYwwvb4%2FoxfWCA8dsdQBVQP9AlGCpOwXB939jMASZnl%2FpAQZEbhLDHeNnw7njH9UmmufSAc%2BVywaD8QZtSaS99owb"}],"group":"cf-nel","max_age":604800}
x-varnish
24595303
vary
Accept-Encoding
cache-control
public, max-age=2591771
content-type
application/javascript
expires
Sat, 04 Dec 2021 11:06:25 GMT
jquery-migrate.min.js
gbhackers.com/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://gbhackers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
10056
age
1012296
cf-ray
6b6a28621e5159e3-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"PSA-aj-C2obERNcWh"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8MNhDmI%2BxpFSl1OtfVXvYWXCMhIROyo64Gcqk5fNVMEJM1miGd59fW8ee0EwlwL%2BLxVEYXu4ZZETxQjkO%2B8Qukg%2Bc3nuV0%2FGRWe8oTjAUlWaIhseQSUajCMCMLjKqxJgSbR8RUT0CcehnuG"}],"group":"cf-nel","max_age":604800}
x-varnish
1607318
vary
Accept-Encoding
cache-control
public, max-age=2591725
content-type
application/javascript
expires
Sat, 04 Dec 2021 11:06:25 GMT
email-subscribers-public.js
gbhackers.com/wp-content/plugins/email-subscribers/lite/public/js/
2 KB
1 KB
Script
General
Full URL
https://gbhackers.com/wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=4.4.4
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fbe809775a3a3199624d023fb474484d89b9a4c48f1585f1eac8dbb53b5b9be
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
3544
age
1249330
cf-ray
6b6a28622e8159e3-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
etag
W/"PSA-aj-SZWxqyGU4m"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S74g20HF9r1ZOsPcAh2OEsVjs8t%2BWZuVzRlXpfbzQ2YqxYdaZkgcNrK%2Ffemy6FwnBJ55Srx%2BfNf8ZyW4gwRATXTXHypnLz5o5k%2BXRjVhjOqCnS5W9zWsobKRwpXeU%2FkA%2Fh21JQ%2BcoCIS1KoE"}],"group":"cf-nel","max_age":604800}
x-varnish
75525085
vary
Accept-Encoding
cache-control
public, max-age=2591690
content-type
application/javascript
expires
Sat, 04 Dec 2021 11:06:25 GMT
js
www.googletagmanager.com/gtag/
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-88811382-1
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
267b5e73969341bb850be55e11839241613a9dc7869e495bf1bd4852785577b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36144
x-xss-protection
0
expires
Wed, 01 Dec 2021 06:11:22 GMT
gpt.js
www.googletagservices.com/tag/js/
78 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97f70b4714f5968860f119005de6eebbc73c92c9e85977f0335212f01de645d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1060 / 123 of 1000 / last-modified: 1638314106"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26851
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Dec 2021 06:11:22 GMT
wp-emoji-release.min.js
gbhackers.com/wp-includes/js/
13 KB
5 KB
Script
General
Full URL
https://gbhackers.com/wp-includes/js/wp-emoji-release.min.js?ver=4cc0e90e607ad87706fb34633047a82d
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1820ff4e7bde396510b5a0f38900029400a051e4a11d960646cca97d4e7445f0
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
13901
age
1001325
cf-ray
6b6a2863cacf374c-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"PSA-aj-n7WRPF4oRE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGlEDl2bXnWe4nrYlDycB40h5qDONA2x68VBGoAQUDmKEAdTOBcAdDu0ikDJAO39FqiPEvDo7rgIbFexpvlah5BxWeNLdtPr9quJsw95qMAkw7Rzl1VdYAJJauGSN%2FiQz3nK%2BVlGd%2Fr7XQvO"}],"group":"cf-nel","max_age":604800}
x-varnish
47221115
vary
Accept-Encoding
cache-control
public, max-age=2591822
content-type
application/javascript
expires
Sat, 04 Dec 2021 11:06:24 GMT
Indusface%2BBanner.png
1.bp.blogspot.com/-oja8yoZ7NJc/YaRzpwYNwXI/AAAAAAAAPWQ/-a7T6XDWgugdG1BqaGy4WXvPBgtqvdYOwCLcBGAsYHQ/s16000/
26 KB
26 KB
Image
General
Full URL
https://1.bp.blogspot.com/-oja8yoZ7NJc/YaRzpwYNwXI/AAAAAAAAPWQ/-a7T6XDWgugdG1BqaGy4WXvPBgtqvdYOwCLcBGAsYHQ/s16000/Indusface%2BBanner.png
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bf93a0c21fa2d37a5c7e1075b2f3b65de111e7504bd6372112609ba80ed6b6c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 04:42:21 GMT
x-content-type-options
nosniff
age
5341
content-disposition
inline;filename="Indusface Banner.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26295
x-xss-protection
0
server
fife
etag
"v3d65"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Nov 2021 06:36:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6165a91e6dd0a5d9e581fbf34e8135b20c5b1c3955566758943ae88709ca5461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51249
x-xss-protection
0
server
cafe
etag
13589003419677224270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 06:11:22 GMT
North+Korean+Hacker+Group.png
1.bp.blogspot.com/-kV_vaYDONDw/YaUd8m9LDII/AAAAAAAAPWw/HDt80mD0_Xs34fRxaI838lPV5Tdq1F69gCLcBGAsYHQ/s16000/
Redirect Chain
  • https://i1.wp.com/1.bp.blogspot.com/-kV_vaYDONDw/YaUd8m9LDII/AAAAAAAAPWw/HDt80mD0_Xs34fRxaI838lPV5Tdq1F69gCLcBGAsYHQ/s16000/North%2BKorean%2BHacker%2BGroup.png?w=696&ssl=1
  • https://1.bp.blogspot.com/-kV_vaYDONDw/YaUd8m9LDII/AAAAAAAAPWw/HDt80mD0_Xs34fRxaI838lPV5Tdq1F69gCLcBGAsYHQ/s16000/North+Korean+Hacker+Group.png
169 KB
169 KB
Image
General
Full URL
https://1.bp.blogspot.com/-kV_vaYDONDw/YaUd8m9LDII/AAAAAAAAPWw/HDt80mD0_Xs34fRxaI838lPV5Tdq1F69gCLcBGAsYHQ/s16000/North+Korean+Hacker+Group.png
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
73810400992edf91b1a73c5d55b37dda7f30487f5957233e783802f1376e3431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="North Korean Hacker Group.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
173180
x-xss-protection
0
server
fife
etag
"v3d6d"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Nov 2021 22:48:26 GMT

Redirect headers

x-nc
EXPIRED lhr 6
date
Wed, 01 Dec 2021 06:11:22 GMT
server
nginx
location
https://1.bp.blogspot.com/-kV_vaYDONDw/YaUd8m9LDII/AAAAAAAAPWw/HDt80mD0_Xs34fRxaI838lPV5Tdq1F69gCLcBGAsYHQ/s16000/North+Korean+Hacker+Group.png
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
show_ads.js
pagead2.googlesyndication.com/pagead/
111 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
826849e486c43832e36c991ca35ad1d43a635df8bacf662860a05fb2b54bc75a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40081
x-xss-protection
0
server
cafe
etag
1017003451579779798
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 06:11:22 GMT
FFfFcSPstpx0_yxva7Z4OGd_eaitiSM5GFSqnE5DyOrvucczxDBdkC47cpWvuDAwwuWIHAXqZA_zwQexumiyCdkAva8O-mbR2h24avN9SBl5eGDYIZrQs_6FjHsuxMdhi3S_VU0A
lh5.googleusercontent.com/
35 KB
35 KB
Image
General
Full URL
https://lh5.googleusercontent.com/FFfFcSPstpx0_yxva7Z4OGd_eaitiSM5GFSqnE5DyOrvucczxDBdkC47cpWvuDAwwuWIHAXqZA_zwQexumiyCdkAva8O-mbR2h24avN9SBl5eGDYIZrQs_6FjHsuxMdhi3S_VU0A
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e9c41c06c765e324b53515b6bfcb3d09b8090a445cb9959f8bc6edb4bac5e279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="GT 1.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35918
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Nov 2021 18:55:39 GMT
nYqf11bewai3ysiSt8UlU9Zba4Lz2zRIW0a0n4P6Pfp1oALDSc85Vtb4Zi7l8-5ttpZFbwEVpvgFowNDSlsNYjfm2ek-AAB-TOYPQiF3GjxpNeulXTBmG5AgvVjNbUeiWDgOnX37
lh6.googleusercontent.com/
115 KB
115 KB
Image
General
Full URL
https://lh6.googleusercontent.com/nYqf11bewai3ysiSt8UlU9Zba4Lz2zRIW0a0n4P6Pfp1oALDSc85Vtb4Zi7l8-5ttpZFbwEVpvgFowNDSlsNYjfm2ek-AAB-TOYPQiF3GjxpNeulXTBmG5AgvVjNbUeiWDgOnX37
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fb67552bcfc3ad02c19511d196121130ceb65536a5754ceb0c1de72d55de0e65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="GT 2.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117439
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Nov 2021 19:10:36 GMT
97da5a61b17f846e5666ba80c29d776e
secure.gravatar.com/avatar/
5 KB
5 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/97da5a61b17f846e5666ba80c29d776e?s=96&d=mm&r=g
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a51e791b4b0e0fc1f924018249a0352ca1eeb587114deb8e215a9d83a73df0d4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT mxp 2
date
Wed, 01 Dec 2021 06:11:22 GMT
last-modified
Thu, 07 Feb 2019 15:03:43 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="97da5a61b17f846e5666ba80c29d776e.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/97da5a61b17f846e5666ba80c29d776e?s=96&d=mm&r=g>; rel="canonical"
content-length
4689
expires
Wed, 01 Dec 2021 06:16:22 GMT
email-decode.min.js
gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Nov 2021 17:32:49 GMT
server
cloudflare
etag
W/"619bd441-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHBoNARSptKr32Gwc6IxqcckBo7CaAROrc7gsPRZn7%2BL%2BbI31yYVDEPQOXfrv%2FY6gpDOOBHpzKIzZVufid8H5h57uHdbygoyUYs4Ai1bj7%2FTeQjjRIwFHVPdkpyDF58xUP6%2F48YHy2QUwSnM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6a2863aa9e374c-MXP
vary
Accept-Encoding
expires
Fri, 03 Dec 2021 06:11:22 GMT
E-Commerce.jpg
1.bp.blogspot.com/--oHNYgHF3sg/YaT2ZOllacI/AAAAAAAAPWo/YxW05xgS9Jg06vZrZgqrug9vYBvIZmiAwCLcBGAsYHQ/s16000/
Redirect Chain
  • https://i2.wp.com/1.bp.blogspot.com/--oHNYgHF3sg/YaT2ZOllacI/AAAAAAAAPWo/YxW05xgS9Jg06vZrZgqrug9vYBvIZmiAwCLcBGAsYHQ/s16000/E-Commerce.jpg?ssl=1
  • https://1.bp.blogspot.com/--oHNYgHF3sg/YaT2ZOllacI/AAAAAAAAPWo/YxW05xgS9Jg06vZrZgqrug9vYBvIZmiAwCLcBGAsYHQ/s16000/E-Commerce.jpg
241 KB
241 KB
Image
General
Full URL
https://1.bp.blogspot.com/--oHNYgHF3sg/YaT2ZOllacI/AAAAAAAAPWo/YxW05xgS9Jg06vZrZgqrug9vYBvIZmiAwCLcBGAsYHQ/s16000/E-Commerce.jpg
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d4946c0a255ce147e3eb1d457c30574262edaacdd20dde4edddeecd925df2303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="E-Commerce.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246723
x-xss-protection
0
server
fife
etag
"v3d6b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 30 Nov 2021 15:55:07 GMT

Redirect headers

x-nc
EXPIRED lhr 8
date
Wed, 01 Dec 2021 06:11:22 GMT
server
nginx
location
https://1.bp.blogspot.com/--oHNYgHF3sg/YaT2ZOllacI/AAAAAAAAPWo/YxW05xgS9Jg06vZrZgqrug9vYBvIZmiAwCLcBGAsYHQ/s16000/E-Commerce.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
9+Million+Android+Phones+Running+Malware+Apps+That+Downloaded+from+Huawei%27s+AppGallery.png
1.bp.blogspot.com/-fqHINAHbPR0/YaDLDIP0HwI/AAAAAAAAPVU/ZJqjljOiVJMO7bYEByrlGDsLqPla9Y9WgCLcBGAsYHQ/s16000/
Redirect Chain
  • https://i0.wp.com/1.bp.blogspot.com/-fqHINAHbPR0/YaDLDIP0HwI/AAAAAAAAPVU/ZJqjljOiVJMO7bYEByrlGDsLqPla9Y9WgCLcBGAsYHQ/s16000/9%2BMillion%2BAndroid%2BPhones%2BRunning%2BMalware%2BApps%2BThat%2BDownlo...
  • https://1.bp.blogspot.com/-fqHINAHbPR0/YaDLDIP0HwI/AAAAAAAAPVU/ZJqjljOiVJMO7bYEByrlGDsLqPla9Y9WgCLcBGAsYHQ/s16000/9+Million+Android+Phones+Running+Malware+Apps+That+Downloaded+from+Huawei%27s+AppGa...
70 KB
70 KB
Image
General
Full URL
https://1.bp.blogspot.com/-fqHINAHbPR0/YaDLDIP0HwI/AAAAAAAAPVU/ZJqjljOiVJMO7bYEByrlGDsLqPla9Y9WgCLcBGAsYHQ/s16000/9+Million+Android+Phones+Running+Malware+Apps+That+Downloaded+from+Huawei%27s+AppGallery.png
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
12eba784fa8f120e1e303f2079ab3ba84ec7ed991fa48c1ecf5b5436e2237745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="9 Million Android Phones Running Malware Apps That Downloaded from Huawei's AppGallery.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71399
x-xss-protection
0
server
fife
etag
"v3d56"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 27 Nov 2021 11:59:07 GMT

Redirect headers

x-nc
EXPIRED lhr 4
date
Wed, 01 Dec 2021 06:11:23 GMT
server
nginx
location
https://1.bp.blogspot.com/-fqHINAHbPR0/YaDLDIP0HwI/AAAAAAAAPVU/ZJqjljOiVJMO7bYEByrlGDsLqPla9Y9WgCLcBGAsYHQ/s16000/9+Million+Android+Phones+Running+Malware+Apps+That+Downloaded+from+Huawei%27s+AppGallery.png
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
AI+Security.jpeg
1.bp.blogspot.com/-vZUHDti3ec4/YZvIJ6f9KMI/AAAAAAAAPUA/cwytJi0Nbd01fxfyWeheZc8ER8ygv1umACLcBGAsYHQ/s16000/
Redirect Chain
  • https://i2.wp.com/1.bp.blogspot.com/-vZUHDti3ec4/YZvIJ6f9KMI/AAAAAAAAPUA/cwytJi0Nbd01fxfyWeheZc8ER8ygv1umACLcBGAsYHQ/s16000/AI%2BSecurity.jpeg?ssl=1
  • https://1.bp.blogspot.com/-vZUHDti3ec4/YZvIJ6f9KMI/AAAAAAAAPUA/cwytJi0Nbd01fxfyWeheZc8ER8ygv1umACLcBGAsYHQ/s16000/AI+Security.jpeg
100 KB
101 KB
Image
General
Full URL
https://1.bp.blogspot.com/-vZUHDti3ec4/YZvIJ6f9KMI/AAAAAAAAPUA/cwytJi0Nbd01fxfyWeheZc8ER8ygv1umACLcBGAsYHQ/s16000/AI+Security.jpeg
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e42034fb34e129b587ca03a87faf4976eb945a259d976cb4d2b6ccf3fd1cd31f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="AI Security.jpeg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102878
x-xss-protection
0
server
fife
etag
"v3d41"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 23 Nov 2021 16:45:08 GMT

Redirect headers

x-nc
EXPIRED lhr 4
date
Wed, 01 Dec 2021 06:11:23 GMT
server
nginx
location
https://1.bp.blogspot.com/-vZUHDti3ec4/YZvIJ6f9KMI/AAAAAAAAPUA/cwytJi0Nbd01fxfyWeheZc8ER8ygv1umACLcBGAsYHQ/s16000/AI+Security.jpeg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
Free_WAF.gif
1.bp.blogspot.com/-wDVdMgUb3GA/YUtDvbUiNZI/AAAAAAAAO4c/-xsRzExFRVMZlurngf0_QmxKA_tqGnXPACLcBGAsYHQ/s16000/
41 KB
41 KB
Image
General
Full URL
https://1.bp.blogspot.com/-wDVdMgUb3GA/YUtDvbUiNZI/AAAAAAAAO4c/-xsRzExFRVMZlurngf0_QmxKA_tqGnXPACLcBGAsYHQ/s16000/Free_WAF.gif
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bd994a7429830bfa6e85fa848b3e42150b3fbbdc2ddb9b734ca481a7f3a39320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 05:18:47 GMT
x-content-type-options
nosniff
age
3156
content-disposition
inline;filename="Free_WAF.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42452
x-xss-protection
0
server
fife
etag
"v3b88"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Nov 2021 06:28:51 GMT
Indusface1.png
1.bp.blogspot.com/-nsf4JMRDEZI/YZY85jdOduI/AAAAAAAAPSI/HsTMitAk7usuS9MJ5BQPss8yC1rS1SBKwCLcBGAsYHQ/s16000/
62 KB
62 KB
Image
General
Full URL
https://1.bp.blogspot.com/-nsf4JMRDEZI/YZY85jdOduI/AAAAAAAAPSI/HsTMitAk7usuS9MJ5BQPss8yC1rS1SBKwCLcBGAsYHQ/s16000/Indusface1.png
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4d862584135798ad521d8f5f38ca1a7c1cdf75981d74ccbba496e25eb7080366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 04:42:42 GMT
x-content-type-options
nosniff
age
5321
content-disposition
inline;filename="Indusface1.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63823
x-xss-protection
0
server
fife
etag
"v3d24"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 19 Nov 2021 12:05:14 GMT
Indusface%2B300.png
1.bp.blogspot.com/-2b5PlPB72J4/YP7Wir7-a5I/AAAAAAAAOK4/eA3gAcbilo8q-lVmHdYcB14P7_KbafuKgCLcBGAsYHQ/s16000/
37 KB
37 KB
Image
General
Full URL
https://1.bp.blogspot.com/-2b5PlPB72J4/YP7Wir7-a5I/AAAAAAAAOK4/eA3gAcbilo8q-lVmHdYcB14P7_KbafuKgCLcBGAsYHQ/s16000/Indusface%2B300.png
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a838406d751481e4a22b44b6d93a2aadbeaaf3ada4c4ade352b3f05579a0e894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 02:50:10 GMT
x-content-type-options
nosniff
age
12073
content-disposition
inline;filename="Indusface 300.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37863
x-xss-protection
0
server
fife
etag
"v38b0"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 Nov 2021 11:02:28 GMT
spinner.gif
gbhackers.com/wp-content/plugins/email-subscribers/lite/public/images/
3 KB
4 KB
Image
General
Full URL
https://gbhackers.com/wp-content/plugins/email-subscribers/lite/public/images/spinner.gif
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1243496
cf-ray
6b6a2863cad1374c-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3208
x-xss-protection
1; mode=block
last-modified
Tue, 14 Apr 2020 02:56:40 GMT
server
cloudflare
etag
"24c026-c88-5a337594fc442"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltSA%2Flc0Uo6o2LAl5BiocoMaQl9Hh0%2B%2B5q4BSXHueBSen3NANV8AhfMrEYBUFY5Q0gPvKTqQ6PFOiCxE8IcGwkLIzdK8MxZYepYxCOesgxeRLRGjXyJQh6%2FLSNzFyY5i4gVpDAOnyU6yAL6T"}],"group":"cf-nel","max_age":604800}
x-varnish
76452668
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/gif
expires
Fri, 04 Nov 2022 11:19:59 GMT
soc+as+a+service+%281%29.png
1.bp.blogspot.com/-fqr4z63PEOE/YYUIdQ_Qk4I/AAAAAAAAPNE/KeIs31G3hV4D1RkU2jjWsNB0JfOngCs7wCLcBGAsYHQ/s16000/
Redirect Chain
  • https://i0.wp.com/1.bp.blogspot.com/-fqr4z63PEOE/YYUIdQ_Qk4I/AAAAAAAAPNE/KeIs31G3hV4D1RkU2jjWsNB0JfOngCs7wCLcBGAsYHQ/s16000/soc%2Bas%2Ba%2Bservice%2B%25281%2529.png?ssl=1
  • https://1.bp.blogspot.com/-fqr4z63PEOE/YYUIdQ_Qk4I/AAAAAAAAPNE/KeIs31G3hV4D1RkU2jjWsNB0JfOngCs7wCLcBGAsYHQ/s16000/soc+as+a+service+%281%29.png
102 KB
102 KB
Image
General
Full URL
https://1.bp.blogspot.com/-fqr4z63PEOE/YYUIdQ_Qk4I/AAAAAAAAPNE/KeIs31G3hV4D1RkU2jjWsNB0JfOngCs7wCLcBGAsYHQ/s16000/soc+as+a+service+%281%29.png
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f1e3ce113f50d9d7389eafdb2fdd09ac50973b4df19c2ca6fdb1281a075db0fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 04:42:55 GMT
x-content-type-options
nosniff
age
5308
content-disposition
inline;filename="soc as a service (1).png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104415
x-xss-protection
0
server
fife
etag
"v3cd2"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 06 Nov 2021 10:35:25 GMT

Redirect headers

x-nc
EXPIRED lhr 1
date
Wed, 01 Dec 2021 06:11:23 GMT
server
nginx
location
https://1.bp.blogspot.com/-fqr4z63PEOE/YYUIdQ_Qk4I/AAAAAAAAPNE/KeIs31G3hV4D1RkU2jjWsNB0JfOngCs7wCLcBGAsYHQ/s16000/soc+as+a+service+%281%29.png
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
IP+GIO+LOCATION.PNG
1.bp.blogspot.com/-75WwKXwlvHo/YYLdziYU-SI/AAAAAAAAPMk/xNnXPPku1TI7LNOWK2W56-J6ssXiJsL2QCLcBGAsYHQ/s16000/
Redirect Chain
  • https://i1.wp.com/1.bp.blogspot.com/-75WwKXwlvHo/YYLdziYU-SI/AAAAAAAAPMk/xNnXPPku1TI7LNOWK2W56-J6ssXiJsL2QCLcBGAsYHQ/s16000/IP%2BGIO%2BLOCATION.PNG?ssl=1
  • https://1.bp.blogspot.com/-75WwKXwlvHo/YYLdziYU-SI/AAAAAAAAPMk/xNnXPPku1TI7LNOWK2W56-J6ssXiJsL2QCLcBGAsYHQ/s16000/IP+GIO+LOCATION.PNG
55 KB
55 KB
Image
General
Full URL
https://1.bp.blogspot.com/-75WwKXwlvHo/YYLdziYU-SI/AAAAAAAAPMk/xNnXPPku1TI7LNOWK2W56-J6ssXiJsL2QCLcBGAsYHQ/s16000/IP+GIO+LOCATION.PNG
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d15a7f70c3a4b58c2d645665230c0029a2c68fabee5c9d905feafd409be1eb8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 04:43:09 GMT
x-content-type-options
nosniff
age
5294
content-disposition
inline;filename="IP GIO LOCATION.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56176
x-xss-protection
0
server
fife
etag
"v3cca"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 Nov 2021 20:31:48 GMT

Redirect headers

x-nc
EXPIRED lhr 2
date
Wed, 01 Dec 2021 06:11:23 GMT
server
nginx
location
https://1.bp.blogspot.com/-75WwKXwlvHo/YYLdziYU-SI/AAAAAAAAPMk/xNnXPPku1TI7LNOWK2W56-J6ssXiJsL2QCLcBGAsYHQ/s16000/IP+GIO+LOCATION.PNG
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
Linux-VPS.jpg
1.bp.blogspot.com/-AnCQsfd5xB4/XR-rjbPavnI/AAAAAAAACtM/Zc-fYuH31JMNsEUd17_mKlN03V8KrcwSgCLcBGAs/s1600/
Redirect Chain
  • https://i1.wp.com/1.bp.blogspot.com/-AnCQsfd5xB4/XR-rjbPavnI/AAAAAAAACtM/Zc-fYuH31JMNsEUd17_mKlN03V8KrcwSgCLcBGAs/s1600/Linux-VPS.jpg?ssl=1
  • https://1.bp.blogspot.com/-AnCQsfd5xB4/XR-rjbPavnI/AAAAAAAACtM/Zc-fYuH31JMNsEUd17_mKlN03V8KrcwSgCLcBGAs/s1600/Linux-VPS.jpg
33 KB
33 KB
Image
General
Full URL
https://1.bp.blogspot.com/-AnCQsfd5xB4/XR-rjbPavnI/AAAAAAAACtM/Zc-fYuH31JMNsEUd17_mKlN03V8KrcwSgCLcBGAs/s1600/Linux-VPS.jpg
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
01b4fa8690c4fd43863c67fdef5dfd1d1ad1b7f555e14e00f9227d34ade1edc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 04:43:12 GMT
x-content-type-options
nosniff
age
5291
content-disposition
inline;filename="Linux-VPS.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33726
x-xss-protection
0
server
fife
etag
"vad4"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 Nov 2021 16:12:17 GMT

Redirect headers

x-nc
EXPIRED lhr 2
date
Wed, 01 Dec 2021 06:11:23 GMT
server
nginx
location
https://1.bp.blogspot.com/-AnCQsfd5xB4/XR-rjbPavnI/AAAAAAAACtM/Zc-fYuH31JMNsEUd17_mKlN03V8KrcwSgCLcBGAs/s1600/Linux-VPS.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
active+directory+penetration+Testing.jpg
1.bp.blogspot.com/-tqtVXm6JNJQ/XTyRNuRRR9I/AAAAAAAADSo/qVet8cnwiNUC7y5udVsd6RGtv9wM7Ut6ACLcBGAs/s1600/
Redirect Chain
  • https://i2.wp.com/1.bp.blogspot.com/-tqtVXm6JNJQ/XTyRNuRRR9I/AAAAAAAADSo/qVet8cnwiNUC7y5udVsd6RGtv9wM7Ut6ACLcBGAs/s1600/active%2Bdirectory%2Bpenetration%2BTesting.jpg?ssl=1
  • https://1.bp.blogspot.com/-tqtVXm6JNJQ/XTyRNuRRR9I/AAAAAAAADSo/qVet8cnwiNUC7y5udVsd6RGtv9wM7Ut6ACLcBGAs/s1600/active+directory+penetration+Testing.jpg
35 KB
35 KB
Image
General
Full URL
https://1.bp.blogspot.com/-tqtVXm6JNJQ/XTyRNuRRR9I/AAAAAAAADSo/qVet8cnwiNUC7y5udVsd6RGtv9wM7Ut6ACLcBGAs/s1600/active+directory+penetration+Testing.jpg
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fda05fade14390001567b6c6ce310785f0ab2d89124399555191c89f3de5fc08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 04:43:15 GMT
x-content-type-options
nosniff
age
5288
content-disposition
inline;filename="active directory penetration Testing.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36114
x-xss-protection
0
server
fife
etag
"vd2b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Nov 2021 07:26:53 GMT

Redirect headers

x-nc
EXPIRED lhr 7
date
Wed, 01 Dec 2021 06:11:23 GMT
server
nginx
location
https://1.bp.blogspot.com/-tqtVXm6JNJQ/XTyRNuRRR9I/AAAAAAAADSo/qVet8cnwiNUC7y5udVsd6RGtv9wM7Ut6ACLcBGAs/s1600/active+directory+penetration+Testing.jpg
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
Apache+0-Days+Bug.png
1.bp.blogspot.com/-r5_7z5UdCjQ/YV7nO1S0_fI/AAAAAAAAO_s/Q2ztigMSx9sDDX5gdw_thRVl37vbJU-vACLcBGAsYHQ/s16000/
Redirect Chain
  • https://i0.wp.com/1.bp.blogspot.com/-r5_7z5UdCjQ/YV7nO1S0_fI/AAAAAAAAO_s/Q2ztigMSx9sDDX5gdw_thRVl37vbJU-vACLcBGAsYHQ/s16000/Apache%2B0-Days%2BBug.png?ssl=1
  • https://1.bp.blogspot.com/-r5_7z5UdCjQ/YV7nO1S0_fI/AAAAAAAAO_s/Q2ztigMSx9sDDX5gdw_thRVl37vbJU-vACLcBGAsYHQ/s16000/Apache+0-Days+Bug.png
35 KB
35 KB
Image
General
Full URL
https://1.bp.blogspot.com/-r5_7z5UdCjQ/YV7nO1S0_fI/AAAAAAAAO_s/Q2ztigMSx9sDDX5gdw_thRVl37vbJU-vACLcBGAsYHQ/s16000/Apache+0-Days+Bug.png
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
35bb77e9152a2c99004f1fff7b7499042aa90a82b1d30413f7996feca7ffed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 04:43:19 GMT
x-content-type-options
nosniff
age
5284
content-disposition
inline;filename="Apache 0-Days Bug.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36136
x-xss-protection
0
server
fife
etag
"v3bfc"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 Nov 2021 16:03:40 GMT

Redirect headers

x-nc
EXPIRED lhr 5
date
Wed, 01 Dec 2021 06:11:23 GMT
server
nginx
location
https://1.bp.blogspot.com/-r5_7z5UdCjQ/YV7nO1S0_fI/AAAAAAAAO_s/Q2ztigMSx9sDDX5gdw_thRVl37vbJU-vACLcBGAsYHQ/s16000/Apache+0-Days+Bug.png
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
content-length
138
woo.css
gbhackers.com/wp-content/plugins/featured-image-from-url/includes/html/css/
60 B
731 B
Stylesheet
General
Full URL
https://gbhackers.com/wp-content/plugins/featured-image-from-url/includes/html/css/woo.css?ver=4cc0e90e607ad87706fb34633047a82d
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0eca051bf2e51696f3f8ef35337104af0c65042f06ee0b8badf3f8f2b4e8fdc
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
76
age
1004668
cf-polished
origSize=64
cf-ray
6b6a2863cac0374c-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
etag
W/"PSA-aj-mMIhCQsjHN"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ab%2B3fRZ3aXm7aRYL33DdXsaVLzxp0R6u200%2BfJcha6Bq6pXl3IGaVH3aaHjPZOQ%2FjAMfETLhadZs6uYYC7y4KvX1DrEvJjAOmD36SgD3BMM9Kde65%2BPBQ4jc2CtJk03y714vZWV02rfeicmR"}],"group":"cf-nel","max_age":604800}
x-varnish
494109
vary
Accept-Encoding
cache-control
public, max-age=2591725
content-type
text/css
expires
Sat, 04 Dec 2021 11:06:25 GMT
photon.min.js
gbhackers.com/wp-content/plugins/jetpack/_inc/build/photon/
685 B
993 B
Script
General
Full URL
https://gbhackers.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
758
age
705030
cf-ray
6b6a2863cac1374c-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"PSA-aj-JGJqxEU79F"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4IFc0Bh%2B1UcyUXEcDlBXoRLVdaEqgzv2sS6qybZJrVlcUFzM7rYyACKsxQbD99%2BnBw1BFdxsmN0%2Bkn2dkG009W6kh%2FPal2%2F8iPBykjscal7jNSPP9%2F1xMjSdlzHHCqVwsiGGPtGOUfAEf1s"}],"group":"cf-nel","max_age":604800}
x-varnish
19008324
vary
Accept-Encoding
cache-control
public, max-age=2591676
content-type
application/javascript
expires
Sat, 04 Dec 2021 11:06:26 GMT
tagdiv_theme.min.js
gbhackers.com/wp-content/themes/Newspaper/js/
200 KB
48 KB
Script
General
Full URL
https://gbhackers.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=8.5.1
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8209efc7da6a179bd91dee606ada248b8439c4a409ccbf09d239995cbbba55
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
205617
age
587595
cf-ray
6b6a2863cac6374c-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"PSA-aj-iHIXaJ9EqT"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4Fte5vSH8lWNgzB4f4Y4Pu%2F5%2BfiFXOFUq8uufLvF2rtsUS%2BD4bx0Nqki8M8GEpVGUgZsfNVYblkv7%2FXA6ohYD33Nhi3aBADWIRWFGr%2FwwNHxrw915PKRobtummohemvmks79349uTlya0T7"}],"group":"cf-nel","max_age":604800}
x-varnish
50326141
vary
Accept-Encoding
cache-control
public, max-age=2591075
content-type
application/javascript
expires
Sat, 04 Dec 2021 11:06:25 GMT
comment-reply.min.js
gbhackers.com/wp-includes/js/
2 KB
2 KB
Script
General
Full URL
https://gbhackers.com/wp-includes/js/comment-reply.min.js?ver=4cc0e90e607ad87706fb34633047a82d
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
2420
age
1246300
cf-ray
6b6a2863cac8374c-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"PSA-aj-C22YcYY7sT"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCIZD3OUkGAI2tYaGKixrqTbmXVKJDdGPGVDVNPHzw%2FA0gYKghTt1G3GPXPy7y05fqWYvo0tmiWSRlgO2C%2B77GfYcrX%2BmF7zIQ%2FPsjTwiPucDVX77b69pONTJ8mYhW%2BMxFz%2Be5LXCOt7qgtR"}],"group":"cf-nel","max_age":604800}
x-varnish
39937745
vary
Accept-Encoding
cache-control
public, max-age=2591690
content-type
application/javascript
expires
Sat, 04 Dec 2021 11:06:25 GMT
wp-embed.min.js
gbhackers.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://gbhackers.com/wp-includes/js/wp-embed.min.js?ver=4cc0e90e607ad87706fb34633047a82d
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
1434
age
2223658
cf-ray
6b6a2863cac9374c-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"PSA-aj-BBM9N8_Q8I"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CAw5zKhk4UdI1W7I%2BSa5D0BmRl1FpJqui1vQKasphWNjNRtYrnBt4mhJzBqTiSE%2BYbcAFmZALFIBYMcl2gD0iKiTXM6TERIndLY6FJe60k20C6xUa4bRbLdcX3fwA%2BPtKtqEQcBsIZWgc4G"}],"group":"cf-nel","max_age":604800}
x-varnish
22163904
vary
Accept-Encoding
cache-control
public, max-age=2591884
content-type
application/javascript
expires
Sat, 04 Dec 2021 11:06:25 GMT
image.js
gbhackers.com/wp-content/plugins/featured-image-from-url/includes/html/js/
2 KB
1 KB
Script
General
Full URL
https://gbhackers.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?3_0_1&ver=4cc0e90e607ad87706fb34633047a82d
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbca7622295dec97458ab7a27983d05969398fbc96da602c38edb8f83e79374a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
2916
age
1004668
cf-ray
6b6a2863cacb374c-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
etag
W/"PSA-aj-pSApZDLai5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t98GE0A1BDrBSejmMxlpKfKssrkQBb%2BkYrccb57QnH%2BYf7fPdS36iB9OHDFTwdz7wSoJfUmIZzJsk5ShnvIITUqAAkFO%2B5EIcScBFrdEq4nFtioB0vXS0gPrOVsUYeXqzQOIUele6z1tdEHG"}],"group":"cf-nel","max_age":604800}
x-varnish
1673151
vary
Accept-Encoding
cache-control
public, max-age=2591725
content-type
application/javascript
expires
Sat, 04 Dec 2021 11:06:26 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=4cc0e90e607ad87706fb34633047a82d
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b4a8ebd4ce4144242d6bb9d0ebb65a01b2759e67243ed5badc3ac96c6fd396

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1078
etag
W/"2d763adca2b6a93c45e5b76bff1f8c5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6b6a2865cb9c59d1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 04 Dec 2021 06:11:23 GMT
sharing.min.js
gbhackers.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/
8 KB
3 KB
Script
General
Full URL
https://gbhackers.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=8.4.3
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee73983f199df0f0cca9f5306e79bd0a5a624e09b9e805a93957a4167ee87fe0
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:22 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
x-original-content-length
8027
age
1246300
cf-ray
6b6a2863cacd374c-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"PSA-aj-lTL_G96kcx"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgBcHXMgvhh1K75by3x2EyZYju%2BpH32c%2FGpOAghkc%2BbSL1rfUFg7aJNWnlmDsY46BdOueGXL6ZTs2lZf%2FvsVUy9A0iu6wL2ClaylzXh0U0rXrvLpJwhRS%2FePwkQOS2OElfZtrQJdTwo%2F89Ke"}],"group":"cf-nel","max_age":604800}
x-varnish
80652948
vary
Accept-Encoding
cache-control
public, max-age=2591710
content-type
application/javascript
expires
Sat, 04 Dec 2021 11:06:44 GMT
e-202148.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202148.js
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr
date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 21 Nov 2022 00:05:04 GMT
newspaper.woff
gbhackers.com/wp-content/themes/Newspaper/images/icons/
15 KB
15 KB
Font
General
Full URL
https://gbhackers.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?14
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/wp-content/themes/Newspaper/style.css?ver=8.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc7375f568ea439c4f544ac6488b963a8d57d6cd65b0a8a551230d330e55483f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbhackers.com/wp-content/themes/Newspaper/style.css?ver=8.5.1
Origin
https://gbhackers.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b6a2863eb02374c-MXP
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 16 Dec 2017 02:49:51 GMT
server
cloudflare
etag
W/"1a035e-3b50-5606c2bcad1c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JamB75GFVsOkSfIfXru92LD2wQo1XeGoAqlvaqMPFSwPRKmEdgmUD32b4J7g06Cx6Tjx2dk%2B5X%2FeWilptYa7DpzQgvzg7pgNTV02bax5yqt9feyf5I8Au%2FfSmyhmA%2BaZQf4%2BpLmbEwqY1QoC"}],"group":"cf-nel","max_age":604800}
x-varnish
90896268
cache-control
max-age=31536000, s-maxage=10
content-type
application/x-font-woff
expires
Thu, 01 Dec 2022 06:11:18 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CDroid+Sans%3A400&ver=8.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gbhackers.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 15:57:38 GMT
x-content-type-options
nosniff
age
569624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 15:57:38 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CDroid+Sans%3A400&ver=8.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gbhackers.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 11:03:59 GMT
x-content-type-options
nosniff
age
68843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47836
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 11:03:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CDroid+Sans%3A400&ver=8.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gbhackers.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 15:45:42 GMT
x-content-type-options
nosniff
age
570340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 15:45:42 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CDroid+Sans%3A400&ver=8.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gbhackers.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 20:39:33 GMT
x-content-type-options
nosniff
age
552709
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 20:39:33 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CDroid+Sans%3A400&ver=8.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gbhackers.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:07:55 GMT
x-content-type-options
nosniff
age
36207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 20:07:55 GMT
KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CDroid+Sans%3A400&ver=8.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gbhackers.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 16:15:26 GMT
x-content-type-options
nosniff
age
568556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17380
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 16:15:26 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb55864b528fb5460ccf4acb8ff4498ec0a588cb262170df0ddc9caf32f0d76e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/webp
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CDroid+Sans%3A400&ver=8.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gbhackers.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 05:33:18 GMT
x-content-type-options
nosniff
age
2284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 05:33:18 GMT
pubads_impl_2021111701.js
securepubads.g.doubleclick.net/gpt/
345 KB
116 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118578
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 09:34:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Dec 2021 06:11:23 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
115 B
734 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gbhackers.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
29fd2e371015ecef7d658113f5b5ee813697d987c191a5c85175d53829597df8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
expires
Wed, 01 Dec 2021 06:11:23 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/
270 KB
97 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
281c25f3fe5545da9fa16e59731d8e42c0a9781ff6530cee844c28b9541899e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99574
x-xss-protection
0
server
cafe
etag
9310351773156562038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Dec 2021 06:11:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 4826
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 30 Nov 2021 09:43:00 GMT
expires
Tue, 14 Dec 2021 09:43:00 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
73703
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-88811382-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4216
date
Wed, 01 Dec 2021 05:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 01 Dec 2021 07:01:07 GMT
truncated
/
18 KB
18 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94b293e2c7affa223f0e3a5cfd950030c8aacee84bc93ec5f0d35c7f4e91381b

Request headers

Referer
Origin
https://gbhackers.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
/
jetpack.wordpress.com/jetpack-comment/ Frame 8FA8
26 KB
8 KB
Document
General
Full URL
https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=51914&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=84dc9d8a10bd810cfee4280cc2408c06cd72313a
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3cb429ebd76f8a1ca60d6441bc8039e37dd4a95dd93421b95f6da813a5c4bbf7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/

Response headers

server
nginx
date
Wed, 01 Dec 2021 06:11:23 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header
WordPress.com
content-encoding
br
x-ac
4.lhr _dfw
strict-transport-security
max-age=15552000
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CDroid+Sans%3A400&ver=8.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gbhackers.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 23:30:09 GMT
x-content-type-options
nosniff
age
24074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21232
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 01:56:42 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 23:30:09 GMT
cookie.js
partner.googleadservices.com/gampad/
203 B
409 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=gbhackers.com&callback=_gfp_s_&client=ca-pub-8834194653550774
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
42096ba8fa8b88ed36455a0596352543c8de4a1efdbdd4dfd1329174ce46b420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=gbhackers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gbhackers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4A18
71 KB
25 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&h=600&slotname=3739790355&adk=435275958&adf=3749288796&pi=t.ma~as.3739790355&w=160&lmt=1638339082&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082474&bpp=12&bdt=496&idt=286&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1440&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1gTakauBAp&p=https%3A//gbhackers.com&dtd=303
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba309554a97b71098922adef80fd387bb25677a121fcae5a77f2137e11b4267c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Dec 2021 06:11:23 GMT
server
cafe
content-length
25622
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 06:11:23 GMT
cache-control
private
count.json
api.pinterest.com/v1/urls/
134 B
447 B
Script
General
Full URL
https://api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&_=1638339082270
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f34304a06bbb195d6a018e016c6f2c0ad473b229c53c6eba9bdce8f3b857dd4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.926656b8.1638339083.1c44d55
content-type
application/javascript
access-control-allow-origin
*
pinterest-generated-by
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
x-pinterest-rid
1130126838095849
content-length
134
expires
Wed, 01 Dec 2021 06:26:23 GMT
/
graph.facebook.com/
244 B
657 B
Script
General
Full URL
https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&_=1638339082271
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f05b:12:face:b00c:0:2 Zurich, Switzerland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
617c299d3680545fad1f40699a3a4f5a5a810e5630aa8cc66f50981948c288f5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004786267
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
181
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
5gOQU3yr/mZ8pnUvpD/T3YatjXEd77si3iyL30cyk6DphCGDEYWm6cYKJuRqIlXqC+wVcTE+nDYXAoWyZVBBlQ==
x-fb-trace-id
GRPjZ3vC1AY
date
Wed, 01 Dec 2021 06:11:23 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
Avckwht5Ll2Kvsth4sujr70
cache-control
no-store
facebook-api-version
v5.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
g.gif
pixel.wp.com/
50 B
75 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.13669806044251676
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Dec 2021 06:11:23 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/
50 B
93 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.3622315294757248
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Dec 2021 06:11:23 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
ads
googleads.g.doubleclick.net/pagead/ Frame 96CD
93 KB
32 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f8c8ffafa213299b94ac536189e5ab76d2904bb82639bf4867adf3d321b4d5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Dec 2021 06:11:24 GMT
server
cafe
content-length
32280
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 06:11:24 GMT
cache-control
private
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
283 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=4cc0e90e607ad87706fb34633047a82d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
761
etag
W/"bac537a7eba0b66473f70a7a4bf837c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6b6a2867f9915a19-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 04 Dec 2021 06:11:23 GMT
g.gif
pixel.wp.com/
50 B
75 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A8.4.3&blog=116523949&post=51914&tz=0&srv=gbhackers.com&host=gbhackers.com&ref=&fcp=1079&rand=0.7929213306616363
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Dec 2021 06:11:23 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
ads
googleads.g.doubleclick.net/pagead/ Frame AACD
83 KB
29 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ed9acef6938ea61c5026e46dde6540d487a09d2acb66736eaa206676e97b593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Dec 2021 06:11:23 GMT
server
cafe
content-length
30111
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 06:11:23 GMT
cache-control
private
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2096445819&t=pageview&_s=1&dl=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&ul=en-us&de=UTF-8&dt=North%20Korean%20Hackers%20Group%20Posed%20as%20Samsung%20Recruiters%20To%20Target%20Security%20Firms&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=2138714901&gjid=1496666437&cid=602372650.1638339083&tid=UA-88811382-1&_gid=214344560.1638339083&_r=1&gtm=2ouba1&z=1990381339
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gbhackers.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 06:11:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gbhackers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 46CB
72 KB
28 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
658d99e6daaa5ce158681906dbc5966647cce9434984e5c6db7ebf5537d8cf43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Dec 2021 06:11:23 GMT
server
cafe
content-length
28584
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 06:11:23 GMT
cache-control
private
collect
stats.g.doubleclick.net/j/
1 B
437 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-88811382-1&cid=602372650.1638339083&jid=2138714901&gjid=1496666437&_gid=214344560.1638339083&_u=YAhAAUAAAAAAAC~&z=1604029939
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gbhackers.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 01 Dec 2021 06:11:23 GMT
content-type
text/plain
access-control-allow-origin
https://gbhackers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/a7a25758-844a-4255-9c2f-95ddba8ff4a4/
3 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/a7a25758-844a-4255-9c2f-95ddba8ff4a4/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac350ae1e1a4096efcd5bcaa247cf416b0981141475e5d345eb8a136c6d2e81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1073
cf-polished
origSize=3100
status
200 OK
x-envoy-upstream-service-time
22
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
4dcb05fc-cacc-4557-8bbc-a6ede91c27c9
x-runtime
0.020612
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1af2909e424264aa67f17a5214941322"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6b6a2869597759d1-MXP
access-control-allow-headers
SDK-Version
expires
Wed, 01 Dec 2021 07:11:23 GMT
css
fonts.googleapis.com/ Frame 4A18
2 KB
532 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&h=600&slotname=3739790355&adk=435275958&adf=3749288796&pi=t.ma~as.3739790355&w=160&lmt=1638339082&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082474&bpp=12&bdt=496&idt=286&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1440&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1gTakauBAp&p=https%3A//gbhackers.com&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 05:51:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 06:11:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Dec 2021 06:11:23 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4A18
1 KB
960 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&h=600&slotname=3739790355&adk=435275958&adf=3749288796&pi=t.ma~as.3739790355&w=160&lmt=1638339082&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082474&bpp=12&bdt=496&idt=286&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1440&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1gTakauBAp&p=https%3A//gbhackers.com&dtd=303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 05:58:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
789
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 05:58:14 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 4A18
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&h=600&slotname=3739790355&adk=435275958&adf=3749288796&pi=t.ma~as.3739790355&w=160&lmt=1638339082&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082474&bpp=12&bdt=496&idt=286&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1440&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1gTakauBAp&p=https%3A//gbhackers.com&dtd=303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 06:04:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4A18
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&h=600&slotname=3739790355&adk=435275958&adf=3749288796&pi=t.ma~as.3739790355&w=160&lmt=1638339082&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082474&bpp=12&bdt=496&idt=286&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1440&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1gTakauBAp&p=https%3A//gbhackers.com&dtd=303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 06:04:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A18
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&h=600&slotname=3739790355&adk=435275958&adf=3749288796&pi=t.ma~as.3739790355&w=160&lmt=1638339082&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082474&bpp=12&bdt=496&idt=286&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1440&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1gTakauBAp&p=https%3A//gbhackers.com&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Dec 2021 06:11:23 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4A18
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&h=600&slotname=3739790355&adk=435275958&adf=3749288796&pi=t.ma~as.3739790355&w=160&lmt=1638339082&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082474&bpp=12&bdt=496&idt=286&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1440&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1gTakauBAp&p=https%3A//gbhackers.com&dtd=303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 06:04:29 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame 4A18
27 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&h=600&slotname=3739790355&adk=435275958&adf=3749288796&pi=t.ma~as.3739790355&w=160&lmt=1638339082&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082474&bpp=12&bdt=496&idt=286&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1440&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1gTakauBAp&p=https%3A//gbhackers.com&dtd=303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 16:53:57 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 4A18
23 KB
23 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQireWTrFytRmsefZ_K-Jwvw2Y_745UPL0OQiff2zGLHP_foaDm182MoCuuOA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&h=600&slotname=3739790355&adk=435275958&adf=3749288796&pi=t.ma~as.3739790355&w=160&lmt=1638339082&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082474&bpp=12&bdt=496&idt=286&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1440&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1gTakauBAp&p=https%3A//gbhackers.com&dtd=303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3127d6cb1b1363ae151275163f4717569bb0cdc888fda6adc660a96b3e2a2869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 21 Nov 2021 10:36:35 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23184
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 01 Dec 2022 06:11:23 GMT
11676170405747505892
tpc.googlesyndication.com/simgad/ Frame 4A18
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD3mNe39wEQkAEYkAEyCHRL-Hucl-M4
  • https://tpc.googlesyndication.com/simgad/11676170405747505892
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11676170405747505892
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&h=600&slotname=3739790355&adk=435275958&adf=3749288796&pi=t.ma~as.3739790355&w=160&lmt=1638339082&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082474&bpp=12&bdt=496&idt=286&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1440&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1gTakauBAp&p=https%3A//gbhackers.com&dtd=303
Protocol
H3
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8ab2778b292d70e077fc8c3c84526bbe581dc2a826165d72c7a29bec439ebae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 12:12:49 GMT
x-content-type-options
nosniff
age
583114
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4025
x-xss-protection
0
last-modified
Thu, 22 Apr 2021 20:28:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 12:12:49 GMT

Redirect headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 22:42:19 GMT
x-content-type-options
nosniff
server
cafe
age
26944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/11676170405747505892
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 30 Dec 2021 22:42:19 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
787
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=259200
cf-ray
6b6a2869dc7a5a19-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 04 Dec 2021 06:11:23 GMT
14601147864681486302
tpc.googlesyndication.com/daca_images/simgad/ Frame 46CB
44 KB
44 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14601147864681486302
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc82324bbea391ad47f0f42f308ba46d9a408031f30103d8bd426a04b56fd2f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 07:01:17 GMT
x-content-type-options
nosniff
age
83406
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44826
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 18:12:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Nov 2022 07:01:17 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 46CB
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 06:04:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 46CB
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 06:04:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 46CB
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Dec 2021 06:11:23 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 46CB
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 06:04:29 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 46CB
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 05:55:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
963
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11327
x-xss-protection
0
server
cafe
etag
10656063359522146397
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 05:55:20 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 46CB
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8C9SCxKnYc-yH9mLtweH17iwDY-yke1m8uyJ6aIPue7wyKoBEAEgiqr2QmC7hoCA0AqgAd-Ji4ADyAECqQKbToVMxU2qPqgDAcgDyQSqBIkCT9DoxDTOkVv06buYjjAlX21994lEKfVdG2WzGhwy6mrmVA2uaRhvFiLD4od0o9h2gLljBoxOkeI9upU4sy5eOxJkDGIhyBPy4Kz811E45dEoPLuH_zcj_qvF-yijVhswTfMuIP83oHP5NSUOV6DLhiX8Yl3ZbRFtGr6cNoqLVi355gevnLrEZU0dHBip0EgdTAGWkXcgcz-y6GnUoNl8HP2u0iu19KmDxagAPo8Re0J_kJO9q1r4qTUWLfObfYxf7E73qwlayIn7pw2svxrNJwdi6hL9a-E8EGBn4WA1YVi3_xbsvicS-7zTYeLvT6qy0JUT0OD0oDKBVCW1GxtFFjtVZalz4AkGiMAEzbrd6dkDkgUECAQYAZIFBAgFGASgBgKAB4n29H-oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDm7UTSCAkIgOGAEBABGF-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNTM3Mjc4NjE3NDc2MDIyOBgA&sigh=w2npX-3aCVo&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 01 Dec 2021 06:11:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 01 Dec 2021 06:11:23 GMT
truncated
/ Frame 4A18
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74aaef5ca1d3d2a736e0c880822ff5062a9738403052a9dc81d42e6ce3834ff1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7C72
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 01 Dec 2021 05:58:29 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
774
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 46CB
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff7cd3a3c2a0a776f21221eaf6316fa7e51983c213d3c8ae7a5f186854668d4f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 4A18
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 23:19:29 GMT
x-content-type-options
nosniff
age
24714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 23:19:29 GMT
css
fonts.googleapis.com/ Frame AACD
6 KB
670 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 05:44:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 06:11:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Dec 2021 06:11:24 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame AACD
1 KB
880 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 05:58:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
789
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 05:58:14 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame AACD
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 05:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 05:59:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame AACD
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 06:07:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AACD
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Dec 2021 06:11:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame AACD
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 06:04:29 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame AACD
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 16:53:57 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AACD
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CiFIUCxKnYd-KHtjItwfv5qyoC-C9k-Jm6Ye-_cUJzKmR5owqEAEgiqr2QmC7hoCA0AqgAZ-F7NkDyAEJqQLlbdfE3022PqgDAcgDywSqBJsCT9AuNHutA5oJViG19YMoFGk8V02aWrxYMuIuA3lM9pjC1rxyOgkRAFVV5odrL9yIG5aC_EEV0gmPWCNW1eyPQOk_kIQHHMaiEKCzFmrZS-EoeR4zhcu3UG3d4dgRDTiDXEHpqXvWczkaPJkbVGNwJvygCNrAvEH2O0NqTGECRCiGIPH07Qz_NTN6m67SzggbcRpy-KvFXYIPKSAbcuSC2M5O_LrYA13IimY9Pm7zjW1lBabpkpAhAhxL_nBfpOlcD3BAiVGtC0hpTLUzfAAUvAhvkL36gGY93Lb5dmYFqFrYT68xiO5sPNBs29FuJ-NM8jWglUco0InHw4PUfjQEhML1j-YhdYKV6F1BcGPfhEi2UP1dZ8iIjMRze8AE_YTdtIsBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8n6kyaoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBRDboIIB0ggJCIDhgBAQARhfgAoByAsB2BMMiBQI0BUBgBcBshccChoIABIUcHViLTUzNzI3ODYxNzQ3NjAyMjgYAA&sigh=vZlvVEwQ1DU&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 01 Dec 2021 06:11:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
2076313506083323656
tpc.googlesyndication.com/simgad/18392428394884956484/ Frame AACD
35 KB
35 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/18392428394884956484/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03715752c7ceb56d9ec61b7bd4ff53a8e48d5b65ff8bf2dd4e63d37358b2fd50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:04:05 GMT
x-content-type-options
nosniff
age
439
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36192
x-xss-protection
0
last-modified
Mon, 10 Jun 2019 17:14:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 01 Dec 2022 06:04:05 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17631303373125671933/ Frame AACD
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17631303373125671933/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d408f32dfe37afad2d35b51f4050e3d5aa0a53910cad98130bd58ef290a6d18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 07:26:54 GMT
x-content-type-options
nosniff
age
254670
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3209
x-xss-protection
0
last-modified
Mon, 10 Jun 2019 17:04:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 28 Nov 2022 07:26:54 GMT
truncated
/ Frame AACD
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame 4E53
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&h=600&slotname=3739790355&adk=435275958&adf=3749288796&pi=t.ma~as.3739790355&w=160&lmt=1638339082&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082474&bpp=12&bdt=496&idt=286&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1440&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1gTakauBAp&p=https%3A//gbhackers.com&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 18:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
42480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 18:23:24 GMT
/
s0.wp.com/_static/ Frame 8FA8
19 KB
4 KB
Script
General
Full URL
https://s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
Requested by
Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=51914&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=84dc9d8a10bd810cfee4280cc2408c06cd72313a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7551cbecbf078a66df8f9d246d8b11c773247921f5ff0bbe601f0cf67e1e287b

Request headers

Referer
https://jetpack.wordpress.com/
Origin
https://jetpack.wordpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 01 Dec 2021 06:11:24 GMT
content-encoding
br
last-modified
Tue, 23 Nov 2021 21:55:38 GMT
server
nginx
etag
W/"619d635a-4b6b"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
4.lhr _dca
timing-allow-origin
*
expires
Wed, 23 Nov 2022 21:55:42 GMT
style.css
s0.wp.com/wp-content/mu-plugins/highlander-comments/ Frame 8FA8
17 KB
3 KB
Stylesheet
General
Full URL
https://s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1638269982h&cssminify=yes
Requested by
Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=51914&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=84dc9d8a10bd810cfee4280cc2408c06cd72313a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
6c61b46b38d55f643bc67f65dbf50a8620c6f7d5456ddcd45a2f5299f4f81c4a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://jetpack.wordpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 01 Dec 2021 06:11:24 GMT
content-encoding
br
server
nginx
etag
W/"61a60426-5374"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
4.lhr _dca
timing-allow-origin
*
expires
Wed, 30 Nov 2022 10:59:55 GMT
ad516503a11cd5ca435acc9bb6523536
1.gravatar.com/avatar/ Frame 8FA8
556 B
785 B
Image
General
Full URL
https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25
Requested by
Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=51914&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=84dc9d8a10bd810cfee4280cc2408c06cd72313a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ae82e42491a7de3c5d3df779e9600e5191708025e8c46102ccfa7026df735d64

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://jetpack.wordpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT mxp 2
date
Wed, 01 Dec 2021 06:11:24 GMT
last-modified
Sat, 01 Mar 2008 02:44:06 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="ad516503a11cd5ca435acc9bb6523536.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25>; rel="canonical"
content-length
556
expires
Wed, 01 Dec 2021 06:16:24 GMT
/
s0.wp.com/_static/ Frame 8FA8
154 KB
49 KB
Script
General
Full URL
https://s0.wp.com/_static/??-eJx9jMEKwjAQRH/INFihtAfxW0K6pBuym5jdIPr15uCh0CIMzOG9GfsqBtmntoLY2PNsUN+/Ggh5iHKx/yRDGKpT2Ms+swLr8dA1zRUEP3CilixKIOLCgVIzJbWALHbDsCXHK9ROiToVK75i0T560P063eZxWpZ5jF9ZN1Jy
Requested by
Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=51914&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=84dc9d8a10bd810cfee4280cc2408c06cd72313a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
4409f3a020ad3130888f2e64c84db6dad4b2cd2f4909e86a9fd7c432f97b6622

Request headers

Referer
https://jetpack.wordpress.com/
Origin
https://jetpack.wordpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 01 Dec 2021 06:11:24 GMT
content-encoding
br
last-modified
Tue, 30 Nov 2021 10:59:50 GMT
server
nginx
etag
W/"61a60426-267c6"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
4.lhr _dca
timing-allow-origin
*
expires
Wed, 30 Nov 2022 10:59:55 GMT
/
s0.wp.com/_static/ Frame 8FA8
21 KB
6 KB
Script
General
Full URL
https://s0.wp.com/_static/??/wp-content/mu-plugins/likes/queuehandler.js,/wp-content/mu-plugins/admin-bar/masterbar-tracks.js,/wp-includes/js/wp-embed.min.js?m=1638292964j
Requested by
Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=51914&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=84dc9d8a10bd810cfee4280cc2408c06cd72313a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
276bf60b5954a38ca8d707ab87d0b18aafa11f64bc3e136e9162dd52e6c99b7e

Request headers

Referer
https://jetpack.wordpress.com/
Origin
https://jetpack.wordpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 01 Dec 2021 06:11:24 GMT
content-encoding
br
last-modified
Tue, 30 Nov 2021 17:22:52 GMT
server
nginx
etag
W/"61a65dec-5403"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
4.lhr _dca
timing-allow-origin
*
expires
Wed, 30 Nov 2022 17:22:57 GMT
wp-emoji-release.min.js
s0.wp.com/wp-includes/js/ Frame 8FA8
18 KB
5 KB
Script
General
Full URL
https://s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1625065786h&ver=5.8.2
Requested by
Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=51914&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=84dc9d8a10bd810cfee4280cc2408c06cd72313a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://jetpack.wordpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 01 Dec 2021 06:11:24 GMT
content-encoding
br
server
nginx
etag
W/"60dc8943-4705"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
4.lhr _dca
timing-allow-origin
*
expires
Fri, 11 Nov 2022 12:30:25 GMT
truncated
/ Frame AACD
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
120955dfd2c5f11862f18ad1a36093f3c535633f8c6a54e4211060823a86057f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AACD
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 15:45:42 GMT
x-content-type-options
nosniff
age
570342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 15:45:42 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AACD
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:07:55 GMT
x-content-type-options
nosniff
age
36209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 20:07:55 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AACD
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 11:22:37 GMT
x-content-type-options
nosniff
age
586127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 11:22:37 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7C72
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 06:11:24 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 06:11:24 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 06:11:24 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame 88F7
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=2715683798&adk=1070894360&adf=2924605377&pi=t.ma~as.2715683798&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082589&bpp=12&bdt=610&idt=342&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C300x250&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oG0JbCl0OQ&p=https%3A//gbhackers.com&dtd=344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 18:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
42480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 18:23:24 GMT
548bdb63b969e5c27f75e62faf543d70.js
www.gstatic.com/mysidia/ Frame 96CD
7 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/548bdb63b969e5c27f75e62faf543d70.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 21:03:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3286
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 21:03:01 GMT
1fbe479ac890063fc5be4921f3467642.js
www.gstatic.com/mysidia/ Frame 96CD
8 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/1fbe479ac890063fc5be4921f3467642.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bbd26c49f5ae124707da73ee22462fbc47ca1d38e85825771170e4b1c850af7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 21:03:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3713
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 21:03:02 GMT
css
fonts.googleapis.com/ Frame 96CD
3 KB
579 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 05:46:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 06:11:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Dec 2021 06:11:24 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 96CD
1 KB
880 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 05:58:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 05:58:14 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 96CD
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 05:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 05:59:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 96CD
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 06:07:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 96CD
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Dec 2021 06:11:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 96CD
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 06:04:29 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame 96CD
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 16:53:57 GMT
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame B52D
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=250&slotname=1238950596&adk=2804035198&adf=3273481421&pi=t.ma~as.1238950596&w=300&lmt=1638339082&psa=0&format=300x250&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082547&bpp=5&bdt=568&idt=363&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1Ei3B2NXK2&p=https%3A//gbhackers.com&dtd=367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 18:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
42480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 18:23:24 GMT
/
public-api.wordpress.com/connect/ Frame D033
2 KB
1 KB
Document
General
Full URL
https://public-api.wordpress.com/connect/?googleplus-sign-in=https%3A%2F%2Fjetpack.wordpress.com&color_scheme=light
Requested by
Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=116523949&postid=51914&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=8.4.3&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=84dc9d8a10bd810cfee4280cc2408c06cd72313a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6574c03ef34c869d4a560674a171cfdeceb77589d59b7d073a95eebdb733a827
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://jetpack.wordpress.com/

Response headers

server
nginx
date
Wed, 01 Dec 2021 06:11:24 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header
WordPress.com
content-encoding
br
x-ac
2.lhr _dfw
strict-transport-security
max-age=15552000
adview
googleads.g.doubleclick.net/pagead/ Frame 96CD
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvbhlCxKnYampHM_Ttge0kYPoCNzZqc1m0aGr2ZMPwI23ARABIIqq9kJgu4aAgNAKoAH1l8X5AsgBAagDAcgDwwSqBIMCT9BAwDO0-NVWqGE2EPG0dYBc6xH4V0_joEj8z8vVwhEV_rGwwYBNwRXySvlGJTuUoxTSAX-o_4R-grYh0kMvJMcJOmaRrm3bUWujmqAmKxLVEAEm5eh-cXhm6p4PpQCqOblFDApkMYH4xfbDXaxt6aRdgcQsqgxQODBmG6fmE1l7XlyLSOUyF4duKbJtyC_4v24Tvbdf_QVUZEQU6RZmZtYzfkHQ4rHQrvcFEWZ6i4Fbf2D6ikiVwVG82vl0Hx5LY26HXhR-EEOPmW7zLMkAFoRfaX-n7YBOIRFJ8QdLah28z2uuGIkR-IYlsg6yXZJwVCjUzawlr-wuGKEtBlb6axL7JcAEgIqy2-0DkgUECAQYAZIFBAgFGASgBlGAB_PnuoYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQi8OnAdIICQiA4YAQEAEYX4AKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MzcyNzg2MTc0NzYwMjI4GAA&sigh=lTr3A8q_UNQ&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 01 Dec 2021 06:11:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 06FD
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 01 Dec 2021 05:58:29 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
button-back.gif
s0.wp.com/wp-content/mu-plugins/highlander-comments/images/ Frame 8FA8
1 KB
1 KB
Image
General
Full URL
https://s0.wp.com/wp-content/mu-plugins/highlander-comments/images/button-back.gif
Requested by
Host: s0.wp.com
URL: https://s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1638269982h&cssminify=yes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0dab369eac5fd3a06420395d02d292bc3e3ab0bf62add857c72804fd9f4edd35

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1638269982h&cssminify=yes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 01 Dec 2021 06:11:24 GMT
x-ac
4.lhr _dca
last-modified
Wed, 28 Nov 2018 18:49:03 GMT
server
nginx
etag
"5bfee31f-4d0"
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
1232
expires
Thu, 10 Nov 2022 15:08:11 GMT
truncated
/ Frame 96CD
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
418a27afa92313e46e79491a3a12fda13309a3255ede7515e459394b4774712d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 96CD
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 10:56:24 GMT
x-content-type-options
nosniff
age
69300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 10:56:24 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 96CD
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:07:29 GMT
x-content-type-options
nosniff
age
36235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 20:07:29 GMT
googleplus-sign-in.js
s0.wp.com/wp-content/js/ Frame D033
11 KB
4 KB
Script
General
Full URL
https://s0.wp.com/wp-content/js/googleplus-sign-in.js?m=1551752381h
Requested by
Host: public-api.wordpress.com
URL: https://public-api.wordpress.com/connect/?googleplus-sign-in=https%3A%2F%2Fjetpack.wordpress.com&color_scheme=light
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
83f49a60c7b81bab4b8b2ffd154c069fdde45e0ec303ce85ede59495844f919a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://public-api.wordpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 01 Dec 2021 06:11:24 GMT
content-encoding
br
server
nginx
etag
W/"5c7ddce7-4290"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
4.lhr _dca
timing-allow-origin
*
expires
Thu, 10 Nov 2022 15:08:10 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 06FD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 06:11:24 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Dec 2021 06:11:24 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 06:11:24 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.co.uk/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=gbhackers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 06:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gbhackers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 06:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A9EE
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8834194653550774&output=html&adk=1812271804&adf=3025194257&lmt=1638339084&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339084209&bpp=1&bdt=2230&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dca98c6367590ee8b-226d32ee1bcc0009%3AT%3D1638339083%3ART%3D1638339083%3AS%3DALNI_MaywBYGuMCC0W1vAFnZTPUw0SctxA&prev_fmts=696x280%2C300x250%2C300x250&prev_slotnames=3739790355&nras=1&correlator=6840651229629&frm=20&pv=1&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&psts=AGkb-H_7inL_NN3XlQHICnJPoQ7qBDhcKKIcdTHG1Mtgv_KlgiaIYC5hBMXj4shZ34AFN3t7849t1fN3cEoO&pvsid=1041919069958849&pem=981&tmod=491487009&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 01 Dec 2021 06:11:24 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/
12 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc124cfb312a275c7306f089f94c16d2011077c58fa8dabe3771029891e854eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 06:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9248
x-xss-protection
0
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame F5B8
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&h=280&slotname=8042110665&adk=125729336&adf=2819533872&pi=t.ma~as.8042110665&w=696&fwrn=4&fwrnh=100&lmt=1638339082&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638339082522&bpp=25&bdt=543&idt=359&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3739790355&correlator=6840651229629&frm=20&pv=2&ga_vid=602372650.1638339083&ga_sid=1638339083&ga_hid=2096445819&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31063824%2C31062931&oid=2&pvsid=1041919069958849&pem=981&tmod=491487009&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=samPUIVzUo&p=https%3A//gbhackers.com&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 18:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
42480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 18:23:24 GMT
mod_pagespeed_beacon
gbhackers.com/
0
590 B
XHR
General
Full URL
https://gbhackers.com/mod_pagespeed_beacon?url=https%3A%2F%2Fgbhackers.com%2Fnorth-korean-hackers-group-posed-as-samsung-recruiters%2F
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gbhackers.com/north-korean-hackers-group-posed-as-samsung-recruiters/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 01 Dec 2021 06:11:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
x-varnish
3474792
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUO2so5LUyM9YAFRJramAmNWHq8hUaOWAlP9aDGbwrcjUSUrWD2IPF8ZXTkHzf9SMa0LSdMPNm%2BWswIQXhVghMZKLVu1NAG0wJHpn2OhC9cR6Jj2fQmuLoBopBsOv8%2Bc5SXaRpXJUPWZmvdh"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, max-age=7776000
cf-ray
6b6a2870085b374c-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 01 Mar 2022 06:11:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8834194653550774&plah=gbhackers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 06:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 01 Dec 2021 06:11:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D8A9
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 30 Nov 2021 20:36:20 GMT
expires
Wed, 30 Nov 2022 20:36:20 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
34505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1808
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1e3cea02afaeff4ccb2cb8ed167c1e21077b4c85b6feb154d5e84518fb90801
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RrvD2/RPo//yLBIvCcIbPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 01 Dec 2021 06:11:25 GMT
date
Wed, 01 Dec 2021 06:11:25 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-RrvD2/RPo//yLBIvCcIbPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 4A18
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstL4KBUaUqUVD-9UaDo7VVjPe6nZBM7hpP51JqtnGd1Y5nWSUUA9Kn-cOgPA4OjUpq_5z3_V4_J24GWakxowBenW4wEyZwNielVGYkVe3P9wLw_PKC2wA&sai=AMfl-YRSStkCb9gzpThROGfVSdvQysxNj-63W8AWXg6cA6tbDwPabD4_PFgS81ZSCAaEydqhCZledFOvfLud&sig=Cg0ArKJSzFSBJ-6rFQRrEAE&id=lidar2&mcvt=1011&p=0,0,600,160&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=435275958&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638339082779&rpt=709&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 06:11:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1808
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=1041919069958849&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame D8A9
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 18:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
42481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 18:23:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=1041919069958849&bg=!urmluf3NAAZQLpa_UC47ACkAdvg8WoXjzMyS8Q8GLIgVufFBgkO4wbL6jNlQ98ymqh8X32qWLPc8VAIAAACaUgAAAApoAQcKAMw3FZOjeB6nxM6S2vWeJwv1qsWZwAmThkF38nSwwBcHlRm7LdXpI1KsnLGTaH1MQFnOx-jfhkUmH7_QpIHvGq4kB3KeXSIS065VYOp1qnmLpGmlZkcA67b-5e-PfctUQOX8Hv47lBDODq_q0CX6TfeIspW7R6DBvS9fBkG9HHvD4ktTkgSAwuVI3u_-BonRjv4t9emKa27CchhpLWRmMDpvedZBJ8Zo52Nip-8QCqxOXCwzznZojm_9oRO-ZTmn7j7p1EhNVjdo0mNT5YiZAoc-mwWT6mDspoYR68ZGJYMUq3KvafDZAQzQ3zSzzFslNuY-_qhXKSySYou8xmVxFFbaAG3_eacpCGq6fMhvYkHzMfAi7X_PkkGaVP3Ic-IPBhJRIxIvgaUu_O9OZU13aASBrYxcqXY_LQebkJuYWHx0B88kgTIZLZS7ocLo6Imj755_7dJcilczzkyfd8JWrUvP4FFny5_YvR6Br39pcKmxu4WBL5fUgH0FxatIqFTsSuT5OuHD8_ROk0C_-NJvvRhuRaxl1WcrqLgs19vJXGeZ-aOMx4U2w65wCiCg-ZW-3Nfn04jN509JQoZo4VyiBFTtGpE6u6sNUrgNi58x_XWLZJLKQesPPkdDAmAZWXhPMjveVLnkHAchasNhGI26MJjE2pjZOAvgVMiypo5OHnEfFw2YUErwHGtMYrh8z7Lqj51nS-0aWh3gTgsyr0W2GJ15sOk8OcbRwGUqizZuKPRsI3bZkvRJvTZAAc5TLwMQP8dXHhOUe3_9v9DQbs51HBJdPTBzebhZLLJikrbJcodoYon05ByL8YKG10AJy7PAei4QNDnoo1igqUWirAbFXf4RUb6kQuoL3MdvOZpzs68n3oY8L0dcfln-0igfE7JVDNppEj6RbRbQRrStRjSWH9IA7HDmd74uH4D76uIpbjB4CtY8QLywg8CNfMsjkBCKMTONj-fnGsQGAg0akA7Bnn8iCOk2e-ubQJEEcZPb-GkBsEjhaPlBCXY9PJ5BeMa-w5NqB46qwVNgGXcNkYE9kD8CqYs1afQYC_w8t4CfYlHnHIGH_lsdQF73Ke05i8qdavIG53Qv-mTZ8fQAl7zrC79GV9Ld-D5PnzkU85Fmc-fTKTsSjUEC1g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gbhackers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 06:11:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 96CD
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXHsKcrxQM9ihDLZs0H2ize_UVvkRdCi1QLTcdD_GBHDdOwwCYJahOgmP-SLmfUruOwVENRFPyYH7pcddYTDr6F2HVhf_jNXiWz2-Xwepxr2-ZlgDzPA&sai=AMfl-YSetjDj9CX6m7PVUb0MBpg-PMkB3kMPuxRJfAz-j9ebsf4BVupxxVGvKixl2myZQ0CSLoqZv_FqmKG3&sig=Cg0ArKJSzGuVeKnxeyjOEAE&id=lidar2&mcvt=1000&p=0,0,280,696&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=125729336&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638339082887&rpt=1320&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 06:11:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

298 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _wpemojiSettings undefined| $ function| jQuery object| es_data object| jQuery112406711184935890739 object| tdwGlobal function| documentInitOneSignal function| OneSignal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| gtag object| dataLayer object| googletag object| pagespeed object| adsbygoogle object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor boolean| google_apltlad object| google_sv_map object| google_tag_manager number| tmod boolean| _gfp_a_ function| google_spfd number| google_lpabyc string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga object| twemoji object| wp object| block_td_uid_4_61a7120a4fa89 object| block_td_uid_11_61a7120a54321 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| WPCOM_sharing_counts object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl function| tdModalImage object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n function| $f object| addComment object| fifuImageVars function| resizeImg function| disableClick function| disableLink object| sharing_js_options object| WPCOMSharing undefined| windowOpen object| _stq function| st_go function| linktracker_init object| wpcom object| gaplugins object| gaData number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.gbhackers.com/ Name: _ga
Value: GA1.2.602372650.1638339083
.gbhackers.com/ Name: _gid
Value: GA1.2.214344560.1638339083
.gbhackers.com/ Name: _gat_gtag_UA_88811382_1
Value: 1
.gbhackers.com/ Name: __gads
Value: ID=ca98c6367590ee8b-226d32ee1bcc0009:T=1638339083:RT=1638339083:S=ALNI_MaywBYGuMCC0W1vAFnZTPUw0SctxA
.doubleclick.net/ Name: IDE
Value: AHWqTUmAZpOW0-lmlGitm9CEVQRODqq7eGMuBWhbA1ZND0Qma3MuZO8smPf09sBsjDs
.doubleclick.net/ Name: DSID
Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
1.gravatar.com
adservice.google.co.uk
adservice.google.com
api.pinterest.com
cdn.onesignal.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gbhackers.com
googleads.g.doubleclick.net
graph.facebook.com
i0.wp.com
i1.wp.com
i2.wp.com
jetpack.wordpress.com
lh5.googleusercontent.com
lh6.googleusercontent.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
public-api.wordpress.com
s0.wp.com
secure.gravatar.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.75.88.209
142.250.185.130
192.0.76.3
192.0.77.2
192.0.77.32
192.0.78.22
192.0.78.33
2606:4700:3034::ac43:a5ec
2606:4700::6812:e234
2a00:1450:4001:802::2001
2a00:1450:4001:802::200a
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
2a03:2880:f05b:12:face:b00c:0:2
2a04:fa87:fffe::c000:4902
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
01b4fa8690c4fd43863c67fdef5dfd1d1ad1b7f555e14e00f9227d34ade1edc4
01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
033ac4de550c02006f3ad635fab1d85fe4c08179481725a25c14862b503a1912
03715752c7ceb56d9ec61b7bd4ff53a8e48d5b65ff8bf2dd4e63d37358b2fd50
0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509
0dab369eac5fd3a06420395d02d292bc3e3ab0bf62add857c72804fd9f4edd35
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fbe809775a3a3199624d023fb474484d89b9a4c48f1585f1eac8dbb53b5b9be
120955dfd2c5f11862f18ad1a36093f3c535633f8c6a54e4211060823a86057f
12eba784fa8f120e1e303f2079ab3ba84ec7ed991fa48c1ecf5b5436e2237745
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1820ff4e7bde396510b5a0f38900029400a051e4a11d960646cca97d4e7445f0
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
267b5e73969341bb850be55e11839241613a9dc7869e495bf1bd4852785577b8
276bf60b5954a38ca8d707ab87d0b18aafa11f64bc3e136e9162dd52e6c99b7e
281c25f3fe5545da9fa16e59731d8e42c0a9781ff6530cee844c28b9541899e1
29fd2e371015ecef7d658113f5b5ee813697d987c191a5c85175d53829597df8
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2e1ced1bd0736a56a0c44fd7b3bf8134850398ecddd52a0f5e6e437c5d527999
3127d6cb1b1363ae151275163f4717569bb0cdc888fda6adc660a96b3e2a2869
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35bb77e9152a2c99004f1fff7b7499042aa90a82b1d30413f7996feca7ffed4d
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3b8209efc7da6a179bd91dee606ada248b8439c4a409ccbf09d239995cbbba55
3cb429ebd76f8a1ca60d6441bc8039e37dd4a95dd93421b95f6da813a5c4bbf7
418a27afa92313e46e79491a3a12fda13309a3255ede7515e459394b4774712d
42096ba8fa8b88ed36455a0596352543c8de4a1efdbdd4dfd1329174ce46b420
4409f3a020ad3130888f2e64c84db6dad4b2cd2f4909e86a9fd7c432f97b6622
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4d862584135798ad521d8f5f38ca1a7c1cdf75981d74ccbba496e25eb7080366
4f8c8ffafa213299b94ac536189e5ab76d2904bb82639bf4867adf3d321b4d5c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76
55b4a8ebd4ce4144242d6bb9d0ebb65a01b2759e67243ed5badc3ac96c6fd396
59b7cc57cec37ddd48856f6328f6f2b8798cc22fd3fb37eae4227c05fa1e8453
5a42bf5f2a09874e30d1a3027977dd07bc20e1abca1a35884e48fcb06299c473
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6165a91e6dd0a5d9e581fbf34e8135b20c5b1c3955566758943ae88709ca5461
617c299d3680545fad1f40699a3a4f5a5a810e5630aa8cc66f50981948c288f5
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6574c03ef34c869d4a560674a171cfdeceb77589d59b7d073a95eebdb733a827
658d99e6daaa5ce158681906dbc5966647cce9434984e5c6db7ebf5537d8cf43
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c61b46b38d55f643bc67f65dbf50a8620c6f7d5456ddcd45a2f5299f4f81c4a
73810400992edf91b1a73c5d55b37dda7f30487f5957233e783802f1376e3431
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
74aaef5ca1d3d2a736e0c880822ff5062a9738403052a9dc81d42e6ce3834ff1
7551cbecbf078a66df8f9d246d8b11c773247921f5ff0bbe601f0cf67e1e287b
7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c
79b93ce1d5b919bd7d6c3b5f59a0533837ad6ee414edd0322f1f481b69375996
7ac350ae1e1a4096efcd5bcaa247cf416b0981141475e5d345eb8a136c6d2e81
7ed9acef6938ea61c5026e46dde6540d487a09d2acb66736eaa206676e97b593
826849e486c43832e36c991ca35ad1d43a635df8bacf662860a05fb2b54bc75a
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
83f49a60c7b81bab4b8b2ffd154c069fdde45e0ec303ce85ede59495844f919a
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
94b293e2c7affa223f0e3a5cfd950030c8aacee84bc93ec5f0d35c7f4e91381b
96a2fc04e5f82d1b6fed397c6954cecd40fbb8383d422a4d39f3ab7d0687693a
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
97f70b4714f5968860f119005de6eebbc73c92c9e85977f0335212f01de645d8
9bbd26c49f5ae124707da73ee22462fbc47ca1d38e85825771170e4b1c850af7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e3cea02afaeff4ccb2cb8ed167c1e21077b4c85b6feb154d5e84518fb90801
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51e791b4b0e0fc1f924018249a0352ca1eeb587114deb8e215a9d83a73df0d4
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a838406d751481e4a22b44b6d93a2aadbeaaf3ada4c4ade352b3f05579a0e894
ae82e42491a7de3c5d3df779e9600e5191708025e8c46102ccfa7026df735d64
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b8d22757b5d6d70bb4a66040eb6ba44389922a08c588e4e46f14ec141e028540
ba309554a97b71098922adef80fd387bb25677a121fcae5a77f2137e11b4267c
ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc124cfb312a275c7306f089f94c16d2011077c58fa8dabe3771029891e854eb
bd994a7429830bfa6e85fa848b3e42150b3fbbdc2ddb9b734ca481a7f3a39320
bf93a0c21fa2d37a5c7e1075b2f3b65de111e7504bd6372112609ba80ed6b6c7
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cbca7622295dec97458ab7a27983d05969398fbc96da602c38edb8f83e79374a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb
d0b5aaa9e0ebee58b5994d83379b096ec993976d68ddba4a4fb0d53f4cd8ce24
d0eca051bf2e51696f3f8ef35337104af0c65042f06ee0b8badf3f8f2b4e8fdc
d15a7f70c3a4b58c2d645665230c0029a2c68fabee5c9d905feafd409be1eb8c
d408f32dfe37afad2d35b51f4050e3d5aa0a53910cad98130bd58ef290a6d18f
d4946c0a255ce147e3eb1d457c30574262edaacdd20dde4edddeecd925df2303
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc7375f568ea439c4f544ac6488b963a8d57d6cd65b0a8a551230d330e55483f
dc82324bbea391ad47f0f42f308ba46d9a408031f30103d8bd426a04b56fd2f0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42034fb34e129b587ca03a87faf4976eb945a259d976cb4d2b6ccf3fd1cd31f
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e9c41c06c765e324b53515b6bfcb3d09b8090a445cb9959f8bc6edb4bac5e279
ee73983f199df0f0cca9f5306e79bd0a5a624e09b9e805a93957a4167ee87fe0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e3ce113f50d9d7389eafdb2fdd09ac50973b4df19c2ca6fdb1281a075db0fd
f34304a06bbb195d6a018e016c6f2c0ad473b229c53c6eba9bdce8f3b857dd4f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f8ab2778b292d70e077fc8c3c84526bbe581dc2a826165d72c7a29bec439ebae
fb55864b528fb5460ccf4acb8ff4498ec0a588cb262170df0ddc9caf32f0d76e
fb67552bcfc3ad02c19511d196121130ceb65536a5754ceb0c1de72d55de0e65
fc1c9310b4e7ce78149bfc5a27a511c73fe3b83f1345bafb62d7a94f484e2151
fda05fade14390001567b6c6ce310785f0ab2d89124399555191c89f3de5fc08
ff7cd3a3c2a0a776f21221eaf6316fa7e51983c213d3c8ae7a5f186854668d4f