Submitted URL: http://0dayfans.com/
Effective URL: https://0dayfans.com/
Submission: On November 27 via manual from ES — Scanned from ES

Summary

This website contacted 17 IPs in 3 countries across 18 domains to perform 30 HTTP transactions. The main IP is 173.236.166.1, located in United States and belongs to DREAMHOST-AS, US. The main domain is 0dayfans.com.
TLS certificate: Issued by R3 on November 15th 2022. Valid for: 3 months.
This is the only time 0dayfans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 173.236.166.1 26347 (DREAMHOST-AS)
8 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.101.128.238 54113 (FASTLY)
2 2 151.101.64.238 54113 (FASTLY)
1 2607:f1c0:100... 8560 (IONOS-AS ...)
1 163.172.4.236 12876 (Online SAS)
2 172.67.71.28 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.208.175.26 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.196.191.243 15169 (GOOGLE)
1 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.199 2635 (AUTOMATTIC)
2 146.148.61.165 396982 (GOOGLE-CL...)
1 34.210.62.107 16509 (AMAZON-02)
1 2606:50c0:800... 54113 (FASTLY)
30 17
Apex Domain
Subdomains
Transfer
8 hackerone-user-content.com
profile-photos.hackerone-user-content.com
115 KB
3 squarespace-cdn.com
images.squarespace-cdn.com — Cisco Umbrella Rank: 6833
840 KB
3 0dayfans.com
0dayfans.com
63 KB
2 praetorian.com
www.praetorian.com
48 KB
2 detectify.com
labs.detectify.com
40 KB
2 mdsec.co.uk
www.mdsec.co.uk
125 KB
2 squarespace.com
static1.squarespace.com — Cisco Umbrella Rank: 7939
792 B
1 xdavidhu.me
bugs.xdavidhu.me
222 KB
1 doyensec.com
blog.doyensec.com
2 KB
1 nccgroup.com
research.nccgroup.com
66 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3604
3 KB
1 talosintelligence.com
talosintelligence.com — Cisco Umbrella Rank: 91362
2 KB
1 ssd-disclosure.com
ssd-disclosure.com
1 blogspot.com
googleprojectzero.blogspot.com — Cisco Umbrella Rank: 554656
796 B
1 synacktiv.com
www.synacktiv.com — Cisco Umbrella Rank: 739371
1 windows-internals.com
windows-internals.com
4 KB
1 chromium.org
bugs.chromium.org — Cisco Umbrella Rank: 326885
852 B
0 portswigger.net Failed
portswigger.net Failed
30 18
Domain Requested by
8 profile-photos.hackerone-user-content.com 0dayfans.com
3 images.squarespace-cdn.com 0dayfans.com
3 0dayfans.com 1 redirects 0dayfans.com
2 www.praetorian.com 0dayfans.com
2 labs.detectify.com 0dayfans.com
2 www.mdsec.co.uk 0dayfans.com
2 static1.squarespace.com 2 redirects
1 bugs.xdavidhu.me 0dayfans.com
1 blog.doyensec.com 0dayfans.com
1 research.nccgroup.com 0dayfans.com
1 i0.wp.com 0dayfans.com
1 talosintelligence.com 0dayfans.com
1 ssd-disclosure.com 0dayfans.com
1 googleprojectzero.blogspot.com 0dayfans.com
1 www.synacktiv.com 0dayfans.com
1 windows-internals.com 0dayfans.com
1 bugs.chromium.org 0dayfans.com
0 portswigger.net Failed 0dayfans.com
30 18
Subject Issuer Validity Valid
www.0dayfans.com
R3
2022-11-15 -
2023-02-13
3 months crt.sh
profile-photos.hackerone-user-content.com
Amazon
2022-05-16 -
2023-06-14
a year crt.sh
analysis.chromium.org
GTS CA 1D4
2022-10-09 -
2023-01-07
3 months crt.sh
*.squarespace-cdn.com
R3
2022-10-08 -
2023-01-06
3 months crt.sh
*.windows-internals.com
Encryption Everywhere DV TLS CA - G1
2022-09-30 -
2023-10-13
a year crt.sh
www.synacktiv.com
Gandi Standard SSL CA 2
2022-07-12 -
2023-08-12
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-18 -
2023-05-18
a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
ssd-disclosure.com
R3
2022-11-27 -
2023-02-25
3 months crt.sh
labs.detectify.com
R3
2022-11-11 -
2023-02-09
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
tls.automattic.com
R3
2022-10-25 -
2023-01-23
3 months crt.sh
www.praetorian.com
R3
2022-10-03 -
2023-01-01
3 months crt.sh
blog.doyensec.com
R3
2022-10-03 -
2023-01-01
3 months crt.sh
bugs.xdavidhu.me
R3
2022-10-23 -
2023-01-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://0dayfans.com/
Frame ID: 2A7024A173E9BD0395A3B0779A944AA1
Requests: 30 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://0dayfans.com/ HTTP 301
    https://0dayfans.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

30
Requests

90 %
HTTPS

35 %
IPv6

18
Domains

18
Subdomains

17
IPs

3
Countries

1532 kB
Transfer

1607 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://0dayfans.com/ HTTP 301
    https://0dayfans.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://static1.squarespace.com/static/5894c269e4fcb5e65a1ed623/58a5b38cb3db2bd67b608658/637d484bbd6d15315428d647/1669219121378/open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg?format=1500w HTTP 301
  • https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1669154896498-14S7352E5X47TG6YT1DA/open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg?content-type=image%2Fjpeg
Request Chain 20
  • https://static1.squarespace.com/static/5894c269e4fcb5e65a1ed623/58a5b38cb3db2bd67b608658/6372bce0c67b98581b79d19f/1669396089199/box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg?format=1500w HTTP 301
  • https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1668463847109-QCH2ZGMU7EIUV2BLY8JR/box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg?format=1500w&content-type=image%2Fjpeg

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
0dayfans.com/
Redirect Chain
  • http://0dayfans.com/
  • https://0dayfans.com/
78 KB
12 KB
Document
General
Full URL
https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.166.1 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-quack.wayne.dreamhost.com
Software
Apache /
Resource Hash
2ef2722e3b8c3a8f1f9f054c65c4a59260bf293c84fb69a2acff1a0b282ce904

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=600
content-encoding
gzip
content-type
text/html
date
Sun, 27 Nov 2022 21:39:53 GMT
etag
"13669-5ee6ba78c10aa-gzip"
expires
Sun, 27 Nov 2022 21:49:53 GMT
last-modified
Sun, 27 Nov 2022 03:50:23 GMT
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Content-Length
229
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 27 Nov 2022 21:39:53 GMT
Keep-Alive
timeout=5, max=100
Location
https://0dayfans.com/
Server
Apache
0dayfans.png
0dayfans.com/
50 KB
50 KB
Image
General
Full URL
https://0dayfans.com/0dayfans.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.166.1 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-quack.wayne.dreamhost.com
Software
Apache /
Resource Hash
06ffa99303d271bb3187ff293354c9cf034c36f22379fbbc340ce30ea834eed6

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 21:39:53 GMT
last-modified
Thu, 14 Oct 2021 02:16:17 GMT
server
Apache
etag
"c76f-5ce46a9ee052a"
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
51055
expires
Tue, 27 Dec 2022 21:39:53 GMT
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/F81QA4NLiRgbof5FRQvj1SJG/
9 KB
9 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/F81QA4NLiRgbof5FRQvj1SJG/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
593afcdb6871b6ca758f56e05fd591c0a8c899510b1d6b9f5322cedd3736ad09

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
EPo.jBeqBX2_r6K5rkrzyiGbEQBg6BSc
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1375
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
8717
last-modified
Wed, 07 Sep 2022 10:06:48 GMT
server
AmazonS3
etag
"be9ff4aea10212addbbdab036c52ce5d"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
ektrFxHkRDVVTVfiBSeY5Xl-Ca8GUSmYRbMcnBRaY8vsljbXXGzPSQ==
monorail.ico
bugs.chromium.org/static/images/
5 KB
852 B
Image
General
Full URL
https://bugs.chromium.org/static/images/monorail.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4a479ba20ba3647d60c6ce046c80c9705946caf1133293f5f60a4f96a83c5803

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 21:39:54 GMT
content-encoding
gzip
server
Google Frontend
etag
"LEVzHw"
content-type
image/vnd.microsoft.icon
x-cloud-trace-context
3cd9cba8635d207a58343cd041e2d933
cache-control
public, max-age=864000
expires
Wed, 07 Dec 2022 21:39:54 GMT
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/000/007/724/bb067434deef370d6a0b16c2cbbc030b57c75e92_original.png/
26 KB
26 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/000/007/724/bb067434deef370d6a0b16c2cbbc030b57c75e92_original.png/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac6d95f5da44533789a4f4f01a3321ef26c9303c21b446d6ce83b0434b0eefbe

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
42wBKckjJ1vHWn8BmfevBKezcK05U5nP
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
152
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
26361
last-modified
Wed, 07 Sep 2022 10:36:11 GMT
server
AmazonS3
etag
"4197714a118a00cf721cb19f1b31cf08"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
lvKEOxlUBWdN8R4CWg-MBEmMVgzfvrutRf7HAHLbcOw-J6Hk8KzEPg==
favicon.ico
images.squarespace-cdn.com/content/v1/5894c269e4fcb5e65a1ed623/1487670157237-HOXHMI54TA0SZP21OY7C/
604 B
934 B
Image
General
Full URL
https://images.squarespace-cdn.com/content/v1/5894c269e4fcb5e65a1ed623/1487670157237-HOXHMI54TA0SZP21OY7C/favicon.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed3f64e42bd5105f8e2ca81152c9eaf53ce5cdb92405f8ce455d3b2901472725

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits
271, 1
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
461377
x-cache
HIT, HIT
content-length
604
x-served-by
cache-iad-kcgs7200059-IAD, cache-mad22041-MAD
x-timer
S1669585194.061856,VS0,VE11
etag
CKOwjvzFiusCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg
images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1669154896498-14S7352E5X47TG6YT1DA/
Redirect Chain
  • https://static1.squarespace.com/static/5894c269e4fcb5e65a1ed623/58a5b38cb3db2bd67b608658/637d484bbd6d15315428d647/1669219121378/open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg?format=1500w
  • https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1669154896498-14S7352E5X47TG6YT1DA/open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg?content-type=image%2Fjpeg
559 KB
559 KB
Image
General
Full URL
https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1669154896498-14S7352E5X47TG6YT1DA/open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg?content-type=image%2Fjpeg
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Server
151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3d893694a1014649b173c43e04387439566f6f477fa3040e0b103ff18283bba

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits
30, 1
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
365988
x-cache
HIT, HIT
content-length
572020
x-served-by
cache-iad-kiad7000074-IAD, cache-mad22041-MAD
x-timer
S1669585194.085253,VS0,VE4
etag
CL7H0sfmwvsCEAE=
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly

Redirect headers

x-cache-hits
8, 1
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
365988
x-cache
HIT, HIT
x-contextid
FFIuWHqt/Edw44ScC
content-length
0
x-served-by
cache-dfw-kdfw8210095-DFW, cache-mad22020-MAD
pragma
cache
server
Squarespace
x-timer
S1669585194.049804,VS0,VE1
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
location
https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1669154896498-14S7352E5X47TG6YT1DA/open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg?content-type=image%2Fjpeg
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*, *
tracepoint
Fastly
w-logo-blue-white-bg.png
windows-internals.com/wp-includes/images/
4 KB
4 KB
Image
General
Full URL
https://windows-internals.com/wp-includes/images/w-logo-blue-white-bg.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2a4 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 21:39:54 GMT
last-modified
Thu, 11 Jun 2020 00:30:08 GMT
server
Apache
accept-ranges
bytes
etag
"1017-5a7c41014e5cd"
content-length
4119
content-type
image/png
favicon.ico
www.synacktiv.com/en/publications/sites/default/files/
0
0
Image
General
Full URL
https://www.synacktiv.com/en/publications/sites/default/files/favicon.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.4.236 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-4-236.rev.poneytelecom.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

favicon-16x16.png
www.mdsec.co.uk/wp-content/themes/mdsec/img/favicons/
540 B
1 KB
Image
General
Full URL
https://www.mdsec.co.uk/wp-content/themes/mdsec/img/favicons/favicon-16x16.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9254db01e89612f04becdc148d1688da8c8ac3bd21ce6193b9d72e88ffd99352

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 21:39:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6220
cf-polished
origSize=1058
content-length
540
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Jul 2020 08:39:01 GMT
server
cloudflare
etag
"422-5a9c1ce7c6317"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnydBKjJy%2Fykk99bKIJ862DIeZDbJtt7HB2mDJLPXFRkpCdCCMTUpqup3ZGvK%2FU9LwdGScNUxvwKropYth4fcV460q%2BRXHjq5nRZEJ%2F4RWA%2BbkJJd%2BW6hpJ8PyvOxygAyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770e04e87b48244a-ATL
tim-van-der-kuip-CPs2X8JYmS8-unsplash.jpg
www.mdsec.co.uk/wp-content/uploads/2019/11/
123 KB
124 KB
Image
General
Full URL
https://www.mdsec.co.uk/wp-content/uploads/2019/11/tim-van-der-kuip-CPs2X8JYmS8-unsplash.jpg
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d26a90e6a0f0bca579c50d8a55423f6ccb64cfe9a1777342f1abc05371dc2a04

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 21:39:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6220
cf-polished
degrade=85, origSize=145768
content-length
126260
cf-bgj
imgq:85,h2pri
last-modified
Sat, 27 Jun 2020 19:10:21 GMT
server
cloudflare
etag
"23968-5a91593bc2063"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BAJy9W0OV6cFfPkhJy0qKh9EE%2Bab3ppPTCHA0eZ1pH0YEdVIWjdhzV2WvO4YVEhJL3pPWKX4uOPnPdKqFU5yJvf8M%2BpivWa2fOsYM2pdT%2BQK6SqGG6Vh9BXBazT8S8oxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
770e04e87b4e244a-ATL
favicon.ico
googleprojectzero.blogspot.com/
4 KB
796 B
Image
General
Full URL
https://googleprojectzero.blogspot.com/favicon.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 21:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 27 Nov 2022 11:13:51 GMT
server
GSE
etag
W/"08b946aba2287897ff59ecc7e330e24ecc528c1f5d3f8abfb464a0220de0342e"
content-type
image/x-icon
cache-control
private, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
412
x-xss-protection
1; mode=block
expires
Sun, 27 Nov 2022 21:39:54 GMT
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/gbogkyyks4yd3ljs0znnj8j5uj4z/
1 KB
2 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/gbogkyyks4yd3ljs0znnj8j5uj4z/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
563b4ae747fb654828723bae95da3166853853ddfa3e3c87c31c2bc395d5dcd6

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
6C2gTaAomJHHEanIybbKR3Uzj9CV4qyk
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
151
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
1403
last-modified
Wed, 14 Sep 2022 06:07:35 GMT
server
AmazonS3
etag
"81333b1a7e6274e5304e37c29effbd23"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
jdWGv0d4fv7OxAMP1xDcpQ6F0m-ZO39YqTOwoaUX9CHJn-MicH9YMQ==
OnlytheD-icon.png
ssd-disclosure.com/wp-content/uploads/2020/01/
0
0
Image
General
Full URL
https://ssd-disclosure.com/wp-content/uploads/2020/01/OnlytheD-icon.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.175.26 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.175.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

favicon-01f90f6b94ec4cceb73079603f6ae4329ac68a00d055125fd7e998b2ce4d5556.ico
talosintelligence.com/assets/favicons/
15 KB
2 KB
Image
General
Full URL
https://talosintelligence.com/assets/favicons/favicon-01f90f6b94ec4cceb73079603f6ae4329ac68a00d055125fd7e998b2ce4d5556.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c9b25776778ff43873cf5ebde2e1ffcd0747ad1042ac5a5306cdde3ffca8cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 spaces-router (1ee3716bf5eb)
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 19 Apr 2022 15:41:15 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
3510
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
content-encoding
br
cache-control
public, max-age=7200
cf-ray
770e04e8987669f1-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 27 Nov 2022 23:39:54 GMT
favicon.ico
labs.detectify.com/wp-content/themes/detectify2.0.5/
1 KB
926 B
Image
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/favicon.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b3e83faeaebc9034cd9a31b47bf067a364d543f12ae387e07e541361d2e0d30a

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 21:39:54 GMT
content-encoding
br
last-modified
Fri, 06 May 2022 12:55:28 GMT
server
nginx
etag
W/"62751ac0-47e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=31536000
docker-automation.png
labs.detectify.com/wp-content/uploads/2022/11/
38 KB
39 KB
Image
General
Full URL
https://labs.detectify.com/wp-content/uploads/2022/11/docker-automation.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4a39554cff17ec3237e6ab6b1f5c31a5ffc6f7e3e7575bf63072b362017b5068

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 21:39:54 GMT
last-modified
Mon, 21 Nov 2022 15:30:15 GMT
server
nginx
etag
"637b9987-99b3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
39347
cropped-Gwl5Lrim_400x400-1.jpg
i0.wp.com/research.nccgroup.com/wp-content/uploads/2020/07/
2 KB
3 KB
Image
General
Full URL
https://i0.wp.com/research.nccgroup.com/wp-content/uploads/2020/07/cropped-Gwl5Lrim_400x400-1.jpg?fit=192%2C192&ssl=1
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ad8d0b0bf23676acf0b9b112a101d7d58281f8d9c7de415c02069ade5d7cc322
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc
HIT mad 6
date
Sun, 27 Nov 2022 21:39:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 15:15:17 GMT
server
nginx
etag
"98532f0c644d50aa"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://research.nccgroup.com/wp-content/uploads/2020/07/cropped-Gwl5Lrim_400x400-1.jpg>; rel="canonical"
content-length
2414
expires
Fri, 07 Apr 2023 03:15:17 GMT
DCD_WRITE_seq.png
research.nccgroup.com/wp-content/uploads/2022/11/
66 KB
66 KB
Image
General
Full URL
https://research.nccgroup.com/wp-content/uploads/2022/11/DCD_WRITE_seq.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.199 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
67ee77f8efc0ddea41e621b7cc5814dafe61ba830ccf7316a63074060e814e4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 21:39:54 GMT
strict-transport-security
max-age=31536000
x-ac
3.mad _atomic_dca BYPASS
last-modified
Mon, 07 Nov 2022 17:19:20 GMT
server
nginx
etag
"63693e18-106fe"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
67326
expires
Sun, 04 Dec 2022 21:39:54 GMT
cropped-Praetorian-Favicon-192x192.png
www.praetorian.com/wp-content/uploads/2021/01/
17 KB
17 KB
Image
General
Full URL
https://www.praetorian.com/wp-content/uploads/2021/01/cropped-Praetorian-Favicon-192x192.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
165.61.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
77760f63b467020b2e8c3cf855b21939850b7515c1060a75251de84f98b71ed4
Security Headers
Name Value
Content-Security-Policy frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 21:39:54 GMT
content-security-policy
frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
last-modified
Mon, 22 Mar 2021 21:57:06 GMT
server
nginx
etag
"605912b2-4265"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16997
Praetorian_OG.jpg
www.praetorian.com/wp-content/uploads/2021/01/
31 KB
31 KB
Image
General
Full URL
https://www.praetorian.com/wp-content/uploads/2021/01/Praetorian_OG.jpg
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.61.165 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
165.61.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
38041addf6bbaa7665d467f7279f3b2c63de23b3b8a946f07cd015b830c71d75
Security Headers
Name Value
Content-Security-Policy frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 21:39:54 GMT
content-security-policy
frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
last-modified
Wed, 01 Jun 2022 22:44:03 GMT
server
nginx
etag
"6297ebb3-7a70"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
31344
box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg
images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1668463847109-QCH2ZGMU7EIUV2BLY8JR/
Redirect Chain
  • https://static1.squarespace.com/static/5894c269e4fcb5e65a1ed623/58a5b38cb3db2bd67b608658/6372bce0c67b98581b79d19f/1669396089199/box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg...
  • https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1668463847109-QCH2ZGMU7EIUV2BLY8JR/box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg?format=1500w&content-typ...
280 KB
280 KB
Image
General
Full URL
https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1668463847109-QCH2ZGMU7EIUV2BLY8JR/box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg?format=1500w&content-type=image%2Fjpeg
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Server
151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95962718cdbe012aa14ede782b5821b8534f10df16982c71e367e71728d1e41d

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits
60, 1
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
362474
x-cache
HIT, HIT
content-length
286925
x-served-by
cache-iad-kcgs7200141-IAD, cache-mad22041-MAD
x-timer
S1669585194.480065,VS0,VE3
etag
CKiK+5fYrvsCEAE=
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly

Redirect headers

x-cache-hits
112, 1
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
186567
x-cache
HIT, HIT
x-contextid
a0mMYth6/q7cid1BN
content-length
0
x-served-by
cache-dfw-kdfw8210128-DFW, cache-mad22020-MAD
pragma
cache
server
Squarespace
x-timer
S1669585194.442685,VS0,VE8
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
location
https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1668463847109-QCH2ZGMU7EIUV2BLY8JR/box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg?format=1500w&content-type=image%2Fjpeg
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*, *
tracepoint
Fastly
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/000/000/041/a819f0d518a4854df667be26210167805f38a6a4_original.png/
10 KB
10 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/000/000/041/a819f0d518a4854df667be26210167805f38a6a4_original.png/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5c273801890ac84e2bd94f6abb1d159b21a01f2277de29280c2fc5d50115d10

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
EPOe7KA.MAZEdQ8XBrF_dwHK0a2wqNye
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
150
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
9852
last-modified
Wed, 07 Sep 2022 11:46:52 GMT
server
AmazonS3
etag
"52b04e71bc03d6fb9c883f68b293e821"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
0tfB8FBjhIjbkjLGRmcK-7djAloME7PVdhprUvLIDi-xinB5MfwiYw==
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/f0hovtq73f9ap815a0r1w42bocp4/
7 KB
7 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/f0hovtq73f9ap815a0r1w42bocp4/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
933e00aca47ad3993c20b274cee9437ca33e74bba568114ded7413e905505195

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
kABJcqr431GOekMAularGXy._fMGEP1y
date
Sun, 27 Nov 2022 21:15:42 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1780
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
7112
last-modified
Wed, 07 Sep 2022 10:34:56 GMT
server
AmazonS3
etag
"a30396e70145b423e66d22dceb171bdb"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
zR3wPGYUimI0mMSIFXeEePBAdo9rJvQ_ArWutBPUPGRXq6BZ-Taujg==
favicon.ico
portswigger.net/content/images/logos/
0
0

favicon.ico
blog.doyensec.com/public/images/
766 B
2 KB
Image
General
Full URL
https://blog.doyensec.com/public/images/favicon.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.210.62.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-62-107.us-west-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
506d0182002b5c2a4dd6c3306626b9134c73e10af4397e240a85c0f7d09cf167
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' https://asciinema.org https://www.youtube.com/; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://asciinema.org 'sha256-IfTJ3ylkYUuY050EeYWUukzHhA37rONax4Ajn5RyP9I=' 'sha256-fIbiUf9HBlAZgfz8XWmHCoX4UgpEfkQVgGtS09Khius=' 'sha256-a7aRVd+qYgVU1q/J7IyDSrCB0KYf+gV33uIGU6yfQEk=' 'sha256-mX+MLc5l9PzGBhV5+2N/YtEoycW+8cOqOFxi4hokniw=' 'sha256-y2eEyInA7iERp4AmBy+u4UeISPK8pzHlmlhq+bbiYJk=' 'sha256-y2eEyInA7iERp4AmBy+u4UeISPK8pzHlmlhq+bbiYJk=' 'sha256-4jfMrdVKephIxGBOU0wkku3t/DsIQkkRWyscH84Z5TE=' 'sha256-aRqJzrLIa2GUqGRmKaeQVoClbhbg+q4N+RihxsYC3oM='; connect-src 'self' https://www.google-analytics.com; img-src 'self' https://www.google-analytics.com https://imgs.xkcd.com/; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; form-action 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 21:39:54 GMT
Content-Security-Policy
default-src 'self'; frame-src 'self' https://asciinema.org https://www.youtube.com/; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://asciinema.org 'sha256-IfTJ3ylkYUuY050EeYWUukzHhA37rONax4Ajn5RyP9I=' 'sha256-fIbiUf9HBlAZgfz8XWmHCoX4UgpEfkQVgGtS09Khius=' 'sha256-a7aRVd+qYgVU1q/J7IyDSrCB0KYf+gV33uIGU6yfQEk=' 'sha256-mX+MLc5l9PzGBhV5+2N/YtEoycW+8cOqOFxi4hokniw=' 'sha256-y2eEyInA7iERp4AmBy+u4UeISPK8pzHlmlhq+bbiYJk=' 'sha256-y2eEyInA7iERp4AmBy+u4UeISPK8pzHlmlhq+bbiYJk=' 'sha256-4jfMrdVKephIxGBOU0wkku3t/DsIQkkRWyscH84Z5TE=' 'sha256-aRqJzrLIa2GUqGRmKaeQVoClbhbg+q4N+RihxsYC3oM='; connect-src 'self' https://www.google-analytics.com; img-src 'self' https://www.google-analytics.com https://imgs.xkcd.com/; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; form-action 'self'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Wed, 19 Oct 2022 08:54:00 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2fe-5eb5f598ba1fb"
X-Frame-Options
SAMEORIGIN
Content-Type
image/vnd.microsoft.icon
Connection
close
Accept-Ranges
bytes
Content-Length
766
X-XSS-Protection
1; mode=block
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/000/035/710/c1ae53147a025b33b7c8383200432c8b4a9b839a_original./
41 KB
41 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/000/035/710/c1ae53147a025b33b7c8383200432c8b4a9b839a_original./86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3a20c201413f111c80db3557b390c53647440cb08e77f11bb6dc7b4da46d232

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
tYHlM0BCwb89pekNuDHvTz6x0qVYWUlv
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
150
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
41726
last-modified
Wed, 07 Sep 2022 10:48:27 GMT
server
AmazonS3
etag
"b15946ddf6552f3e0d7728770c4c8d59"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
4HcXJaD3UNHJy85FxTXLspIBKZ81-s5yOunKNOtJ739gGwU_QXjOxA==
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/000/005/044/ba20ca159dad308d753710d2b8ae8dd665a60b80_original.png/
8 KB
8 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/000/005/044/ba20ca159dad308d753710d2b8ae8dd665a60b80_original.png/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47bcb7a4d0be49ce96455854bea56dd5210afdce191fe39ec34d336ba123c848

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
mRyKOm8jFWaUnt8DZz3BXRYy0NYWFHg_
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
150
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
8096
last-modified
Wed, 07 Sep 2022 10:52:58 GMT
server
AmazonS3
etag
"ce2bba43b42e4ec36342432518598aef"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
EC6qF4sbEP0VtNV937PsH5MXBBk4VlZFXcT3OGkfEr3MYdFX_ay_rA==
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/roYPkZznCDFmy4VGkFPnbDrc/
11 KB
11 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/roYPkZznCDFmy4VGkFPnbDrc/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffdfc37a81a587b41d74cefc90d4e6dbbf91a58c4f25354aeefffbfa706ea7d1

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
VKg.kJnwjN0woY8bO1dhNZ_jqWGRLJP2
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
150
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
10986
last-modified
Wed, 07 Sep 2022 10:08:49 GMT
server
AmazonS3
etag
"e720d3d75015eb1d8b115e57ea51f22b"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
c17ErQXgBbYrIca3yt6PBPysKmT5HDx64qmDuMlJK3lCsibUaIAkfA==
twitter-card.png
bugs.xdavidhu.me/assets/posts/2022-11-10-accidental-70k-google-pixel-lock-screen-bypass/
222 KB
222 KB
Image
General
Full URL
https://bugs.xdavidhu.me/assets/posts/2022-11-10-accidental-70k-google-pixel-lock-screen-bypass/twitter-card.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
f43a114b7e6b28c023618c866621c6919785bddd802aa9170d2b5f2df66da6e0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-fastly-request-id
9351e2523d7c39a513ea3fb0262513ffef1f9ddf
date
Sun, 27 Nov 2022 21:39:54 GMT
via
1.1 varnish
expires
Sun, 27 Nov 2022 17:57:38 GMT
age
497
x-cache
HIT
x-proxy-cache
MISS
content-length
227142
x-served-by
cache-mad22024-MAD
last-modified
Thu, 10 Nov 2022 18:44:02 GMT
server
GitHub.com
x-github-request-id
629A:13E8D:12F6012:1392A0C:6383A2BA
x-timer
S1669585195.576952,VS0,VE2
etag
"636d4672-37746"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
portswigger.net
URL
https://portswigger.net/content/images/logos/favicon.ico

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
portswigger.net/ Name: AWSALBTGCORS
Value: R38RnI2d63uCjb5Mb1vOeFVp4JQdFxpk7WLehVL4/GfqP0x8dQ+tTJuXVh7q4wWH4rHXrlzq9L1eGTLRUGHWBJeg7H+0NLk+VmIvMV6Mn4jQt9TmZmeRGLCnGY+0kNI79L1SkGocqtcpOpzCz95rKuvdxsVskOfQldAYvMXJDZL4
portswigger.net/ Name: AWSALBAPP-0
Value: _remove_
portswigger.net/ Name: AWSALBAPP-1
Value: _remove_
portswigger.net/ Name: AWSALBAPP-2
Value: _remove_
portswigger.net/ Name: AWSALBAPP-3
Value: _remove_

3 Console Messages

Source Level URL
Text
network error URL: https://www.synacktiv.com/en/publications/sites/default/files/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://portswigger.net/content/images/logos/favicon.ico
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameSite
network error URL: https://ssd-disclosure.com/wp-content/uploads/2020/01/OnlytheD-icon.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0dayfans.com
blog.doyensec.com
bugs.chromium.org
bugs.xdavidhu.me
googleprojectzero.blogspot.com
i0.wp.com
images.squarespace-cdn.com
labs.detectify.com
portswigger.net
profile-photos.hackerone-user-content.com
research.nccgroup.com
ssd-disclosure.com
static1.squarespace.com
talosintelligence.com
windows-internals.com
www.mdsec.co.uk
www.praetorian.com
www.synacktiv.com
portswigger.net
104.196.191.243
146.148.61.165
151.101.128.238
151.101.64.238
163.172.4.236
172.67.71.28
173.236.166.1
192.0.77.2
192.0.78.199
2600:9000:2057:1c00:4:4c7d:87c0:93a1
2606:4700::6811:3b4c
2606:50c0:8003::153
2607:f1c0:100f:f000::2a4
2a00:1450:4001:803::2001
2a00:1450:4001:811::2013
34.210.62.107
35.208.175.26
06ffa99303d271bb3187ff293354c9cf034c36f22379fbbc340ce30ea834eed6
2ef2722e3b8c3a8f1f9f054c65c4a59260bf293c84fb69a2acff1a0b282ce904
38041addf6bbaa7665d467f7279f3b2c63de23b3b8a946f07cd015b830c71d75
47bcb7a4d0be49ce96455854bea56dd5210afdce191fe39ec34d336ba123c848
49c9b25776778ff43873cf5ebde2e1ffcd0747ad1042ac5a5306cdde3ffca8cd
4a39554cff17ec3237e6ab6b1f5c31a5ffc6f7e3e7575bf63072b362017b5068
4a479ba20ba3647d60c6ce046c80c9705946caf1133293f5f60a4f96a83c5803
506d0182002b5c2a4dd6c3306626b9134c73e10af4397e240a85c0f7d09cf167
563b4ae747fb654828723bae95da3166853853ddfa3e3c87c31c2bc395d5dcd6
593afcdb6871b6ca758f56e05fd591c0a8c899510b1d6b9f5322cedd3736ad09
67ee77f8efc0ddea41e621b7cc5814dafe61ba830ccf7316a63074060e814e4d
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
77760f63b467020b2e8c3cf855b21939850b7515c1060a75251de84f98b71ed4
9254db01e89612f04becdc148d1688da8c8ac3bd21ce6193b9d72e88ffd99352
933e00aca47ad3993c20b274cee9437ca33e74bba568114ded7413e905505195
95962718cdbe012aa14ede782b5821b8534f10df16982c71e367e71728d1e41d
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
ac6d95f5da44533789a4f4f01a3321ef26c9303c21b446d6ce83b0434b0eefbe
ad8d0b0bf23676acf0b9b112a101d7d58281f8d9c7de415c02069ade5d7cc322
b3a20c201413f111c80db3557b390c53647440cb08e77f11bb6dc7b4da46d232
b3e83faeaebc9034cd9a31b47bf067a364d543f12ae387e07e541361d2e0d30a
d26a90e6a0f0bca579c50d8a55423f6ccb64cfe9a1777342f1abc05371dc2a04
d5c273801890ac84e2bd94f6abb1d159b21a01f2277de29280c2fc5d50115d10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d893694a1014649b173c43e04387439566f6f477fa3040e0b103ff18283bba
ed3f64e42bd5105f8e2ca81152c9eaf53ce5cdb92405f8ce455d3b2901472725
f43a114b7e6b28c023618c866621c6919785bddd802aa9170d2b5f2df66da6e0
ffdfc37a81a587b41d74cefc90d4e6dbbf91a58c4f25354aeefffbfa706ea7d1