wibuh.com Open in urlscan Pro
2606:4700:3036::ac43:b8b5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wibuh.com/eatc/index.php?qbot.zip
Effective URL:
https://wibuh.com/eatc/?qbot.zip
Submission: On December 15 via api (December 15th 2024, 10:56:49 am UTC) from RU — Scanned from US

Summary HTTP 66 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 9 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3036::ac43:b8b5, located in United States and belongs to CLOUDFLARENET, US. The main domain is wibuh.com.
TLS certificate: Issued by WE1 on November 27th 2024. Valid for: 3 months.

This is the only time wibuh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 38	2606:4700:303... 2606:4700:3036::ac43:b8b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::9b	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:6fdf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c17::71	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:400d:c00::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4004:c1f::65	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
66	10

38 2606:4700:3036::ac43:b8b5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wibuh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:6fdf (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::71 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c00::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c1f::65 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	wibuh.com 1 redirects wibuh.com	731 KB
10	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695	74 KB
4	gstatic.com fonts.gstatic.com	120 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5669 onesignal.com — Cisco Umbrella Rank: 1761	82 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	208 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	105 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	97 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
66	9

	Domain	Requested by
38	wibuh.com	1 redirects wibuh.com
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	securepubads.g.doubleclick.net	wibuh.com securepubads.g.doubleclick.net
3	www.google-analytics.com	wibuh.com www.google-analytics.com www.googletagmanager.com
2	onesignal.com	cdn.onesignal.com
2	cdn.onesignal.com	wibuh.com cdn.onesignal.com
2	pagead2.googlesyndication.com	wibuh.com
1	www.googletagmanager.com	www.google-analytics.com
1	fonts.googleapis.com	wibuh.com
66	10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
www.instagram.com

Subject Issuer	Validity	Valid
wibuh.com WE1	`2024-11-27` - `2025-02-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.onesignal.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
onesignal.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://wibuh.com/eatc/?qbot.zip
Frame ID: 6D28479C3A9479515FFD0549F046D6C2
Requests: 65 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 6F1702A53B5451F7E9F43A12D9937096
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Laman tidak ditemukan - Wibuh

Page URL History Show full URLs

https://wibuh.com/eatc/index.php?qbot.zip HTTP 301
https://wibuh.com/eatc/?qbot.zip Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

66
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

10
Subdomains

10
IPs

1
Countries

1441 kB
Transfer

3554 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/wibuhcom/

Search URL Search Domain Scan URL

URL: https://twitter.com/WibuhCom

Search URL Search Domain Scan URL

URL: https://pinterest.com/sagahaditama48/wibuh/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wibuhcom/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wibuh.com/eatc/index.php?qbot.zip HTTP 301
https://wibuh.com/eatc/?qbot.zip Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
wibuh.com/eatc/
Redirect Chain

https://wibuh.com/eatc/index.php?qbot.zip
https://wibuh.com/eatc/?qbot.zip

110 KB
17 KB

1729ms
1728ms

Document
text/html

2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/eatc/?qbot.zip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.31

Resource Hash

5e91dfc248f0772b3da9ffd2b0adfea692e6a273cc7230e2c6c1f2ebbf0dceb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f25e8920f8dc407-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sun, 15 Dec 2024 10:56:42 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://wibuh.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GyOmNgETdKayB0K1k3B2uEQbN4rxL6K6DmDlhv5rh2D4SneQnWwZ9s33VTwWiCktv0CRU9Q4MzU4JWAwGaaRucEDrgg2NgvQLu%2FhEmJbJs%2FlNFmq4tZzLEfPMbGPrKC%2FjfR5KW%2Bvifo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=7946&min_rtt=7927&rtt_var=1706&sent=10&recv=10&lost=0&retrans=0&sent_bytes=4834&recv_bytes=2421&delivery_rate=514048&cwnd=255&unsent_bytes=0&cid=0ac819e13f46419b&ts=3365&x=0"
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.31
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f25e887e959c407-EWR
content-type: text/html; charset=UTF-8
date: Sun, 15 Dec 2024 10:56:41 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://wibuh.com/eatc/?qbot.zip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4rCD5rFyRTd3x2WAS%2B8iuQ1t00%2Fj5ceQfFzJh4xvrYkA36RFelIMllvgt8i3LlksKRvavycIueOdWUViF1PmLZT6LRJdadOAG2Ekf6RxJ8fosFGi7iBmeo98MsDW24cp1hsNz0RjIbs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=7935&min_rtt=7927&rtt_var=2246&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3981&recv_bytes=2358&delivery_rate=514048&cwnd=253&unsent_bytes=0&cid=0ac819e13f46419b&ts=1613&x=0"
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.31
x-redirect-by: WordPress
x-turbo-charged-by: LiteSpeed

GET
H2 200 css
fonts.googleapis.com/ 61 KB
3 KB 163ms
60ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800%2C300italic%2C400italic%2C600italic%2C700italic%2C800italic%7CTitillium+Web%3A600%2C700&display=swap

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec0cb97ea0f267f09df4685c33349e0f87a361914fbc405f0a38ae6871b2f97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wibuh.com
Referer: https://wibuh.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 10:56:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 15 Dec 2024 10:56:43 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 wpp.min.js Show response
wibuh.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
2 KB 829ms
827ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=7.2.0

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9390a125ab238d13fb736a504428d4f453f5c02cbc7a33ad1dd24c35d16c96b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVSXSBTgsTVGm8m89x6rWKaMC9waYe5FgzUwmh5dTbLNMmMgKBq0gUfR4KZRkicJnCmsglgKMj%2Br24dA1Fu3GUI5vgMbLfioGTaYB%2FeurUYG2HG2AL4MFEDGjd9RABCvEFU5QG1QTeg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35081&min_rtt=23844&rtt_var=8215&sent=156&recv=73&lost=0&retrans=0&sent_bytes=155175&recv_bytes=10393&delivery_rate=1297945&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2532&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 23:05:10 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e89d1de80f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 style.min.css
wibuh.com/wp-includes/css/dist/block-library/ 112 KB
17 KB 993ms
989ms Stylesheet
text/css 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFhe9ucOsyHfs0DLKpK1KOTsCyoTBGejxhydS7XA2cLS1VjbGp5eFjA7YbeYnYTuOVBy08%2BlUb1tCRcbuzpxVjyQ1wJu2KMdc3AK%2B4nF0jZjiMo3aLv1aTQivr3vkvHOXvdEV%2BUU1Qk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30411&min_rtt=23844&rtt_var=5876&sent=180&recv=79&lost=0&retrans=0&sent_bytes=174734&recv_bytes=11827&delivery_rate=119614&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2693&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: text/css
last-modified: Tue, 12 Nov 2024 23:13:47 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e89d1de90f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 blocks.style.build.css
wibuh.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 184 B
954 B 42ms
38ms Stylesheet
text/css 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.86.1

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2BahOnXrq7Dg8nR3cP4NTGJL3PhCfbzfMbx9BITHNLi4m4hPHWmzcp3L%2B7EwUQCp2OTZdga92ABF3aZjLpUbWYejdGNqaf%2BG%2Bw8UNclpFhBseznIRaubmDFbl8tK9l7whhRbhPh6z%2BA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29086&min_rtt=25952&rtt_var=10183&sent=13&recv=21&lost=0&retrans=0&sent_bytes=4253&recv_bytes=8114&delivery_rate=557&cwnd=12000&unsent_bytes=0&cid=d293e49841621d19&ts=1745&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: text/css
last-modified: Tue, 12 Nov 2024 23:13:08 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e89d1dea0f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 wpp.css
wibuh.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
1 KB 837ms
833ms Stylesheet
text/css 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=7.2.0

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpJcEfTXuTZ2Ofgmvh9FCkQu8Zj1ZrF7gwi34QuwYbgixDhSsnEV6ijKRs%2FP0nHwSaIYUUK%2BvVPXYtKO%2BE5ExEATaRg%2BYWY%2B%2BYuRJn29QJhFHSPIe8P5YN7hOGlVouhimcrlksjmeE4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35081&min_rtt=23844&rtt_var=8215&sent=159&recv=73&lost=0&retrans=0&sent_bytes=157766&recv_bytes=10393&delivery_rate=1297945&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2540&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: text/css
last-modified: Mon, 09 Dec 2024 23:05:10 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e89d1dec0f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 main.css
wibuh.com/wp-content/themes/pixwell/assets/css/ 425 KB
71 KB 65ms
62ms Stylesheet
text/css 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/themes/pixwell/assets/css/main.css?ver=8.1

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aefe1768c16f2f9f09e7188f3bda878a27b2bc8fc68667c490f4ac955ce92a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKML9hRce9lu3ruLzVIJt0ON%2FK%2BFIPHhLlZ4kLx1lgQ3A167KKzErzuFK46yeHsfj0GK7nwPtZJTygQw8usyBAjjxTPOUBI2u9QefSdOhM%2FiJrmDCTvkXkZnqG2Afg6gZL6da1Hyyzg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29086&min_rtt=25952&rtt_var=10183&sent=26&recv=21&lost=0&retrans=0&sent_bytes=16253&recv_bytes=8114&delivery_rate=557&cwnd=12000&unsent_bytes=0&cid=d293e49841621d19&ts=1749&x=1", cfExtPri, cfHdrFlush;dur=21
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 19:33:40 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e89d1ded0f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery.min.js Show response
wibuh.com/wp-includes/js/jquery/ 86 KB
32 KB 66ms
62ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hlqy2jNIo3aOcf6vju6gyIEnXlUNWNSKrwsPdX2hXpxoH7W55pT%2FAukJjaZTvsEDYJ9JboxtlyRKDyqxgGewiHpZjKZdH7QFw1pB5F7ZIlGG50ksheDc1VZAUj%2FYRVkuUESgU%2BcjUP4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29086&min_rtt=25952&rtt_var=10183&sent=26&recv=21&lost=0&retrans=0&sent_bytes=16253&recv_bytes=8114&delivery_rate=557&cwnd=12000&unsent_bytes=0&cid=d293e49841621d19&ts=1747&x=1", cfExtPri, cfHdrFlush;dur=23
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 07:35:35 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e89d1def0f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery-migrate.min.js Show response
wibuh.com/wp-includes/js/jquery/ 13 KB
6 KB 44ms
41ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8O5yP6a0Fct6PuYJLtxk7TB7lzkd9lbKLOCBILJDC5GL0BjGFR98lXBsgAKyxb4VxDTaOsYPx4P1%2F6GB2jXpPX3ITJPDOCGkLbOEhUNMWuwJvhIOkFrtm%2B4GYctLsooh%2FUAg8do3PYw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29086&min_rtt=25952&rtt_var=10183&sent=15&recv=21&lost=0&retrans=0&sent_bytes=5254&recv_bytes=8114&delivery_rate=557&cwnd=12000&unsent_bytes=0&cid=d293e49841621d19&ts=1745&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: application/javascript
last-modified: Wed, 09 Aug 2023 07:35:40 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e89d1df00f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 fraud_protection.min.js Show response
wibuh.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 2 KB
1 KB 166ms
162ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/plugins/quick-adsense-reloaded/assets/js/fraud_protection.min.js?ver=2.0.86.1

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

925ac08767da94992a8a70ec5f3caa616c36e818056aa4cdc27a41fa0f3a1a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 450392
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oXr%2F3Ot5aVjtv8n5KyUVUnNIZkZTciVF70LmOXE4F8A2fa62lVr80IZSsuMCHA5smQ%2BG8uF1pHJSwZ6acU3%2F8V8%2Flpq2Zr%2BjQMoC%2FMvB6TZs5jSEL13To21MehXVHzrs7EVZJoJRNfU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29086&min_rtt=25952&rtt_var=10183&sent=26&recv=21&lost=0&retrans=0&sent_bytes=16253&recv_bytes=8114&delivery_rate=557&cwnd=12000&unsent_bytes=0&cid=d293e49841621d19&ts=1747&x=1", cfExtPri, cfHdrFlush;dur=24
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 23:13:08 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e89d1df20f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 ruby-icon.woff
wibuh.com/wp-content/themes/pixwell/assets/fonts/ 70 KB
71 KB 1306ms
1302ms Font
application/x-font-woff 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/themes/pixwell/assets/fonts/ruby-icon.woff

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e1c1b54360d1df72955d690ee50841244f8441aa4091a34b483d84cc0588cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wibuh.com
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HADlz9QuROBdpALe5kedWUSElAhoiuTxsoT%2BWXbAMLRBEW7KWw3o1p95kKjUrtLt6tY7Nywk6KcmMdZzwFSzhKHyD4hazO14ApjlE%2Fye56wD91gZS0091sBNA06oRkEGaempkYkcLOw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30323&min_rtt=23844&rtt_var=1180&sent=568&recv=138&lost=0&retrans=0&sent_bytes=609399&recv_bytes=20744&delivery_rate=6469841&cwnd=208800&unsent_bytes=0&cid=d293e49841621d19&ts=2998&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/x-font-woff
last-modified: Sat, 26 Nov 2022 19:33:40 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e89d1df30f78-EWR
accept-ranges: bytes
content-length: 71956
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 170ms
46ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f46f797ed9f372fcf624d6792361bf3223d779cf514e583f17db46b0f5908def

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: br
etag: 887 / 20072 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 10:56:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33514
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
53 KB 174ms
55ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0da7f9cf34532c18039e01edad4592923ebb796ad92cf95f6cf2e197d77a76c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: br
etag: 13985337082964839594
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 10:56:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53913
x-xss-protection: 0
server: cafe

GET
H3 200 wibuhnobg-1.png
wibuh.com/wp-content/uploads/2021/08/ 29 KB
30 KB 43ms
41ms Image
image/png 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2021/08/wibuhnobg-1.png

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ded70ae93441c74670878eede2c328aa76419e66c7f5b0a11ad984e273ec56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: HIT
age: 240005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CJCK1Puj7zyuQnDkdpmp8s58DphaVkbT02dQ4X6eEQwcz4mpFrG9V%2Fp52jEcXXA64cAX7upqMO3%2FrZQaI4s%2FcDeIUYfWAda6kUo9S6Tm78JhC1dAwTOoSkOvaHbX3cvwoOoRxnnGdzM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29086&min_rtt=25952&rtt_var=10183&sent=21&recv=21&lost=0&retrans=0&sent_bytes=11358&recv_bytes=8114&delivery_rate=557&cwnd=12000&unsent_bytes=0&cid=d293e49841621d19&ts=1746&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: image/png
last-modified: Sat, 26 Nov 2022 19:33:35 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e89d1df40f78-EWR
accept-ranges: bytes
content-length: 29548
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 Gigantomachia-Melawan-AFO-Spoiler-Manga-My-Hero-Academia-Chapter-384-280x210.png
wibuh.com/wp-content/uploads/2023/03/ 95 KB
96 KB 65ms
62ms Image
image/png 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/03/Gigantomachia-Melawan-AFO-Spoiler-Manga-My-Hero-Academia-Chapter-384-280x210.png

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f333d64b8f38ddee5d21e744c75366b01c4793baf70966c930576ee453252d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ufNfwjNPCTAj1shBg0m7yY56e9gjjURbsoIzlb57XHK8L%2Fk89HTmIrDpxdkEhVo8a44BccyFgMNkfeBZrccNG2KCIj7KInjX75Is%2B7zQvnkfneWaBbhVK%2BIwfEh4N2%2Bad6G%2FyrO2o0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29860&min_rtt=23844&rtt_var=4226&sent=230&recv=88&lost=0&retrans=0&sent_bytes=226513&recv_bytes=14308&delivery_rate=586479&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2776&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: image/png
last-modified: Thu, 30 Mar 2023 19:35:10 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a38a120f78-EWR
accept-ranges: bytes
content-length: 97060
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 imagesloaded.min.js Show response
wibuh.com/wp-includes/js/ 5 KB
3 KB 814ms
812ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84DvaM3i%2BRLu%2Bw2axLca59hAF3rOtkv2oLgvWp8k0VPzC%2FRXjeIuKIvuLgcEZHv0XoQ0%2FODkGul7tBG%2BDaW0Pz%2BwW%2FgcJ%2B6nnW6pucOUx%2FJMi9%2FdO1D%2B1LN%2FQ4ukVk6e7FFknN86IqY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35081&min_rtt=23844&rtt_var=8215&sent=153&recv=73&lost=0&retrans=0&sent_bytes=152403&recv_bytes=10393&delivery_rate=1297945&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2520&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 07:35:35 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e89d1df50f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery.isotope.min.js Show response
wibuh.com/wp-content/plugins/pixwell-core/assets/ 34 KB
11 KB 1055ms
1053ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/plugins/pixwell-core/assets/jquery.isotope.min.js?ver=3.0.6

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f62b54a19795cb378378578ab458bc1c111ef3b9043a4143224d3ddf59fef04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ee25%2F%2FkSlnRjxCHTGRjqk4iTFeJEl0NNHbPdYSprKJNdxBp2NDMtEa8%2FEUy2moEEIug5ZTTsX%2FpMI0sI3Ogql89mqRfgitxet3OVz1nCZtI6%2B7ThBZ7Hyc1AJUvP%2FxXWMX5wIpX7js8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29860&min_rtt=23844&rtt_var=4226&sent=213&recv=82&lost=0&retrans=0&sent_bytes=209964&recv_bytes=12247&delivery_rate=586479&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2755&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 19:33:40 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e89d1df60f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 rbcookie.min.js Show response
wibuh.com/wp-content/plugins/pixwell-core/assets/ 1 KB
2 KB 42ms
42ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/plugins/pixwell-core/assets/rbcookie.min.js?ver=1.0.3

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c128083756cca5e530c120bc15a8770d266c9dabc2ec33c290dcef18e44af65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W6xa1NkVKYlPckcI4PUUVlzeG6NfLzVBhaWt2%2BSFuI4haiQ6k117fVKdGzVWf0XTzXQnfQ4ZEcF13DX%2B1TKhNHDV11n0WD19U2M8iWchKnxQZOqgm4Lz74OoahSIunjgmdQRyeLwjJs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33854&min_rtt=23844&rtt_var=8615&sent=162&recv=74&lost=0&retrans=0&sent_bytes=159227&recv_bytes=10729&delivery_rate=90749&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2561&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 19:33:40 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a239240f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery.mp.min.js Show response
wibuh.com/wp-content/plugins/pixwell-core/assets/ 20 KB
8 KB 40ms
40ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/plugins/pixwell-core/assets/jquery.mp.min.js?ver=1.1.0

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22e1f643b9b97e06209d51252adb3d407265bf0c269d7392d318b4e1353c8fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8dOwa5oj4rIzf0oE3H0Ys4Zw1cS2aQ04CsCWgXcAWcDXLUQfpoZjgU7%2BW0GhWH4eQPYTNISuoce05lvIqRJHYikZEPsrbGwhtONgVUZvJaj5eKPes5zms5lZldul35eZbsjXDCkqKRs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31605&min_rtt=23844&rtt_var=6681&sent=165&recv=77&lost=0&retrans=0&sent_bytes=160884&recv_bytes=11158&delivery_rate=126653&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2608&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 19:33:40 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a279520f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 core.js Show response
wibuh.com/wp-content/plugins/pixwell-core/assets/ 18 KB
5 KB 37ms
37ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/plugins/pixwell-core/assets/core.js?ver=8.1

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0ae798964815b315381b682ceca834cc66b24c91e5736c8243df7f2e7974028

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpf%2FlB0Ci%2Bd1Bh2Bt1eIDol%2B4QDGs6Cah6Hv60UTdb7ejoyd%2FI27H7xMjMg9ztcxD1oxOCpos4ywn0Xe1GlkzfJK3oba4PvD0ncciGtBk7UbAz0dOlU3jyfjtjxBJJTXyB%2BXQstu5h8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31066&min_rtt=23844&rtt_var=6090&sent=174&recv=78&lost=0&retrans=0&sent_bytes=169741&recv_bytes=11487&delivery_rate=199739&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2651&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:43 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 19:33:40 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a2c97e0f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery.waypoints.min.js Show response
wibuh.com/wp-content/themes/pixwell/assets/js/ 9 KB
4 KB 41ms
41ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/themes/pixwell/assets/js/jquery.waypoints.min.js?ver=3.1.1

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66e70ec2f6169104428ff479e397e5c515deca007d206097bda23a72b8467036

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FbepmZv9G%2FpM%2B3l9RdIbO%2FlXbKToNwkyt%2BzFgrcs5tYfoMou5oNyLY9wkiyrHt0km55dUq3HbC8J1qZfS5DUt4ol0xAPB%2BizAkFxrthALc280V6Oyovn6ImbxRvl7v1fAsZIyKcCsXU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30411&min_rtt=23844&rtt_var=5876&sent=196&recv=79&lost=0&retrans=0&sent_bytes=192692&recv_bytes=11827&delivery_rate=119614&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2696&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 19:33:40 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a309ba0f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 owl.carousel.min.js Show response
wibuh.com/wp-content/themes/pixwell/assets/js/ 43 KB
13 KB 38ms
38ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/themes/pixwell/assets/js/owl.carousel.min.js?ver=1.8.1

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0db80125881ba1f8798c8dccc4179650a745f6655369263e7199d6efab13c68a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6HSEcYm2BQMbUq5mquX56dPa5Aa2pD%2BxQKlLYPvEtukoJRZX9Bwi3og7yVD8Y3Nfpy8i3%2BOLzNk2hmkRhvlDhIXdBHVE9NzY26WzwkBSuMQoxu7T4o%2BaqYYEd3ZBR2mZFVR8vi6E%2Fmk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29860&min_rtt=23844&rtt_var=4226&sent=201&recv=82&lost=0&retrans=0&sent_bytes=196438&recv_bytes=12247&delivery_rate=586479&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2740&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 19:33:40 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a359e30f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 rbsticky.min.js Show response
wibuh.com/wp-content/themes/pixwell/assets/js/ 6 KB
2 KB 38ms
36ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/themes/pixwell/assets/js/rbsticky.min.js?ver=1.0

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b689ea107bff2003a22621ce7681945bc4f3da4a52bf63eb3ecb97d65b758e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPwVDPs4uQlgV2dznzfr7S%2BLLd1ypYs1HdzYA5uxjpd%2B%2FXt3p0Y%2B%2F8iuExNV4%2B7%2BSFCfueq0%2F9Ct7zJfKXfzZBar5Z4O52c44XRt3S2aRrcEv1MDoxtpIVt6WJqxSPItPjnY02ywYjc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29860&min_rtt=23844&rtt_var=4226&sent=225&recv=88&lost=0&retrans=0&sent_bytes=221629&recv_bytes=14308&delivery_rate=586479&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2770&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 19:33:40 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a38a020f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery.tipsy.min.js Show response
wibuh.com/wp-content/themes/pixwell/assets/js/ 4 KB
2 KB 71ms
67ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/themes/pixwell/assets/js/jquery.tipsy.min.js?ver=1.0

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c74749a433528af31be3ae74183a8a942e421f1229197da67268b20a5d09cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NNfxkxJ2aOcdltK5Ti7qRcDUXhPshyONiOkq8RCAHIIm865FTs9P8p8y9JQz6CZeay3yvD%2Fm5ODbUYWXjIePJwTJuhvrdRS1F%2FcMFjwVzuUBLIyQ6ppasG%2BO9teGI4%2FFKguRmAyiZ68%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29860&min_rtt=23844&rtt_var=4226&sent=266&recv=88&lost=0&retrans=0&sent_bytes=268788&recv_bytes=14308&delivery_rate=586479&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2777&x=1", cfExtPri, cfHdrFlush;dur=3
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 19:33:40 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a38a080f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery.ui.totop.min.js Show response
wibuh.com/wp-content/themes/pixwell/assets/js/ 5 KB
2 KB 42ms
37ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/themes/pixwell/assets/js/jquery.ui.totop.min.js?ver=v1.2

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df4f4f0c20c55fa9b59c139af518439f9a951939bb7c6fb1d365898165a57474

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGE3CswRAJiTFyYX0mJeT0SxHrtP4koADe0jFZUMpYv3wRMhhP7MscRpzUSh5XcaqKLbmRYGiLT4IVtGynQKt65C6eVAZ6RbwHLKtItFDQL2K03xjd3%2Fddr%2B89iJoQLqaYI6z16yvgY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29860&min_rtt=23844&rtt_var=4226&sent=228&recv=88&lost=0&retrans=0&sent_bytes=224146&recv_bytes=14308&delivery_rate=586479&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2774&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 19:33:40 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a38a0c0f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 global.js Show response
wibuh.com/wp-content/themes/pixwell/assets/js/ 75 KB
14 KB 1090ms
1085ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/themes/pixwell/assets/js/global.js?ver=8.1

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad1d672f200808c52abf20121de041de3f5599bd3663910a53f4c5ebcc76832

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3FVYdapvXXvUKSWJQa%2B0vz5maYuTVtJpHEWoO7Tyisa%2Fc%2B4bZxphG0w%2Bh%2FptyvdMQQ2mjIK4xJ4axvbF%2BR18Aip2Uh2GF0DQJOtiWwmJHJceRW%2BCZU8MiYptl%2FhY1%2FT7rKkxkJyJLs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36269&min_rtt=23844&rtt_var=5407&sent=646&recv=145&lost=0&retrans=0&sent_bytes=700615&recv_bytes=21065&delivery_rate=1878146&cwnd=208800&unsent_bytes=0&cid=d293e49841621d19&ts=3822&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 19:33:40 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a38a0f0f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 ads.js Show response
wibuh.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 1 KB
1 KB 71ms
67ms Script
application/javascript 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.86.1

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a818db199bb22276b4aaedf593151e149279ad0c96192ce0647ed4cde7754a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 175100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVrnTQXgDJ2brPBNFaRN8sHtyT74JDP2CHO2ziMsrrccDW90ORwSyZZ1S1LCZxX7YC2iYYLsq3zR2MyB1QSORXPcyVumTAdcc8NjHUzHbnohdVSiDWng4VYp6rgpUqnCRyxE4EPmXNo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29860&min_rtt=23844&rtt_var=4226&sent=250&recv=88&lost=0&retrans=0&sent_bytes=250513&recv_bytes=14308&delivery_rate=586479&cwnd=72300&unsent_bytes=0&cid=d293e49841621d19&ts=2776&x=1", cfExtPri, cfHdrFlush;dur=4
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 23:13:08 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a38a100f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 132ms
40ms Script
application/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"09282956186c8515ef0d208902803581"
age: 1273
expires: Wed, 18 Dec 2024 10:56:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
via: 1.1 google
cf-ray: 8f25e8a41b1f1906-EWR
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 164ms
41ms Script
text/javascript 2607:f8b0:4004:c17::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: gzip
age: 4398
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 11:43:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 09:43:26 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 12 KB
12 KB 170ms
77ms Font
font/woff2 2607:f8b0:400d:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800%2C300italic%2C400italic%2C600italic%2C700italic%2C800italic%7CTitillium+Web%3A600%2C700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wibuh.com
Referer: https://fonts.googleapis.com/

Response headers

age: 66903
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 16:21:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 16:21:41 GMT
last-modified: Thu, 24 Aug 2023 21:07:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12136
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 130ms
37ms Font
font/woff2 2607:f8b0:400d:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wibuh.com
Referer: https://fonts.googleapis.com/

Response headers

age: 348523
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 10:08:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 10:08:01 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 12 KB
12 KB 162ms
69ms Font
font/woff2 2607:f8b0:400d:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wibuh.com
Referer: https://fonts.googleapis.com/

Response headers

age: 272425
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 07:16:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 07:16:19 GMT
last-modified: Thu, 24 Aug 2023 20:48:16 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11796
x-xss-protection: 0
server: sffe

GET
H3 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 147ms
55ms Font
font/woff2 2607:f8b0:400d:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://wibuh.com
Referer: https://fonts.googleapis.com/

Response headers

age: 254760
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 12:10:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 12:10:44 GMT
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50296
x-xss-protection: 0
server: sffe

GET
H3 200 Manga-My-Hero-Academia-Chapter-383-Bahasa-Indonesia-All-Spoiler-280x210.png
wibuh.com/wp-content/uploads/2023/03/ 107 KB
108 KB 41ms
40ms Image
image/png 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/03/Manga-My-Hero-Academia-Chapter-383-Bahasa-Indonesia-All-Spoiler-280x210.png

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9699dd24938aa5663b5d42b4852b89be2cd99470131d0f9fd2b2217066895a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YV6kDZUxVW8GMkPDvSWT8EnYQtIua0HNDPZDS3F4V4LLtzBvDGoKOX7JnZtUAFaWsbSrPfBfktgui9uk%2BUie%2Bdqzw0Ec0DUdR6qavkbokcZg2ncSeoFSsJ0crOyvEeIG89FH%2Bhmmw1A%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39395&min_rtt=23844&rtt_var=12223&sent=322&recv=107&lost=0&retrans=0&sent_bytes=330614&recv_bytes=19342&delivery_rate=1319168&cwnd=99300&unsent_bytes=0&cid=d293e49841621d19&ts=2828&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: image/png
last-modified: Thu, 23 Mar 2023 12:41:10 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a3ea3a0f78-EWR
accept-ranges: bytes
content-length: 110054
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 vamp1-280x210.webp
wibuh.com/wp-content/uploads/2023/02/ 21 KB
22 KB 1097ms
1094ms Image
image/webp 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/02/vamp1-280x210.webp

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

053de0a34eb1ab9a67d7ed0fc5f0a19b35dd8c3cfb3d43adceb731bb26bea35b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygPut8UiHdmsh8M9IThJfGvnhRt5F5mwq7UG3qxK5jL1UeStwayehiY78RZ6gwvCKgzG5NabQuCl0kSS8F%2FQ3qqXdL4ldj0j1sfC58XI1SjrSolugVSLDin4Mq2TNktt9y9popXUBZc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32633&min_rtt=23844&rtt_var=6879&sent=661&recv=149&lost=0&retrans=0&sent_bytes=715267&recv_bytes=21242&delivery_rate=400174&cwnd=208800&unsent_bytes=0&cid=d293e49841621d19&ts=3882&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: image/webp
last-modified: Tue, 21 Feb 2023 14:34:06 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a3ea3c0f78-EWR
accept-ranges: bytes
content-length: 21558
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 suk1-280x210.jpg
wibuh.com/wp-content/uploads/2023/02/ 19 KB
20 KB 47ms
43ms Image
image/jpeg 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/02/suk1-280x210.jpg

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e03cf0e9c201255a9e5cd40de95bb68f9ef2759f5ee64fbfc0238b4bbdba1b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LGLJqOfjCvnJEzmoo%2BRwdO3n8CYiaLaGHe%2BBpN5m%2B23%2FW5Vh4XZJX4zqnpCw%2BZidsf%2BxproOhqxpU0ysbGq1RsvaZKbEd8jN9oZvkzZuC1YZ2lRtA3sx91lmKAeB4%2BNwZibUjX4GtL0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41555&min_rtt=23844&rtt_var=10626&sent=371&recv=109&lost=0&retrans=0&sent_bytes=387906&recv_bytes=19432&delivery_rate=1493242&cwnd=104400&unsent_bytes=0&cid=d293e49841621d19&ts=2829&x=1", cfExtPri, cfHdrFlush;dur=2
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: image/jpeg
last-modified: Tue, 21 Feb 2023 13:20:24 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a3ea3d0f78-EWR
accept-ranges: bytes
content-length: 19934
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 suku1-280x210.jpg
wibuh.com/wp-content/uploads/2023/02/ 19 KB
20 KB 44ms
40ms Image
image/jpeg 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/02/suku1-280x210.jpg

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92fef5a7b6a22a570a9ec6221ea92ce23e360c15924085d7c83cabe27919150c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPMJ5qsp5euyCp%2B2BadUQ82m7GMaeT85vobxrZlGz1fPYWpVPvnboHTD5joP1WUsjuNEBXE6bTJXRr1vQfY4u7hVfMmmuBYzJ6jAGPqCeRL3IZ9vZGZLPAtjZJIt%2B6yHoaO7dWfwzwQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39395&min_rtt=23844&rtt_var=12223&sent=348&recv=107&lost=0&retrans=0&sent_bytes=361813&recv_bytes=19342&delivery_rate=1319168&cwnd=99300&unsent_bytes=0&cid=d293e49841621d19&ts=2829&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: image/jpeg
last-modified: Tue, 21 Feb 2023 13:09:37 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a3ea3e0f78-EWR
accept-ranges: bytes
content-length: 19640
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 Review-Anime-Otonari-no-Tenshi-sama-Kisah-Kebersamaan-Bareng-Pacar-280x210.jpg
wibuh.com/wp-content/uploads/2023/04/ 11 KB
12 KB 1127ms
1123ms Image
image/jpeg 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/04/Review-Anime-Otonari-no-Tenshi-sama-Kisah-Kebersamaan-Bareng-Pacar-280x210.jpg

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

566aa4e9bc6202729822728d29cbffe22d54a0c588ba79ca403ba71eb48c6c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bLTOOQ7yzq%2B1qVCOx0gOOeFavR9ErcjhD9Dyp41SJp7GrBpu5YPEndlvJ2NYcESrQxNqR%2FEOWfXIgj4XMIljFliVjmmnwQ6PbWlJtV%2BHAFHkOWq2qvDRUzGsM1nFWJ2qINw1Kb7RcOg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31336&min_rtt=23844&rtt_var=6062&sent=681&recv=151&lost=0&retrans=0&sent_bytes=738110&recv_bytes=21330&delivery_rate=870859&cwnd=208800&unsent_bytes=0&cid=d293e49841621d19&ts=3913&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: image/jpeg
last-modified: Sun, 02 Apr 2023 07:59:46 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a3ea400f78-EWR
accept-ranges: bytes
content-length: 11281
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 gan1-280x210.jpg
wibuh.com/wp-content/uploads/2023/02/ 18 KB
18 KB 66ms
62ms Image
image/jpeg 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/02/gan1-280x210.jpg

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86bfffe981f72bc2724d8ec484a12f3abdb65ac8e75644a3072d793a83627155

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CUsZmDWo4srkx3LOVFDUh0Gd4RNISB%2Fp367FABdeWMQMzjfNORyKE0%2Fgbxm54YKh1sYbRpDWFR6PZxMW2E1YQb8zGOfHQtU45ibTPAB7tTLmCeNDMqmps7nTvFDHYNVc%2F5Da2%2F5m%2Bw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=42431&min_rtt=23844&rtt_var=6172&sent=407&recv=112&lost=0&retrans=0&sent_bytes=428929&recv_bytes=19568&delivery_rate=1596848&cwnd=112500&unsent_bytes=0&cid=d293e49841621d19&ts=2847&x=1", cfExtPri, cfHdrFlush;dur=5
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: image/jpeg
last-modified: Sun, 26 Feb 2023 11:22:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a3ea440f78-EWR
accept-ranges: bytes
content-length: 18001
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 to1-280x210.jpg
wibuh.com/wp-content/uploads/2023/02/ 13 KB
14 KB 48ms
45ms Image
image/jpeg 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/02/to1-280x210.jpg

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f035218191e1c18890700da183ddb31272d3b93eef34459f8129e899e3c0b208

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JFjKXwCkKqb%2FvrNI7EXDVBlN57lGl9Jgv0Rl5L3XNXP4J8ltDZTaqyaiDcJ4adtfYoeH2Ibq270hSEXnBFhPjJy8BE4Zm93RFkpEcA72ZnR1TUjFG%2F3d6WcT%2FuSCz0JKgHEVLlkAizw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41555&min_rtt=23844&rtt_var=10626&sent=371&recv=109&lost=0&retrans=0&sent_bytes=387906&recv_bytes=19432&delivery_rate=1493242&cwnd=104400&unsent_bytes=0&cid=d293e49841621d19&ts=2830&x=1", cfExtPri, cfHdrFlush;dur=1
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: image/jpeg
last-modified: Tue, 14 Feb 2023 20:14:42 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a3ea460f78-EWR
accept-ranges: bytes
content-length: 13341
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 Review-Nonton-Kage-no-Jitsuryokusha-Eminence-in-Shadow-Isekai-Fall-2022-280x210.jpeg
wibuh.com/wp-content/uploads/2023/02/ 16 KB
17 KB 47ms
44ms Image
image/jpeg 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/02/Review-Nonton-Kage-no-Jitsuryokusha-Eminence-in-Shadow-Isekai-Fall-2022-280x210.jpeg

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23e47ed4ac89ef31b0aa01649c6244f112c1f07d166c193a2394e2409d7a7908

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtgaSbOVnEV%2FfQbFMIAKEIYi78dj91907PwLu%2FhVRjiMtm3Muy5XqahmHRbpwUmptGWO4JL3TfogJ1G8NcbQlXjog%2FKw7zMRHNcuZSO2RSo28g8nVOhx6P8vk6eVePlxOsFrmYP88YQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41555&min_rtt=23844&rtt_var=10626&sent=371&recv=109&lost=0&retrans=0&sent_bytes=387906&recv_bytes=19432&delivery_rate=1493242&cwnd=104400&unsent_bytes=0&cid=d293e49841621d19&ts=2830&x=1", cfExtPri, cfHdrFlush;dur=1
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: image/jpeg
last-modified: Sun, 12 Feb 2023 19:27:39 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a3ea480f78-EWR
accept-ranges: bytes
content-length: 16296
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 hika3-280x210.jpg
wibuh.com/wp-content/uploads/2023/01/ 26 KB
27 KB 50ms
47ms Image
image/jpeg 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/01/hika3-280x210.jpg

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04d47cc810feaae339079326ce1c82092993c411613e06c3698c69e830044fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2BrzQR0ZteM0DOwWhXHvVITKb5cysQVaNF1d4y%2BVgytDrRlNtO7MLmubpX50NKFL0L6tFTmoXN7o01mfOlQjjrUcEWVGC6qYaPmUEYE6mgsgyWomC6gzl9CJ11p%2FIb1YWkRD6B%2BCG%2Fs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41555&min_rtt=23844&rtt_var=10626&sent=371&recv=109&lost=0&retrans=0&sent_bytes=387906&recv_bytes=19432&delivery_rate=1493242&cwnd=104400&unsent_bytes=0&cid=d293e49841621d19&ts=2830&x=1", cfExtPri, cfHdrFlush;dur=7
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: image/jpeg
last-modified: Tue, 10 Jan 2023 08:57:20 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a3ea490f78-EWR
accept-ranges: bytes
content-length: 27044
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 Kage-no-Jitsuryokusha-Eminence-in-Shadow-Season-2-280x210.jpg
wibuh.com/wp-content/uploads/2023/03/ 15 KB
16 KB 1009ms
1005ms Image
image/jpeg 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/03/Kage-no-Jitsuryokusha-Eminence-in-Shadow-Season-2-280x210.jpg

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f077d095b6b04c0998513f4a6573f93e7746dfb40054a2c0720c506d1f9d652

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v5N5MwPkZGGUgLvoZrUrujCY7z2EmMn7%2FDb3cTQ6N0wqoWFrkWcjPt5MuSVwQuKfJe22Mne%2BY6lDf89Pl3iNxB%2FMniuqd0AHjtoDF1muTzo%2FiBHWxz0dD3%2Fn4H7ult0YeWp4qLjut1E%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36269&min_rtt=23844&rtt_var=5407&sent=631&recv=145&lost=0&retrans=0&sent_bytes=683739&recv_bytes=21065&delivery_rate=1878146&cwnd=208800&unsent_bytes=0&cid=d293e49841621d19&ts=3794&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: image/jpeg
last-modified: Thu, 09 Mar 2023 07:35:46 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a3ea4a0f78-EWR
accept-ranges: bytes
content-length: 15732
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 worst1-280x210.jpg
wibuh.com/wp-content/uploads/2023/02/ 20 KB
20 KB 66ms
62ms Image
image/jpeg 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/02/worst1-280x210.jpg

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cb5601fc93651f740c92a275a0890552f9fbbee48486800c3a756738ebce4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TRj56FMFXsrb21hLf9368OBV1lfDNH0PbZqDPLFD8XWLYvrnnS7Dm4pXbFav8Jp0tAcW9Y3hPX4w0lAXLrhoVpYt8o6GEpXAnSRUiDTOEXv%2BsFrLihD1xfPu83PuSES2YpqQxJrngwo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=42532&min_rtt=23844&rtt_var=7960&sent=396&recv=111&lost=0&retrans=0&sent_bytes=416414&recv_bytes=19522&delivery_rate=1426467&cwnd=110100&unsent_bytes=0&cid=d293e49841621d19&ts=2832&x=1", cfExtPri, cfHdrFlush;dur=20
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: image/jpeg
last-modified: Mon, 27 Feb 2023 07:10:53 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a3ea4c0f78-EWR
accept-ranges: bytes
content-length: 20083
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 blue-280x210.webp
wibuh.com/wp-content/uploads/2023/02/ 21 KB
21 KB 69ms
65ms Image
image/webp 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wibuh.com/wp-content/uploads/2023/02/blue-280x210.webp

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdbf35e3e0752c19afce9d00274db02cbb30ceebeb690e4e6b485d36d31428de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

cf-cache-status: HIT
age: 175099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cB6lNE36jP4YJdGaG5J%2Fo8AYF5de9GiVFX4Akwc4wdO4dQWt8wj0T%2FF6ttRZCJ2wm5AQRokjT1bQUbiWajwsC0Xw870oFS5BnfD80%2FMlwOIZlYoUL%2Bcy9dWRSnEG2hAlIdXWzf4tc2I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=42532&min_rtt=23844&rtt_var=7960&sent=396&recv=111&lost=0&retrans=0&sent_bytes=416414&recv_bytes=19522&delivery_rate=1426467&cwnd=110100&unsent_bytes=0&cid=d293e49841621d19&ts=2832&x=1", cfExtPri, cfHdrFlush;dur=23
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: image/webp
last-modified: Wed, 22 Feb 2023 08:46:58 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f25e8a3ea4d0f78-EWR
accept-ranges: bytes
content-length: 21014
x-turbo-charged-by: LiteSpeed
server: cloudflare

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
430 B 39ms
38ms XHR
text/plain 2607:f8b0:4004:c17::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=15615236&t=pageview&_s=1&dl=https%3A%2F%2Fwibuh.com%2Featc%2F%3Fqbot.zip&ul=en-us&de=UTF-8&dt=Laman%20tidak%20ditemukan%20-%20Wibuh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2010864804&gjid=736162233&cid=729795016.1734260204&tid=UA-204217640-1&_gid=696823396.1734260204&_r=1&_slc=1&z=592409484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2ae9f79cca5167b42c696e086e288394835a6523b2ee5b9dfaf77db11151323f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://wibuh.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:44 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://wibuh.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 492 KB
153 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: br
etag: 5395541545685299795
age: 81227
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 12:22:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 14 Dec 2024 12:22:57 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 156760
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 79ms
78ms Other
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: wibuh.com
URL: https://wibuh.com/eatc/?qbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 18183
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 05:53:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 15 Dec 2024 05:53:41 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
97 KB 180ms
75ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L1DBY9CSNV&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

712f7eacd30bad1936384056becd79f91ac511849db17cdeaf8d52b0e05b3116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 15 Dec 2024 10:56:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98285
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 22697091096 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 166ms
70ms Script
application/javascript 2607:f8b0:4004:c1f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22697091096?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c81c3f2d1be01c44248214591af694d96dafccfc422cd61c701df03220c32f4b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0RhxsCDxma0QwZ_Rh3Qfjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0ZBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxAL8XC8ef1rF5vAhYl75zIpaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGRrpGRjGFxgAAO5hSxs"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0RhxsCDxma0QwZ_Rh3Qfjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 40ms
39ms Fetch
text/plain 2607:f8b0:4004:c17::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-L1DBY9CSNV&gtm=45je4cc1v9108883100za200&_p=1734260204300&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&ul=en-us&sr=1600x1200&cid=729795016.1734260204&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwibuh.com%2Featc%2F%3Fqbot.zip&dt=Laman%20tidak%20ditemukan%20-%20Wibuh&sid=1734260204&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5036
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L1DBY9CSNV&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wibuh.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 AGSKWxUKtzPya0rtflzOGac9fJpmPk6StmjCSBxwqe4GTgmXXY4Hg28qRCNZEKIxUehDbTpXud7yIZ3UbhacAHeOWGd7Qk8wiJNQ0CLYLNAxQj5d45DeVZDUdCVSkrR60WNFbUxiKeXT4w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 56ms
54ms Script
application/javascript 2607:f8b0:4004:c1f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUKtzPya0rtflzOGac9fJpmPk6StmjCSBxwqe4GTgmXXY4Hg28qRCNZEKIxUehDbTpXud7yIZ3UbhacAHeOWGd7Qk8wiJNQ0CLYLNAxQj5d45DeVZDUdCVSkrR60WNFbUxiKeXT4w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0MjYwMjA0LDcxMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93aWJ1aC5jb20vZWF0Yy8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38d29ed002c8c271748b9f8d80a30d4002fbd63e9351050de4a2fad0ee07a23e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-y0SY8r6msSBeGM_JF1Wkqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1JBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxAL8XC8ef1rF5vAhtatj5mUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAyNDI30DAzjCwwA8EFLLA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-y0SY8r6msSBeGM_JF1Wkqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 6F17 0
0 139ms
30ms Document
text/html 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wibuh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1586
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29117
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 15 Dec 2024 10:30:18 GMT
expires: Sun, 15 Dec 2024 11:20:18 GMT
last-modified: Mon, 09 Dec 2024 20:44:42 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWhgOUQNpnVyWpPENhvOhxZyRnzoNZMcyZzZZB_A6WXWYK0kJnTTTqfgtVOgDS53CHVSbuFx6MAheJat0afxSckoJGnJZxy9S1wpw9dHkqQD6ZPFWiQdFW3UzQSOgQGBlY79ZAJLQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 65ms
65ms Script
application/javascript 2607:f8b0:4004:c1f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWhgOUQNpnVyWpPENhvOhxZyRnzoNZMcyZzZZB_A6WXWYK0kJnTTTqfgtVOgDS53CHVSbuFx6MAheJat0afxSckoJGnJZxy9S1wpw9dHkqQD6ZPFWiQdFW3UzQSOgQGBlY79ZAJLQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0MjYwMjA0LDc4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd2lidWguY29tL2VhdGMvIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f6dfc816241c69c738c829bd16fddbb1aed73c81033f5b4fd3e3f664cca1b13

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DIXuHmFHdlBWg09xkCuEZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:44 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcLx5_WsXm8CJoys6mZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACnlkYZ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DIXuHmFHdlBWg09xkCuEZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 44ms
44ms Script
application/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"7e91359b46e1da637080a03b759164fa"
age: 3183
expires: Wed, 18 Dec 2024 10:56:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
via: 1.1 google
cf-ray: 8f25e8aa6e0b1906-EWR
server: cloudflare

GET
H3 200 web Show response
onesignal.com/api/v1/sync/58d726b2-7096-4ba3-98c2-5302223ef3df/ 3 KB
2 KB 298ms
227ms Script
text/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/58d726b2-7096-4ba3-98c2-5302223ef3df/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91c9e8125a8c8ec25a5f1dd236f02dc9ad6e0b31c4148a6c47df0e88392b16c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

x-request-id: 7a00cb29-4dbd-4462-8590-bb94f8d3281e
content-encoding: br
cf-cache-status: EXPIRED
etag: W/"91c9e8125a8c8ec25a5f1dd236f02dc9"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 11:56:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: text/javascript; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.048240
priority: u=3,i=?0
access-control-allow-headers: SDK-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=3600
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 google
cf-ray: 8f25e8ab9d9b41c6-EWR
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 yzx Show response
fundingchoicesmessages.google.com/f/AGSKWxWsg_ep2sGBF-eVFzUEvSddLaLptqt4jXmmOEwJcjlJw-tCJcGZq894HUoIdGMd-mdCuDoAnMtKOWDdNkhCi1rG_OgDwgHuwaB8_H4mJAttNrVYeptvVZQJWzv_5yXNuZmOKWMTmZ6VpepMnJOJsgFX6DdRH... 54 B
109 B 52ms
51ms Script
application/javascript 2607:f8b0:4004:c1f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWsg_ep2sGBF-eVFzUEvSddLaLptqt4jXmmOEwJcjlJw-tCJcGZq894HUoIdGMd-mdCuDoAnMtKOWDdNkhCi1rG_OgDwgHuwaB8_H4mJAttNrVYeptvVZQJWzv_5yXNuZmOKWMTmZ6VpepMnJOJsgFX6DdRHMnkYDRTgKHdTOczemJUFJJZnThfIIUo/_/css/ad./yzx?.com/adz//getfeaturedadsforshow./js_ads_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzvURqnN7XWAIROf2f0Q-7GMaIk_w/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87921e2ef14e9ec19c5ab1279caa35111aba74ceca8736601abc9342c1fc5078

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OYnd2OVv6mNegzOw56_y4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcLx9_WsXm0DD2QOvGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDAC0aUZX"
content-security-policy: script-src 'report-sample' 'nonce-OYnd2OVv6mNegzOw56_y4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
53 KB 54ms
54ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0433e7cb8f0a277985beb67c65acc50707af4d114dee201ae958a7ac886cc76e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: br
etag: 18306395594154459120
x-content-type-options: nosniff
expires: Sun, 15 Dec 2024 10:56:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53907
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWw5TbrEawX-erLD46sscrn1soeyH8cQ3lMMUxbSxtZiYf-BODSr4Pxm2p7J9HENESozcZ6LIMMpl5ByDokFqjWq1-8DCkXEy-SJDrznldgOng6cyCYMRfmZxWM7o2yLEq4BqyZLg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 126ms
52ms XHR
text/html 2607:f8b0:4004:c1f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWw5TbrEawX-erLD46sscrn1soeyH8cQ3lMMUxbSxtZiYf-BODSr4Pxm2p7J9HENESozcZ6LIMMpl5ByDokFqjWq1-8DCkXEy-SJDrznldgOng6cyCYMRfmZxWM7o2yLEq4BqyZLg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DXecG2-8nl7EnrSdkm5Txg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://wibuh.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfj7etfu9gENvR39TMpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDI0MjPQOz-AIDABINKxw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DXecG2-8nl7EnrSdkm5Txg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://wibuh.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWw5TbrEawX-erLD46sscrn1soeyH8cQ3lMMUxbSxtZiYf-BODSr4Pxm2p7J9HENESozcZ6LIMMpl5ByDokFqjWq1-8DCkXEy-SJDrznldgOng6cyCYMRfmZxWM7o2yLEq4BqyZLg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 74ms
52ms XHR
text/html 2607:f8b0:4004:c1f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWw5TbrEawX-erLD46sscrn1soeyH8cQ3lMMUxbSxtZiYf-BODSr4Pxm2p7J9HENESozcZ6LIMMpl5ByDokFqjWq1-8DCkXEy-SJDrznldgOng6cyCYMRfmZxWM7o2yLEq4BqyZLg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GsBY_KlMctuTTWQxc80OGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://wibuh.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfj7etfu9gEFvR86WVScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGACcZK2o"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GsBY_KlMctuTTWQxc80OGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://wibuh.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWw5TbrEawX-erLD46sscrn1soeyH8cQ3lMMUxbSxtZiYf-BODSr4Pxm2p7J9HENESozcZ6LIMMpl5ByDokFqjWq1-8DCkXEy-SJDrznldgOng6cyCYMRfmZxWM7o2yLEq4BqyZLg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
48ms XHR
text/html 2607:f8b0:4004:c1f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWw5TbrEawX-erLD46sscrn1soeyH8cQ3lMMUxbSxtZiYf-BODSr4Pxm2p7J9HENESozcZ6LIMMpl5ByDokFqjWq1-8DCkXEy-SJDrznldgOng6cyCYMRfmZxWM7o2yLEq4BqyZLg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iCvCVz7orALNwJkBXa7Tug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://wibuh.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfj7etfu9gEDjz7NJVJySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAABOyyvw"
content-security-policy: script-src 'report-sample' 'nonce-iCvCVz7orALNwJkBXa7Tug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://wibuh.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWw5TbrEawX-erLD46sscrn1soeyH8cQ3lMMUxbSxtZiYf-BODSr4Pxm2p7J9HENESozcZ6LIMMpl5ByDokFqjWq1-8DCkXEy-SJDrznldgOng6cyCYMRfmZxWM7o2yLEq4BqyZLg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 48ms
47ms XHR
text/html 2607:f8b0:4004:c1f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWw5TbrEawX-erLD46sscrn1soeyH8cQ3lMMUxbSxtZiYf-BODSr4Pxm2p7J9HENESozcZ6LIMMpl5ByDokFqjWq1-8DCkXEy-SJDrznldgOng6cyCYMRfmZxWM7o2yLEq4BqyZLg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sB9MFXuRq4E-Z_HyMNOIWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://wibuh.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfj7etfu9gEDsx5OJVJySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAA0jiuV"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sB9MFXuRq4E-Z_HyMNOIWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://wibuh.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXpnjM3TDiEAokKTMfKFm-MU7hBf-o8qwmrG_ldphN0TJBVibRQygoRdyLvSQYbRil0Oiw8Y8hOZMxS_tJtL1BySzqvUN8YjPwN11NiooaBek3Z8ppv-oiU41f74Jj-RWCzXWZAZA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 54ms
53ms Script
application/javascript 2607:f8b0:4004:c1f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXpnjM3TDiEAokKTMfKFm-MU7hBf-o8qwmrG_ldphN0TJBVibRQygoRdyLvSQYbRil0Oiw8Y8hOZMxS_tJtL1BySzqvUN8YjPwN11NiooaBek3Z8ppv-oiU41f74Jj-RWCzXWZAZA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0MjYwMjA1LDU1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93aWJ1aC5jb20vZWF0Yy8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57192332be8bce0835ee6195942af96b69343b04d530ce4b1c08e374c0064fda

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xrm8wPd9nHNuKHcMZYb5Dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcLx9_WsXm8CHnSdnMClpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAs-lGYw"
content-security-policy: script-src 'report-sample' 'nonce-xrm8wPd9nHNuKHcMZYb5Dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxV8t5OJIY9Xn8UTGORsKOGrlNRZsl_HsrhWL8pXksmVb5eCBE1YWpNUfAB04Qs73IQ9cS3ixHZ6UKEHIt0d0Y31S3m55lTzQWXGqHU5xRcV3kFaDhw2Gu0AnMqwrMGdzip29LLRUA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 60ms
59ms XHR
text/html 2607:f8b0:4004:c1f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV8t5OJIY9Xn8UTGORsKOGrlNRZsl_HsrhWL8pXksmVb5eCBE1YWpNUfAB04Qs73IQ9cS3ixHZ6UKEHIt0d0Y31S3m55lTzQWXGqHU5xRcV3kFaDhw2Gu0AnMqwrMGdzip29LLRUA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MlMEomEm0cMZ85krdjGPcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://wibuh.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1ZBiWMy_i8kpfQZrEBB_qL_M-gOIGb5eYeUAYiEejrevf-1iE-hY824bk5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTQyNNIzMIsvMAAA1k4tBA"
content-security-policy: script-src 'report-sample' 'nonce-MlMEomEm0cMZ85krdjGPcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://wibuh.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 404 favicon.ico
wibuh.com/ 796 B
1 KB 800ms
799ms Other
text/html 2606:4700:3036::ac43:b8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wibuh.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:b8b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/eatc/?qbot.zip

Response headers

content-encoding: zstd
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvpoIc8IZBoBXjiIcSg6WBoE7273T7VmXSFB7z2uMlmn%2BEuAjFpGKjZN2BwO4kNB9PMrxkq%2BC%2BMfstVzw3L1P7VEHfUQStlTCiEFJmgY0lAD0U5%2BLAu89srWS5%2FNX2yJgLagO%2BgD6dI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30651&min_rtt=23844&rtt_var=4600&sent=693&recv=154&lost=0&retrans=0&sent_bytes=750456&recv_bytes=22039&delivery_rate=432971&cwnd=208800&unsent_bytes=0&cid=d293e49841621d19&ts=5088&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 15 Dec 2024 10:56:46 GMT
content-type: text/html
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8f25e8ad38580f78-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 41ms
41ms Stylesheet
text/css 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://wibuh.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
age: 2955
expires: Tue, 14 Jan 2025 10:56:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 15 Dec 2024 10:56:45 GMT
content-type: text/css
vary: Accept-Encoding
priority: u=0,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=2592000
via: 1.1 google
cf-ray: 8f25e8ad4ea941c6-EWR
server: cloudflare

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wibuh.com/eatc	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
wibuh.com/	1970-01-21 01:45:46	Name: quadsAllowedCookie Value: 2
.onesignal.com/	1970-01-21 01:44:22	Name: __cf_bm Value: HgFDGgr7jQNsT7p4Vw70iJA9pX.2pOM2r.P.YyuR4fc-1734260204-1.0.1.1-oT_S7iqpPvD4TB0GMhvGljS3vZgxGrHBvHMkF8IwWxvrjQS2o7v_lram3p8cvyz4_PL57I.xU.9KhHyrugK3oQ
.wibuh.com/	1970-01-21 11:20:20	Name: _ga Value: GA1.2.729795016.1734260204
.wibuh.com/	1970-01-21 01:45:46	Name: _gid Value: GA1.2.696823396.1734260204
.wibuh.com/	1970-01-21 01:44:20	Name: _gat Value: 1
.wibuh.com/	1970-01-21 11:20:20	Name: _ga_L1DBY9CSNV Value: GS1.2.1734260204.1.0.1734260204.0.0.0
.wibuh.com/	1970-01-21 10:29:56	Name: FCNEC Value: %5B%5B%22AKsRol8lTow95KXeaVNAYp8HmeRjVzsuzA_RhZzEH5qmbD3nLPgCCsacCOE05O0rynz1JmXJPHilF6Rpn0AZRLSgs_ZwA5ZHUQ7WWxvll9kqACJ0luydlGqsbDLiwkfHN7Mf56mUQAG_4iJCD95RK9z5HjRmml2QQA%3D%3D%22%5D%5D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wibuh.com/eatc/?qbot.zip Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://wibuh.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
onesignal.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
wibuh.com
www.google-analytics.com
www.googletagmanager.com
2606:4700:3036::ac43:b8b5
2606:4700::6811:6fdf
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::71
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c1b::9a
2607:f8b0:4004:c1b::9b
2607:f8b0:4004:c1f::65
2607:f8b0:400d:c00::5e
0433e7cb8f0a277985beb67c65acc50707af4d114dee201ae958a7ac886cc76e
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
053de0a34eb1ab9a67d7ed0fc5f0a19b35dd8c3cfb3d43adceb731bb26bea35b
0ad1d672f200808c52abf20121de041de3f5599bd3663910a53f4c5ebcc76832
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0db80125881ba1f8798c8dccc4179650a745f6655369263e7199d6efab13c68a
0ded70ae93441c74670878eede2c328aa76419e66c7f5b0a11ad984e273ec56d
0f6dfc816241c69c738c829bd16fddbb1aed73c81033f5b4fd3e3f664cca1b13
1b689ea107bff2003a22621ce7681945bc4f3da4a52bf63eb3ecb97d65b758e7
1cb5601fc93651f740c92a275a0890552f9fbbee48486800c3a756738ebce4b8
23e47ed4ac89ef31b0aa01649c6244f112c1f07d166c193a2394e2409d7a7908
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2ae9f79cca5167b42c696e086e288394835a6523b2ee5b9dfaf77db11151323f
2c74749a433528af31be3ae74183a8a942e421f1229197da67268b20a5d09cec
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
38d29ed002c8c271748b9f8d80a30d4002fbd63e9351050de4a2fad0ee07a23e
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4f62b54a19795cb378378578ab458bc1c111ef3b9043a4143224d3ddf59fef04
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
566aa4e9bc6202729822728d29cbffe22d54a0c588ba79ca403ba71eb48c6c67
57192332be8bce0835ee6195942af96b69343b04d530ce4b1c08e374c0064fda
5c128083756cca5e530c120bc15a8770d266c9dabc2ec33c290dcef18e44af65
5e1c1b54360d1df72955d690ee50841244f8441aa4091a34b483d84cc0588cad
5e91dfc248f0772b3da9ffd2b0adfea692e6a273cc7230e2c6c1f2ebbf0dceb5
5f077d095b6b04c0998513f4a6573f93e7746dfb40054a2c0720c506d1f9d652
66e70ec2f6169104428ff479e397e5c515deca007d206097bda23a72b8467036
712f7eacd30bad1936384056becd79f91ac511849db17cdeaf8d52b0e05b3116
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
86bfffe981f72bc2724d8ec484a12f3abdb65ac8e75644a3072d793a83627155
87921e2ef14e9ec19c5ab1279caa35111aba74ceca8736601abc9342c1fc5078
8f333d64b8f38ddee5d21e744c75366b01c4793baf70966c930576ee453252d1
91c9e8125a8c8ec25a5f1dd236f02dc9ad6e0b31c4148a6c47df0e88392b16c2
925ac08767da94992a8a70ec5f3caa616c36e818056aa4cdc27a41fa0f3a1a2a
92fef5a7b6a22a570a9ec6221ea92ce23e360c15924085d7c83cabe27919150c
9699dd24938aa5663b5d42b4852b89be2cd99470131d0f9fd2b2217066895a1c
a04d47cc810feaae339079326ce1c82092993c411613e06c3698c69e830044fe
a818db199bb22276b4aaedf593151e149279ad0c96192ce0647ed4cde7754a2e
aefe1768c16f2f9f09e7188f3bda878a27b2bc8fc68667c490f4ac955ce92a46
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
c0da7f9cf34532c18039e01edad4592923ebb796ad92cf95f6cf2e197d77a76c
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400
c81c3f2d1be01c44248214591af694d96dafccfc422cd61c701df03220c32f4b
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cdbf35e3e0752c19afce9d00274db02cbb30ceebeb690e4e6b485d36d31428de
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
d9390a125ab238d13fb736a504428d4f453f5c02cbc7a33ad1dd24c35d16c96b
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4f4f0c20c55fa9b59c139af518439f9a951939bb7c6fb1d365898165a57474
e03cf0e9c201255a9e5cd40de95bb68f9ef2759f5ee64fbfc0238b4bbdba1b77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec0cb97ea0f267f09df4685c33349e0f87a361914fbc405f0a38ae6871b2f97c
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
f035218191e1c18890700da183ddb31272d3b93eef34459f8129e899e3c0b208
f0ae798964815b315381b682ceca834cc66b24c91e5736c8243df7f2e7974028
f22e1f643b9b97e06209d51252adb3d407265bf0c269d7392d318b4e1353c8fc
f46f797ed9f372fcf624d6792361bf3223d779cf514e583f17db46b0f5908def

wibuh.com Open in urlscan Pro 2606:4700:3036::ac43:b8b5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

100 %IPv6

9 Domains

10 Subdomains

10 IPs

1 Countries

1441 kBTransfer

3554 kBSize

8 Cookies

4 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wibuh.com Open in urlscan Pro
2606:4700:3036::ac43:b8b5 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

10
Subdomains

10
IPs

1
Countries

1441 kB
Transfer

3554 kB
Size

8
Cookies

66 HTTP transactions
0 data transactions