urlscan.io logo urlscan.io
SecurityTrails logo

gbhackers.com Open in urlscan Pro
172.233.149.136  Public Scan

Go To Rescan Add Verdict Report
URL: https://gbhackers.com/zerofont-phishing/
Submission: On October 08 via manual from SV — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 61 HTTP transactions. The main IP is 172.233.149.136, located in Los Angeles, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is gbhackers.com.
TLS certificate: Issued by R11 on September 2nd 2024. Valid for: 3 months.
This is the only time gbhackers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 172.233.149.136 63949 (AKAMAI-LI...)
1 1 192.0.77.2 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 142.250.185.162 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
13 172.217.18.3 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.181.238 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
61 10
31    172.233.149.136 (Los Angeles, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-233-149-136.ip.linodeusercontent.com
gbhackers.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i3.wp.com
2    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pagead2.googlesyndication.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
13    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
fonts.gstatic.com
2    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
fundingchoicesmessages.google.com
1    2607:f8b0:402a:80d::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
31 gbhackers.com
gbhackers.com
383 KB
14 gstatic.com
fonts.gstatic.com
csi.gstatic.com
389 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
243 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
130 KB
3 wp.com
i3.wp.com — Cisco Umbrella Rank: 49370
stats.wp.com — Cisco Umbrella Rank: 3409
pixel.wp.com — Cisco Umbrella Rank: 3394
4 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
9 KB
2 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10512
173 KB
61 7
Domain Requested by
31 gbhackers.com gbhackers.com
13 fonts.gstatic.com fonts.googleapis.com
gbhackers.com
6 pagead2.googlesyndication.com gbhackers.com
pagead2.googlesyndication.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 fonts.googleapis.com gbhackers.com
2 blogger.googleusercontent.com gbhackers.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 pixel.wp.com gbhackers.com
1 stats.wp.com gbhackers.com
1 i3.wp.com 1 redirects
61 10
Subject Issuer Validity Valid
www.gbhackers.com
R11		 2024-09-02 -
2024-12-01		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gbhackers.com/zerofont-phishing/
Frame ID: 3F3BE633614EB37C458CB335D4F1106C
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ZeroFont Phishing-Hackers Manipulates Font Size to Bypass Office

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

98 %
HTTPS

40 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

1329 kB
Transfer

3844 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://i3.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5PB3O8xYbSa1oHdjV-dXqMqTKSavMya4icmZn19rNdAxRZQBhVXCD6zKgt6TJl-lNgk_Sk-8RmSo7AZTIHVKjMKv_fi8eXyZT5f1eiMwe5N514nqfSyaQ8Zh45qLOAhLXJ0rgOlMrgHkGKE6rzmYs6NSgNBwAurk7JtzMuGhT1nvZweRtFX_MSziXU4mv/s1600/ZeroFont%20Phishing-1.webp?w=696&resize=696,0&ssl=1 HTTP 302
  • https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5PB3O8xYbSa1oHdjV-dXqMqTKSavMya4icmZn19rNdAxRZQBhVXCD6zKgt6TJl-lNgk_Sk-8RmSo7AZTIHVKjMKv_fi8eXyZT5f1eiMwe5N514nqfSyaQ8Zh45qLOAhLXJ0rgOlMrgHkGKE6rzmYs6NSgNBwAurk7JtzMuGhT1nvZweRtFX_MSziXU4mv/s1600/ZeroFont%20Phishing-1.webp

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gbhackers.com/zerofont-phishing/ 		256 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
b93223852889ea4d29e26e0a010a67dc285d3bfadd86f91d3bb8fe2b1a7c2b2d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
public, max-age=0
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Tue, 08 Oct 2024 21:48:20 GMT
expires
Tue, 08 Oct 2024 21:28:23 GMT
link
<https://gbhackers.com/wp-json/>; rel="https://api.w.org/" <https://gbhackers.com/wp-json/wp/v2/posts/76527>; rel="alternate"; title="JSON"; type="application/json" <https://gbhackers.com/?p=76527>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding,User-Agent,Accept-Encoding
x-dns-prefetch-control
on
x-litespeed-cache
hit
x-pingback
https://gbhackers.com/xmlrpc.php
ZeroFont%20Phishing-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5PB3O8xYbSa1oHdjV-dXqMqTKSavMya4icmZn19rNdAxRZQBhVXCD6zKgt6TJl-lNgk_Sk-8RmSo7AZTIHVKjMKv_fi8eXyZT5f1eiMwe5N514nqfSyaQ8Zh45qLOAhLXJ0rgOlMrgHkGKE6r...
Redirect Chain
  • https://i3.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5PB3O8xYbSa1oHdjV-dXqMqTKSavMya4icmZn19rNdAxRZQBhVXCD6zKgt6TJl-lNgk_Sk-8RmSo7AZTIHVKjMKv_fi8eXyZT5f1eiMwe5N514nqfSyaQ8Zh45qLOAh...
  • https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5PB3O8xYbSa1oHdjV-dXqMqTKSavMya4icmZn19rNdAxRZQBhVXCD6zKgt6TJl-lNgk_Sk-8RmSo7AZTIHVKjMKv_fi8eXyZT5f1eiMwe5N514nqfSyaQ8Zh45qLOAhLXJ0rgOlMr...
100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5PB3O8xYbSa1oHdjV-dXqMqTKSavMya4icmZn19rNdAxRZQBhVXCD6zKgt6TJl-lNgk_Sk-8RmSo7AZTIHVKjMKv_fi8eXyZT5f1eiMwe5N514nqfSyaQ8Zh45qLOAhLXJ0rgOlMrgHkGKE6rzmYs6NSgNBwAurk7JtzMuGhT1nvZweRtFX_MSziXU4mv/s1600/ZeroFont%20Phishing-1.webp
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
929ccae489edd14054ea572e2a6c5b8015e38fe7fc18f54c0acc58ec59915b4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v5f8"
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 21:48:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102371
date
Tue, 08 Oct 2024 21:48:21 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="ZeroFont Phishing-1.jpg"

Redirect headers

alt-svc
h3=":443"; ma=86400
location
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5PB3O8xYbSa1oHdjV-dXqMqTKSavMya4icmZn19rNdAxRZQBhVXCD6zKgt6TJl-lNgk_Sk-8RmSo7AZTIHVKjMKv_fi8eXyZT5f1eiMwe5N514nqfSyaQ8Zh45qLOAhLXJ0rgOlMrgHkGKE6rzmYs6NSgNBwAurk7JtzMuGhT1nvZweRtFX_MSziXU4mv/s1600/ZeroFont Phishing-1.webp
content-length
138
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/html
server
nginx
b07551821deafed18860688967539e97.css
gbhackers.com/wp-content/litespeed/css/ 		110 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/css/b07551821deafed18860688967539e97.css?ver=d615d
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
c87d5b8432db51d821cbfe3dc9caa4e3626a9ffc84cb0a2f495b9bdb67094530
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31536000,public
content-encoding
br
expires
Wed, 08 Oct 2025 21:48:20 GMT
accept-ranges
bytes
content-length
13855
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
7a094d7f8e2c386f14fee69e7794002b.css
gbhackers.com/wp-content/litespeed/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/css/7a094d7f8e2c386f14fee69e7794002b.css?ver=6a393
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31536000,public
content-encoding
br
expires
Wed, 08 Oct 2025 21:48:20 GMT
accept-ranges
bytes
content-length
2404
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
3bf9892e971db026ebc7f0a5a5050d05.css
gbhackers.com/wp-content/litespeed/css/ 		4 KB
1016 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/css/3bf9892e971db026ebc7f0a5a5050d05.css?ver=a6570
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31536000,public
content-encoding
br
expires
Wed, 08 Oct 2025 21:48:20 GMT
accept-ranges
bytes
content-length
982
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
c31f820e1c0ed5aeebb8bb3728e10ace.css
gbhackers.com/wp-content/litespeed/css/ 		36 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/css/c31f820e1c0ed5aeebb8bb3728e10ace.css?ver=b3280
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
2b21b7c7ec3443ebab917b103edd597007d931907af2d40c4a82a99cfd590917
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31536000,public
content-encoding
br
expires
Wed, 08 Oct 2025 21:48:20 GMT
accept-ranges
bytes
content-length
4482
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
css
fonts.googleapis.com/ 		38 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRed+Hat+Display%3A400%2C700%2C500%7CArchivo+Black%3A800%2C900%2C400%7CEpilogue%3A700%2C500%2C400%2C900%7CMerriweather%3A500%2C400%7CMontserrat%3A700%2C500%2C400%7CPoppins%3A700%2C400&display=swap&ver=12.6.7
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
03eb35d2c61e33914021a31744442ff745d86e5d9ae88e0a549d505b545ca92a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 08 Oct 2024 21:48:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 08 Oct 2024 21:48:20 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
691c3ba3ac01630b037f67e0e776d9d5.css
gbhackers.com/wp-content/litespeed/css/ 		41 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/css/691c3ba3ac01630b037f67e0e776d9d5.css?ver=9f940
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
15c07f47a6f51ed692f07d65591c90bb3680819004127e75eebd70875450c2ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31536000,public
content-encoding
br
expires
Wed, 08 Oct 2025 21:48:20 GMT
accept-ranges
bytes
content-length
6771
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
c6a1c558f9599505e674dc121522b8d2.css
gbhackers.com/wp-content/litespeed/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/css/c6a1c558f9599505e674dc121522b8d2.css?ver=acbad
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
2e1030c78c1588b14fdb72127a80608c6294b42576cdc02f2c64d7442bcc1217
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31536000,public
content-encoding
br
expires
Wed, 08 Oct 2025 21:48:20 GMT
accept-ranges
bytes
content-length
6349
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
3634cf0217589f9ac478a28ad0aa8ec4.css
gbhackers.com/wp-content/litespeed/css/ 		112 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/css/3634cf0217589f9ac478a28ad0aa8ec4.css?ver=bb57b
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
2f28c5710691981e0160a6bc8a244129aa23f9b3a991b68c8a84abe065dd685f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31536000,public
content-encoding
br
expires
Wed, 08 Oct 2025 21:48:20 GMT
accept-ranges
bytes
content-length
19428
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
568c797d9a70722a4d648f956f12702e.css
gbhackers.com/wp-content/litespeed/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/css/568c797d9a70722a4d648f956f12702e.css?ver=4e459
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
a61c9de0f6bc257a78ae119aa597966463d282de64aa3e12b52c8f825b1a49ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31536000,public
content-encoding
br
expires
Wed, 08 Oct 2025 21:48:20 GMT
accept-ranges
bytes
content-length
21219
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
2e97590493d4e9d98dbf42dad3a70813.css
gbhackers.com/wp-content/litespeed/css/ 		518 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/css/2e97590493d4e9d98dbf42dad3a70813.css?ver=7cea0
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
db7dca634a48eb7d3800096b7572b93bdf59ed2b20c03fd7f2fe54af3aa00b58
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31536000,public
content-encoding
br
expires
Wed, 08 Oct 2025 21:48:20 GMT
accept-ranges
bytes
content-length
46183
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
d70781104619c8043391f015873e7343.css
gbhackers.com/wp-content/litespeed/css/ 		41 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/css/d70781104619c8043391f015873e7343.css?ver=c0eca
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
75c578ded4b90dda40b2f2f2b6bf353913eba7ba8dd39b5f85911fb1a9a0cd7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31536000,public
content-encoding
br
expires
Wed, 08 Oct 2025 21:48:20 GMT
accept-ranges
bytes
content-length
6511
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
jquery.min.js
gbhackers.com/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
29744
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 29 Aug 2023 03:44:24 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
44a8438280a25fc2bef30c67fe80af6b.js
gbhackers.com/wp-content/litespeed/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/44a8438280a25fc2bef30c67fe80af6b.js?ver=2e1f4
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
bcd8482491d261c223749a5b352d5f29eea4560d9dd7bfa030dc270327c37eee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
4678
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5372786174760228&host=ca-host-pub-2644536267352236
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
d6fb22f69d5f1cefc560e23bbf3c950325993c104f573bb9a61f13153b19cf98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://gbhackers.com/

Response headers

content-encoding
br
etag
5771080820877736784
x-content-type-options
nosniff
expires
Tue, 08 Oct 2024 21:48:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
54086
x-xss-protection
0
server
cafe
88abcef607d2b87dee895ff8396d0658.js
gbhackers.com/wp-content/litespeed/js/ 		156 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/88abcef607d2b87dee895ff8396d0658.js?ver=ead09
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
0df69d80c44e57c96aedb642a255f3736d9cc4452c65fdc2c32b1aa8ebe80a6b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
37224
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
b1a5d33cce53f54215980fc4881a15e1.js
gbhackers.com/wp-content/litespeed/js/ 		2 KB
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/b1a5d33cce53f54215980fc4881a15e1.js?ver=dce7b
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
c0cfe8485ae2c57d73ef414f5adea8de39e053f0973470e27d0f195ca00a01b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
564
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
d789a240323eb11e8d891d09652cacb4.js
gbhackers.com/wp-content/litespeed/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/d789a240323eb11e8d891d09652cacb4.js?ver=c6efb
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
266bdd903d41099a4128590129e71f4199670d18cfaafc71010837b9743adce1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
833
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
1784195217b92a4a0d688471923e1bfa.js
gbhackers.com/wp-content/litespeed/js/ 		9 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/1784195217b92a4a0d688471923e1bfa.js?ver=8be21
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
efb4dff53839a3d167e17bfb20955e799f4791e12d2c2a2a0344fa6cfd722969
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
1213
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
20fe1466ec961d6814f53fba3f79a3e2.js
gbhackers.com/wp-content/litespeed/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/20fe1466ec961d6814f53fba3f79a3e2.js?ver=e79b8
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
58a34a98a2d0b2823ca5b8d3602c02efa1ba0364d3bdb4549499cfb4f594a2f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
1229
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
686ee657c2c36e1c7c77a1805f3b498d.js
gbhackers.com/wp-content/litespeed/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/686ee657c2c36e1c7c77a1805f3b498d.js?ver=b57fe
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
6eabe6fc9af525bfe45c37f58a1265a4675c0213817a9249bc2d253049b9c649
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
7181
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
840feff4e5b2adbe27dca9baa3cb971a.js
gbhackers.com/wp-content/litespeed/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/840feff4e5b2adbe27dca9baa3cb971a.js?ver=2bb96
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
fbf2f8b0bcafcdfc47f42dfeacb7e877b927a78cc77f62d0ed9bdee2a2206bbf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
3334
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
e-202441.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202441.js
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-nc
HIT ams
etag
W/14421-1717166113627.1218
x-minify
t
x-minify-cache
hit
access-control-allow-methods
GET, HEAD
expires
Sun, 05 Oct 2025 05:30:37 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
948ee26f370f8f0ca7d5290060ea7d42.js
gbhackers.com/wp-content/litespeed/js/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/948ee26f370f8f0ca7d5290060ea7d42.js?ver=701f2
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
e185204fa23df0a129c6a5ac7e95b3254ee81a1def15b4d87aa489219fc183d7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
5825
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
f3d9b166560ed7f3fa85206f6886547e.js
gbhackers.com/wp-content/litespeed/js/ 		1 KB
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/f3d9b166560ed7f3fa85206f6886547e.js?ver=b39e5
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
cbf348e09ccb8df23ba4223cfd092f016b9d2fa4ff7a9e992fa5e063386d9691
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
528
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
33b01e728630fe3118f6cc64566cb16c.js
gbhackers.com/wp-content/litespeed/js/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/33b01e728630fe3118f6cc64566cb16c.js?ver=fa99a
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
d9ab311361c61b2e075141b7233aa73fdd6c8e7db46bf5dd3b1b722a81bc3375
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
1330
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
aaedd9e0d412d576285907b552682398.js
gbhackers.com/wp-content/litespeed/js/ 		3 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/aaedd9e0d412d576285907b552682398.js?ver=849db
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
aa0b2f74620ebffe8753db7c2b2fbad1f1621b3941d48ff3fc486f894ed4445d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
922
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
41001ba4f211ee15a6de905452c3a0eb.js
gbhackers.com/wp-content/litespeed/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/41001ba4f211ee15a6de905452c3a0eb.js?ver=06519
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
3937aadc3da0b60a044d7575203313e11cf5822e3c800da09e2e15d00acf60df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
2901
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
9b803e65a8022c079ab7a394c2aee836.js
gbhackers.com/wp-content/litespeed/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/9b803e65a8022c079ab7a394c2aee836.js?ver=c1dc2
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
a0893023bcc1c627f43f92e6393d5f788b8cc5fd26bfa6c615b5b3fff62fd273
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
1691
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
5814fcddf60283f687967243da775c5a.js
gbhackers.com/wp-content/litespeed/js/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/litespeed/js/5814fcddf60283f687967243da775c5a.js?ver=4fa48
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
28823be416bfac3982cc25b99d05ba703c0a060bd49ecc8405d53b73889bc1fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600,public
content-encoding
br
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
content-length
1955
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 08 Oct 2024 21:48:14 GMT
vary
Accept-Encoding,User-Agent,Accept-Encoding
server
LiteSpeed
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
fonts.gstatic.com/s/redhatdisplay/v19/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRed+Hat+Display%3A400%2C700%2C500%7CArchivo+Black%3A800%2C900%2C400%7CEpilogue%3A700%2C500%2C400%2C900%7CMerriweather%3A500%2C400%7CMontserrat%3A700%2C500%2C400%7CPoppins%3A700%2C400&display=swap&ver=12.6.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://fonts.googleapis.com/

Response headers

age
84844
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 22:14:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 22:14:16 GMT
last-modified
Thu, 24 Aug 2023 21:14:00 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
29072
x-xss-protection
0
server
sffe
newspaper.woff
gbhackers.com/wp-content/themes/Newspaper/images/icons/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?23
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/wp-content/litespeed/css/3634cf0217589f9ac478a28ad0aa8ec4.css?ver=bb57b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://gbhackers.com/wp-content/litespeed/css/3634cf0217589f9ac478a28ad0aa8ec4.css?ver=bb57b

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
33904
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
font/woff
last-modified
Fri, 30 Aug 2024 06:16:30 GMT
server
LiteSpeed
vary
User-Agent,Accept-Encoding
HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2
fonts.gstatic.com/s/archivoblack/v21/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/archivoblack/v21/HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRed+Hat+Display%3A400%2C700%2C500%7CArchivo+Black%3A800%2C900%2C400%7CEpilogue%3A700%2C500%2C400%2C900%7CMerriweather%3A500%2C400%7CMontserrat%3A700%2C500%2C400%7CPoppins%3A700%2C400&display=swap&ver=12.6.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
25f33e61cf995abd6be62931cf03bf427286259177b43618cc410ee0157cfd30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://fonts.googleapis.com/

Response headers

age
14135
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 17:52:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 17:52:45 GMT
last-modified
Thu, 24 Aug 2023 21:16:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18604
x-xss-protection
0
server
sffe
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRed+Hat+Display%3A400%2C700%2C500%7CArchivo+Black%3A800%2C900%2C400%7CEpilogue%3A700%2C500%2C400%2C900%7CMerriweather%3A500%2C400%7CMontserrat%3A700%2C500%2C400%7CPoppins%3A700%2C400&display=swap&ver=12.6.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://fonts.googleapis.com/

Response headers

age
91083
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 20:30:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 20:30:17 GMT
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33092
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRed+Hat+Display%3A400%2C700%2C500%7CArchivo+Black%3A800%2C900%2C400%7CEpilogue%3A700%2C500%2C400%2C900%7CMerriweather%3A500%2C400%7CMontserrat%3A700%2C500%2C400%7CPoppins%3A700%2C400&display=swap&ver=12.6.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://fonts.googleapis.com/

Response headers

age
47325
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:39:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:39:35 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRed+Hat+Display%3A400%2C700%2C500%7CArchivo+Black%3A800%2C900%2C400%7CEpilogue%3A700%2C500%2C400%2C900%7CMerriweather%3A500%2C400%7CMontserrat%3A700%2C500%2C400%7CPoppins%3A700%2C400&display=swap&ver=12.6.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://fonts.googleapis.com/

Response headers

age
49745
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 07:59:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 07:59:15 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRed+Hat+Display%3A400%2C700%2C500%7CArchivo+Black%3A800%2C900%2C400%7CEpilogue%3A700%2C500%2C400%2C900%7CMerriweather%3A500%2C400%7CMontserrat%3A700%2C500%2C400%7CPoppins%3A700%2C400&display=swap&ver=12.6.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://fonts.googleapis.com/

Response headers

age
55593
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 06:21:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 06:21:47 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRed+Hat+Display%3A400%2C700%2C500%7CArchivo+Black%3A800%2C900%2C400%7CEpilogue%3A700%2C500%2C400%2C900%7CMerriweather%3A500%2C400%7CMontserrat%3A700%2C500%2C400%7CPoppins%3A700%2C400&display=swap&ver=12.6.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://fonts.googleapis.com/

Response headers

age
79878
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 23:37:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 23:37:02 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRed+Hat+Display%3A400%2C700%2C500%7CArchivo+Black%3A800%2C900%2C400%7CEpilogue%3A700%2C500%2C400%2C900%7CMerriweather%3A500%2C400%7CMontserrat%3A700%2C500%2C400%7CPoppins%3A700%2C400&display=swap&ver=12.6.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://fonts.googleapis.com/

Response headers

age
53360
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 06:59:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 06:59:00 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
fontawesome-webfont.woff2
gbhackers.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/wp-content/litespeed/css/c6a1c558f9599505e674dc121522b8d2.css?ver=acbad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://gbhackers.com/wp-content/litespeed/css/c6a1c558f9599505e674dc121522b8d2.css?ver=acbad

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=31557600
expires
Thu, 09 Oct 2025 03:48:20 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
date
Tue, 08 Oct 2024 21:48:20 GMT
content-type
font/woff2
last-modified
Fri, 30 Aug 2024 06:17:12 GMT
server
LiteSpeed
vary
User-Agent,Accept-Encoding
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRed+Hat+Display%3A400%2C700%2C500%7CArchivo+Black%3A800%2C900%2C400%7CEpilogue%3A700%2C500%2C400%2C900%7CMerriweather%3A500%2C400%7CMontserrat%3A700%2C500%2C400%7CPoppins%3A700%2C400&display=swap&ver=12.6.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://fonts.googleapis.com/

Response headers

age
48877
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:13:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:13:43 GMT
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20028
x-xss-protection
0
server
sffe
O4ZRFGj5hxF0EhjimlIksgg.woff2
fonts.gstatic.com/s/epilogue/v17/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/epilogue/v17/O4ZRFGj5hxF0EhjimlIksgg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRed+Hat+Display%3A400%2C700%2C500%7CArchivo+Black%3A800%2C900%2C400%7CEpilogue%3A700%2C500%2C400%2C900%7CMerriweather%3A500%2C400%7CMontserrat%3A700%2C500%2C400%7CPoppins%3A700%2C400&display=swap&ver=12.6.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
b04ad9bd13dad8818015a0225db1c058bb93ebc88c53fb7785ef4d7d7e0505b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://fonts.googleapis.com/

Response headers

age
48424
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:21:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:21:16 GMT
last-modified
Mon, 20 Mar 2023 20:28:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33172
x-xss-protection
0
server
sffe
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5372786174760228&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e6ceda656eb18354764f5c3d34e18cdd03af426ccbe766e6f76b7497ae25dc49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

content-encoding
br
etag
3064556673665679995
x-content-type-options
nosniff
expires
Tue, 08 Oct 2024 21:48:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 08 Oct 2024 21:48:21 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
31872
x-xss-protection
0
server
cafe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/ 		409 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5372786174760228&plah=gbhackers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5372786174760228&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ac3b655ac2b9355f6e9b45f9ba9a7dd1c8170762a8c2dee4b0973ed046f34377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

content-encoding
br
etag
7294221960389551392
x-content-type-options
nosniff
expires
Tue, 08 Oct 2024 21:48:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 08 Oct 2024 21:48:21 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
139544
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1458196621474765&num=0&dvc=0&eid=44759875%2C44759926%2C44759842%2C95331687%2C95333409%2C95341937%2C95343454%2C31061691
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 08 Oct 2024 21:48:21 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=236592110&post=76527&tz=0&srv=gbhackers.com&j=1%3A13.7&host=gbhackers.com&ref=&fcp=1321&rand=0.7309984636547464
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

cache-control
no-cache
access-control-allow-origin
*
content-length
50
alt-svc
h3=":443"; ma=86400
date
Tue, 08 Oct 2024 21:48:21 GMT
content-type
image/gif
server
nginx
ca-pub-5372786174760228
fundingchoicesmessages.google.com/i/ 		200 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5372786174760228?href=https%3A%2F%2Fgbhackers.com%2Fzerofont-phishing&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5372786174760228&plah=gbhackers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22b4d43fb1718837ae933de7a5ade56fdd76cf404f32c55f06dc035bd188ebcf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bhBn9dFSdkbhhKgwkerCvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 21:48:21 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XAsvThtB5tAx8z75xiVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDMz1DAzjCwwARdxKaw"
content-security-policy
script-src 'report-sample' 'nonce-bhBn9dFSdkbhhKgwkerCvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
rum_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20241007/r20190131/ 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241007/r20190131/rum_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5372786174760228&plah=gbhackers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ed8e01eff86f6c07b4174cf04983d233a769e9a47a6596056dddd9c8b565c641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

content-encoding
br
etag
14277479153470551099
age
1123
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 21:29:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 08 Oct 2024 21:29:38 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
22659
x-xss-protection
0
server
cafe
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5372786174760228&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gbhackers.com/

Response headers
AGSKWxWwepKJEQxKnqABoID8YVlhcFrdFTQvXoD24JhYjAb9P5PgL1dbsX0aIFRi7Ba9hT7ww5mdJy0qvflh6WVy1rsQ153ZuuuMmNw_JJp57oGSW5tDtC3gYCzQ1w64E1SGfi6ICbPMbA==
fundingchoicesmessages.google.com/f/ 		427 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWwepKJEQxKnqABoID8YVlhcFrdFTQvXoD24JhYjAb9P5PgL1dbsX0aIFRi7Ba9hT7ww5mdJy0qvflh6WVy1rsQ153ZuuuMmNw_JJp57oGSW5tDtC3gYCzQ1w64E1SGfi6ICbPMbA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4NDI0MTAxLDU1OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nYmhhY2tlcnMuY29tL3plcm9mb250LXBoaXNoaW5nLyIsbnVsbCxbWzgsIlBXcWhvaFFHRXBnIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4MjI1NF0sbnVsbCw3XSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.PWqhohQGEpg.es5.O/am=YDA/d=1/rs=AJlcJMyJUrx9Waw-78Qx3w-p0DHWZKZhsw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bfe74e41ddacad515d610f053330118898990967234b2c56711ded51c2d8f939
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OCr489nHUCBmVkEmEkIJeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 21:48:21 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw05BiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XAsvThtB5vAhh27NjEpaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGJjrGRjGFxgAAEmkSnU"
content-security-policy
script-src 'report-sample' 'nonce-OCr489nHUCBmVkEmEkIJeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		111 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.PWqhohQGEpg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy2amyzmrTjPeB3T_DHWv8ei_NGvg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e76305d106f1ca56316b5c5d4ac4212034c6ca81530643f61a148fa0eee724d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 08 Oct 2024 21:48:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 21:48:21 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 08 Oct 2024 21:48:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://gbhackers.com/

Response headers

age
50039
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 07:54:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 07:54:22 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: gbhackers.com
URL: https://gbhackers.com/zerofont-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://gbhackers.com/

Response headers

age
54300
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 06:43:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 06:43:21 GMT
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
128352
x-xss-protection
0
server
sffe
AGSKWxUFxf9Wlj5_cs6BoCZHf8yXcGu21xG38jL-22uQOFHmpKbztsyw7KjBA4JHg7PRzYB0Io6AK0GDjV1dA-Z2Z89FDrakHzirNkEkba17HNw1KkP9mQMn7onWXqofvfFv9mVftOHM9Q==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUFxf9Wlj5_cs6BoCZHf8yXcGu21xG38jL-22uQOFHmpKbztsyw7KjBA4JHg7PRzYB0Io6AK0GDjV1dA-Z2Z89FDrakHzirNkEkba17HNw1KkP9mQMn7onWXqofvfFv9mVftOHM9Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.PWqhohQGEpg.es5.O/am=YDA/d=1/rs=AJlcJMyJUrx9Waw-78Qx3w-p0DHWZKZhsw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ho4KuVmsY1gruVIMY39lCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://gbhackers.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 21:48:21 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1pBicEqfwRoAxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY-nFaTvYBD4s3zKPWcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmOsZmMcXGAAA4GoveQ"
content-security-policy
script-src 'report-sample' 'nonce-Ho4KuVmsY1gruVIMY39lCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://gbhackers.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUFxf9Wlj5_cs6BoCZHf8yXcGu21xG38jL-22uQOFHmpKbztsyw7KjBA4JHg7PRzYB0Io6AK0GDjV1dA-Z2Z89FDrakHzirNkEkba17HNw1KkP9mQMn7onWXqofvfFv9mVftOHM9Q==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUFxf9Wlj5_cs6BoCZHf8yXcGu21xG38jL-22uQOFHmpKbztsyw7KjBA4JHg7PRzYB0Io6AK0GDjV1dA-Z2Z89FDrakHzirNkEkba17HNw1KkP9mQMn7onWXqofvfFv9mVftOHM9Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.PWqhohQGEpg.es5.O/am=YDA/d=1/rs=AJlcJMyJUrx9Waw-78Qx3w-p0DHWZKZhsw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PtQ9T9O9raBq5FrwtZOwvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://gbhackers.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 21:48:21 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1JBicEqfwRoAxO5aF1n9gfjrnkusf4F478dLrEeBWIiHY-nFaTvYBC48mjaPWcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoYmOsZmMcXGAAA2tovbA"
content-security-policy
script-src 'report-sample' 'nonce-PtQ9T9O9raBq5FrwtZOwvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://gbhackers.com
content-length
0
x-xss-protection
0
server
ESF
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gbhackers.com
Referer
https://fonts.googleapis.com/

Response headers

age
84960
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 22:12:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 22:12:21 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
300x600-pic.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr4nW4cAG8I3JZ1SAaZmhk9_kr0FApg132AGAwYeMh4VlbC9AHgeA68klvcbxgadifinQbYhPvX9nlDigLyfNglIdkMoCvcHxO2lcjRbH3gSRRuuUHVEww2HZS_lmHJTrbpw7nB-Q-bVWNfR2v... 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr4nW4cAG8I3JZ1SAaZmhk9_kr0FApg132AGAwYeMh4VlbC9AHgeA68klvcbxgadifinQbYhPvX9nlDigLyfNglIdkMoCvcHxO2lcjRbH3gSRRuuUHVEww2HZS_lmHJTrbpw7nB-Q-bVWNfR2vpQxeYBpLT2E59TmuWaSNbTTruvYI75XXFghP_mauIADK/s16000/300x600-pic.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
83d76a859e8582ab22d07095046faaa7c959ef3e586f78526016ef219004ca56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v7e1a"
x-content-type-options
nosniff
expires
Wed, 09 Oct 2024 21:48:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74549
date
Tue, 08 Oct 2024 21:48:22 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="300x600-pic.png"
gbh.png
gbhackers.com/wp-content/uploads/2024/09/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/uploads/2024/09/gbh.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
b6d1ccdad7fcbc4334065e917d4ea50742893df646bb2b93b3417dd4d0baf59e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=2592000,public
expires
Thu, 07 Nov 2024 21:48:21 GMT
accept-ranges
bytes
content-length
2130
date
Tue, 08 Oct 2024 21:48:21 GMT
content-type
image/png
last-modified
Mon, 02 Sep 2024 10:55:48 GMT
server
LiteSpeed
vary
User-Agent,Accept-Encoding
cropped-gbh-32x32.png
gbhackers.com/wp-content/uploads/2024/09/ 		794 B
886 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gbhackers.com/wp-content/uploads/2024/09/cropped-gbh-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.233.149.136 Los Angeles, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-233-149-136.ip.linodeusercontent.com
Software
LiteSpeed /
Resource Hash
1aba33996d8114efef36d7f8a1c885e48d0294fb2d8af33a74f17199f154a63f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/zerofont-phishing/

Response headers

content-security-policy
upgrade-insecure-requests;
cache-control
public, max-age=2592000,public
expires
Thu, 07 Nov 2024 21:48:22 GMT
accept-ranges
bytes
content-length
794
date
Tue, 08 Oct 2024 21:48:22 GMT
content-type
image/png
last-modified
Mon, 02 Sep 2024 11:44:54 GMT
server
LiteSpeed
vary
User-Agent,Accept-Encoding
csi
csi.gstatic.com/ 		0
532 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m20z300w&c=888787503086905&e=44759875%2C44759926%2C44759842%2C95331687%2C95333409%2C95341937%2C95343454%2C31061691%2C31061693&ctx=1&met.3=1000.14k_b__1~782.14j_d~1001.14i_e__1~164.14w~165.14h_f~247.14x~248.14x~164.14x~165.14w_1~166.145_s~723.19a_1~1032.1b1~326.1c0_1~832.1c2~868.1c1~216.1b0_11~215.1b0_11~843.1az_13~1032.1c7~326.1c7~832.1c7~868.1c7~216.1c7_1~215.1c7_1~112.1d8_1~113.1rz_1&met.7=CBsQCMAB-P-m8Ao~CBsQByDYBTj2B8AB1a6-mwY~CBsQByDZBTjWAcABkLau_wE~CBsQByDZBTjAAcABrZ2w-A8~CBsQByDZBTjAAcABm-7ZnQg~CBsQByDZBTjVAcABzIWUzAI~CBIQBxgBINkFKNkFMOwGOJMBQNoFSOAFUOAFWLUGYIYGaLYGcOkGeJcWgAHrE4gBrLECqgG8AQoVT3BlbitTYW5zOjQwMCw2MDAsNzAwChJSb2JvdG86NDAwLDYwMCw3MDAKG1JlZCtIYXQrRGlzcGxheTo0MDAsNzAwLDUwMAoZQXJjaGl2bytCbGFjazo4MDAsOTAwLDQwMAoYRXBpbG9ndWU6NzAwLDUwMCw0MDAsOTAwChRNZXJyaXdlYXRoZXI6NTAwLDQwMAoWTW9udHNlcnJhdDo3MDAsNTAwLDQwMAoPUG9wcGluczo3MDAsNDAwsAEBuAEDwAHWx7vICg~CBsQByDZBTjVAcABodq2ogw~CBsQByDZBTjWAcAB3uyg0QQ~CBsQByDZBTj6AsAB48KSswg~CBsQByDZBTiBA8AB5OGjtQo~CBsQByDZBTj9AsABsPzxzgw~CBsQByDZBTiEA8AB_IXTuwQ~CBsQCiDZBTiFBMABgYif4A4~CBsQCiDaBTiIBMAB7r3p8wU~CAEQChgBINoFKNoFMJ8LOMUFQOwJSO0JUO0JWLgKYO0JaLgKcPIKePKoA4ABxqYDiAGHogqwAQG4AQPAAd6Ov5sB~CBsQCiCBBziCA8ABgr7HtQ8~CBsQCiCCBzjcAsAB7JC34Ac~CBsQCiCCBziRBMABnb_7kAI~CBsQCiCCBzidBMAB3OSHvgU~CBsQCiCCBzjdA8AB19GnnAw~CBsQCiCCBziuBMABz5Gv-Qs~CBsQCiCCBzixBMAB79ugwgg~CBsQCiCCBzi6BMAB9P_HnA8~CBsQCiCCBzi7BMABlre0wQ4~CBsQCiCCBzinBMABkvLtZQ~CBsQCiCCBzipBMABjLS4rgg~CBsQCiCCBzirBMAB-rSHxAo~CBsQCiCCBzivBMAB5fXjeA~CBsQCiCCBzivBMAB8dHl6gY~CBsQCiCCBziuBMAB2PDCiws~CBsQAiD9CTj5AsABhdrLtgI~CBwQChgBILELKLELMNsMOKsBULMLWP4LYLMLaP4LcLQMeKz7AYABgPkBiAHxygWwAQG4AQPAAYutsPYE~CAMQChgBILELKLELMJUNOOMBaP4LcMUMeMTECIABmMIIiAGXyBmwAQG4AQPAAfeQ97gI~CBwQBhgBIMILKMILMN0MOJwBaP4LcNsMeKwCsAEBuAEDwAGUhOK1Dg~CBsQBiCIDDgowAHx0LWSDA~CBwQChgBIMENKMENMOsNOCpowQ1w5w14r7MBgAGDsQGIAZzPA7ABAbgBA8AB-JOwwgI~CBsQAiD-CTiCBMAB-ZiMuQs~CBwQBBgBIMgNKMgNMI8OOEfAAfWUnY4L~CD8QChgBIMANKMANMKYPOOcBQMANSMgNUMgNWJwOYO4NaJwOcN8OeNSGBIABqIQEiAGFwQywAQG4AQPAAYbqg4AP~CD8QChgBIMQPKMQPMMwQOIgBaMUPcLAQePP3A4ABx_UDiAG82xqwAQG4AQPAAYyb1PYF~CBIQBxgBIOMQKOMQMJ4RODpo5BBwmhF49y6AAcssiAHz9QaqAYcECg9BcmNoaXZvOjQwMCw1MDAKDUFyaW1vOjQwMCw1MDAKDkJpdHRlcjo0MDAsNTAwChNFQitHYXJhbW9uZDo0MDAsNTAwCgRMYXRvChBMaWJyZStCYXNrZXJ2aWxsChZMaWJyZStGcmFua2xpbjo0MDAsNTAwCgxMb3JhOjQwMCw1MDAKIkdvb2dsZStTYW5zOnJlZ3VsYXIsbWVkaXVtOjQwMCw1MDAKDk1hdGVyaWFsK0ljb25zCg5Hb29nbGUrU3ltYm9scwoMTWVycml3ZWF0aGVyChJNb250c2VycmF0OjQwMCw1MDAKDU11a3RhOjQwMCw1MDAKDE11bGk6NDAwLDUwMAoOTnVuaXRvOjQwMCw1MDAKFU9wZW4rU2Fuczo0MDAsNTAwLDYwMAobT3BlbitTYW5zK0NvbmRlbnNlZDo0MDAsNjAwCgpPc3dhbGQ6NTAwChhQbGF5ZmFpcitEaXNwbGF5OjQwMCw1MDAKD1BvcHBpbnM6NDAwLDUwMAoPUmFsZXdheTo0MDAsNTAwCg5Sb2JvdG86NDAwLDUwMAoYUm9ib3RvK0NvbmRlbnNlZDo0MDAsNTAwChNSb2JvdG8rU2xhYjo0MDAsNTAwCgpTbGFibysyN3B4Cg9Tb3VyY2UrU2FucytQcm8KDlVidW50dTo0MDAsNTAwCgdWb2xraG92sAEBuAEDwAHWx7vICg~CBMQAhgBIPgQKPgQMKoRODJogRFwpxF4nHqAAfB3iAHwd6oBDAoGcm9ib3RvEBIYArABAbgBA8ABuL_25wo~CBMQAhgBIIgRKIgRMMcROD9ojhFwtBF4jO0HgAHg6geIAeDqB6oBFAoNbWF0ZXJpYWxpY29ucxCOARgCsAEBuAEDwAGaobzNCg~CBsQCDj6EcAB-P-m8Ao~CD8QDRgBII0RKI0RMI4SOIABwAGUpOHUBg~CD8QDRgBII4RKI4RMI4SOIABwAGUpOHUBg~CBsgghI4tQHAAYD4_YoG~CBsQBhgBIIASKIASMJYUOJYCwAHMkpazDg~CBsguBM4tAHAAa2N9e8B&met.1=1.m20z2ynn~6.0~7.1~8.e~9.e~10.a7~11.59~12.a7~13.k2~14.oy~15.k6~16.16y~17.16y~18.16z~19.1rc~20.1rc~21.1rv~22.10p~23.10p
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20241007/r20190131/rum_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:402a:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gbhackers.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 21:48:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| jQuery object| tdb_global_vars object| tdb_p_autoload_vars object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tds_show_more_info string| tds_show_less_info string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_theme_color_site_wide string| tdThemeName string| tdThemeNameWl string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce string| tdMobileMenu string| tdMobileSearch object| tdDateNamesI18n string| td_reset_pass_empty string| td_reset_pass_confirm_empty string| td_reset_pass_not_matching string| tdb_modal_confirm string| tdb_modal_cancel string| tdb_modal_confirm_alt string| tdb_modal_cancel_alt string| td_deploy_mode object| block_tdi_68 object| block_tdi_84 object| block_tdi_100 object| tdDetect object| tdViewport object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life function| td_delete_site_cookie function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdBlocks object| td_history object| tdHeader object| tdCustomEvents object| tdEvents object| tdPullDown object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdConfirm function| onYouTubeIframeAPIReady object| tdSocialSharing object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state object| google_image_requests number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map function| tdModalImage string| google_user_agent_client_hint function| _ object| addComment object| tds_js_globals object| tdsLeads object| tdsStore object| tdsMain function| st_go function| linktracker_init object| wpcom object| _stq object| tdcPostSettings function| tdbGetMobileTemplates object| tdToTop object| tdAjaxSearch object| tdStickyRow object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdSmartSidebar object| td_res_context_registered_atts function| LazyLoad function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googPageScrollPreventerInfo object| google_rum_config object| _google_rum_ns_ object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZjBlNzlkYzE0MzJkOGU1Y2xvYWRlcl9qcw== string| ZjBlNzlkYzE0MzJkOGU1Y2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gbhackers.com
i3.wp.com
pagead2.googlesyndication.com
pixel.wp.com
stats.wp.com
142.250.181.238
142.250.185.162
172.217.18.3
172.233.149.136
192.0.76.3
192.0.77.2
2607:f8b0:402a:80d::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:81d::200e
2a00:1450:4001:831::200a
03eb35d2c61e33914021a31744442ff745d86e5d9ae88e0a549d505b545ca92a
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
0df69d80c44e57c96aedb642a255f3736d9cc4452c65fdc2c32b1aa8ebe80a6b
15c07f47a6f51ed692f07d65591c90bb3680819004127e75eebd70875450c2ea
1aba33996d8114efef36d7f8a1c885e48d0294fb2d8af33a74f17199f154a63f
22b4d43fb1718837ae933de7a5ade56fdd76cf404f32c55f06dc035bd188ebcf
25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962
25f33e61cf995abd6be62931cf03bf427286259177b43618cc410ee0157cfd30
266bdd903d41099a4128590129e71f4199670d18cfaafc71010837b9743adce1
28823be416bfac3982cc25b99d05ba703c0a060bd49ecc8405d53b73889bc1fe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b21b7c7ec3443ebab917b103edd597007d931907af2d40c4a82a99cfd590917
2e1030c78c1588b14fdb72127a80608c6294b42576cdc02f2c64d7442bcc1217
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f28c5710691981e0160a6bc8a244129aa23f9b3a991b68c8a84abe065dd685f
3937aadc3da0b60a044d7575203313e11cf5822e3c800da09e2e15d00acf60df
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
58a34a98a2d0b2823ca5b8d3602c02efa1ba0364d3bdb4549499cfb4f594a2f7
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
6eabe6fc9af525bfe45c37f58a1265a4675c0213817a9249bc2d253049b9c649
75c578ded4b90dda40b2f2f2b6bf353913eba7ba8dd39b5f85911fb1a9a0cd7b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83d76a859e8582ab22d07095046faaa7c959ef3e586f78526016ef219004ca56
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
929ccae489edd14054ea572e2a6c5b8015e38fe7fc18f54c0acc58ec59915b4e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e
a0893023bcc1c627f43f92e6393d5f788b8cc5fd26bfa6c615b5b3fff62fd273
a61c9de0f6bc257a78ae119aa597966463d282de64aa3e12b52c8f825b1a49ee
aa0b2f74620ebffe8753db7c2b2fbad1f1621b3941d48ff3fc486f894ed4445d
ac3b655ac2b9355f6e9b45f9ba9a7dd1c8170762a8c2dee4b0973ed046f34377
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b04ad9bd13dad8818015a0225db1c058bb93ebc88c53fb7785ef4d7d7e0505b7
b6d1ccdad7fcbc4334065e917d4ea50742893df646bb2b93b3417dd4d0baf59e
b93223852889ea4d29e26e0a010a67dc285d3bfadd86f91d3bb8fe2b1a7c2b2d
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bcd8482491d261c223749a5b352d5f29eea4560d9dd7bfa030dc270327c37eee
bfe74e41ddacad515d610f053330118898990967234b2c56711ded51c2d8f939
c0cfe8485ae2c57d73ef414f5adea8de39e053f0973470e27d0f195ca00a01b1
c87d5b8432db51d821cbfe3dc9caa4e3626a9ffc84cb0a2f495b9bdb67094530
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbf348e09ccb8df23ba4223cfd092f016b9d2fa4ff7a9e992fa5e063386d9691
d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23
d6fb22f69d5f1cefc560e23bbf3c950325993c104f573bb9a61f13153b19cf98
d9ab311361c61b2e075141b7233aa73fdd6c8e7db46bf5dd3b1b722a81bc3375
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db7dca634a48eb7d3800096b7572b93bdf59ed2b20c03fd7f2fe54af3aa00b58
e185204fa23df0a129c6a5ac7e95b3254ee81a1def15b4d87aa489219fc183d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ceda656eb18354764f5c3d34e18cdd03af426ccbe766e6f76b7497ae25dc49
e76305d106f1ca56316b5c5d4ac4212034c6ca81530643f61a148fa0eee724d6
ed8e01eff86f6c07b4174cf04983d233a769e9a47a6596056dddd9c8b565c641
efb4dff53839a3d167e17bfb20955e799f4791e12d2c2a2a0344fa6cfd722969
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fbf2f8b0bcafcdfc47f42dfeacb7e877b927a78cc77f62d0ed9bdee2a2206bbf