hunt.io Open in urlscan Pro
35.71.142.77 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away
Submission: On December 20 via api (December 20th 2024, 2:31:19 pm UTC) from IN — Scanned from DE

Summary HTTP 60 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 60 HTTP transactions. The main IP is 35.71.142.77, located in United States and belongs to AMAZON-02, US. The main domain is hunt.io.
TLS certificate: Issued by WR1 on December 1st 2024. Valid for: 3 months.

This is the only time hunt.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.71.142.77 35.71.142.77	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
51	2600:9000:272... 2600:9000:2724:c800:d:ada1:a280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.160.150.114 3.160.150.114	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:2400:d:6b42:4ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:310... 2606:4700:3108::ac42:2888	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:276... 2600:9000:2761:f800:10:9b9d:b9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
60	8

1 35.71.142.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com

hunt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2600:9000:2724:c800:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.160.150.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-114.fra60.r.cloudfront.net

events.framer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:2400:d:6b42:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.framerstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3108::ac42:2888 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hunt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2761:f800:10:9b9d:b9c0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

framer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	framerusercontent.com framerusercontent.com — Cisco Umbrella Rank: 25787	1 MB
4	framer.com 2 redirects events.framer.com — Cisco Umbrella Rank: 40059 framer.com — Cisco Umbrella Rank: 36284	8 KB
4	hunt.io hunt.io app.hunt.io	356 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
1	framerstatic.com app.framerstatic.com — Cisco Umbrella Rank: 206034	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
60	6

	Domain	Requested by
51	framerusercontent.com	hunt.io framerusercontent.com
3	app.hunt.io	hunt.io
2	framer.com	2 redirects
2	events.framer.com	hunt.io events.framer.com
1	region1.google-analytics.com	www.googletagmanager.com
1	app.framerstatic.com	hunt.io
1	www.googletagmanager.com	hunt.io
1	hunt.io
60	8

This site contains links to these domains. Also see Links.

Domain
app.hunt.io
github.com
cofense.com
www.volexity.com
www.kuaidiyouhui.asia
www.zchyedu.com
x.com
www.linkedin.com

Subject Issuer	Validity	Valid
hunt.io WR1	`2024-12-01` - `2025-03-01`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
framerusercontent.com Amazon RSA 2048 M03	`2024-11-16` - `2025-12-14`	a year	crt.sh
events.framer.com Amazon RSA 2048 M03	`2024-04-09` - `2025-05-07`	a year	crt.sh
framerstatic.com Amazon RSA 2048 M02	`2024-09-22` - `2025-10-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away
Frame ID: BF0B4D34BB452AAE2097FA18207605F4
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gh0st and Pantegana: Two RATs that Refuse to Fade Away

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

60
Requests

97 %
HTTPS

75 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

1823 kB
Transfer

5862 kB
Size

2
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://app.hunt.io/dashboard
Title: Login

Search URL Search Domain Scan URL

URL: https://github.com/cassanof/pantegana
Title: here

Search URL Search Domain Scan URL

URL: https://cofense.com/blog/open-source-gh0st-rat-still-haunting-inboxes-15-years-after-release/
Title: Cofense

Search URL Search Domain Scan URL

URL: https://www.volexity.com/blog/2022/06/15/driftingcloud-zero-day-sophos-firewall-exploitation-and-an-insidious-breach/
Title: Volexity

Search URL Search Domain Scan URL

URL: https://app.hunt.io/active-c2s
Title: https://app.hunt.io/active-c2s

Search URL Search Domain Scan URL

URL: http://www.kuaidiyouhui.asia/
Title: www.kuaidiyouhui.asia

Search URL Search Domain Scan URL

URL: http://www.zchyedu.com/
Title: www.zchyedu.com

Search URL Search Domain Scan URL

URL: https://github.com/qwqdanchun/DcRat
Title: https://github.com/qwqdanchun/DcRat

Search URL Search Domain Scan URL

URL: https://x.com/Huntio?t=tNAyMYy3rMSrq6u0XIpZRg&s=09

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hunt-intelligence-inc/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://framer.com/m/phosphor-icons/Sun.js@0.0.53 HTTP 302
https://framerusercontent.com/modules/wp6xzA2QrHTqCWJAsoKa/Hyhw8DdNtDxDqd366SY7/Sun.js

Request Chain 41

https://framer.com/m/phosphor-icons/Moon.js@0.0.53 HTTP 302
https://framerusercontent.com/modules/qdFz1d7MF7d8Wsxrv3Ew/tbOlJ2GGWCCiI25KWvfU/Moon.js

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request gh0st-and-pantegana-two-rats-that-refuse-to-fade-away Show response
hunt.io/blog/ 568 KB
45 KB 424ms
304ms Document
text/html 35.71.142.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.71.142.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0b1d980e1f2226c6.awsglobalaccelerator.com

Software

Framer/3281da1 /

Resource Hash

4dff80896665e85a73ad1b159b0bb3e10fa3d94bcf5d8b155a32fd2e3bf0c6c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 45975
content-type: text/html
date: Fri, 20 Dec 2024 14:31:12 GMT
etag: "ccccdd6607f8175b2195825ca822d7fb"
last-modified: Wed, 18 Dec 2024 17:20:22 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server: Framer/3281da1
server-timing: region;desc="eu-west-1", cache;desc="not-cached", ssg-status;desc="optimized", version;desc="3281da1"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 99ms
47ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CKJY21YJ7N

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ce1f879c04e091089964453047a58bd59c69003b198a00c3b3a0fd89672bdd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 20 Dec 2024 14:31:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 14:31:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109871
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 chunk-J73QJUT6.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 638 KB
184 KB 89ms
33ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-J73QJUT6.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8b3c03539d1657012443b146757a6fabd87fa0302e6f857c233c67c7fa1aff60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"10f2350475f28b5a89d27e8b3233c3e7"
x-amz-version-id: wFCWgTsnrZYU6MB1quwb8EvqbUB5kAT4
age: 160351
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: GALllxsEfCVpfZ-gREWBPOsBP5bFb1IYTwFUirXftibrXzXmA2nWgA==
date: Wed, 18 Dec 2024 17:58:43 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:13 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="GALllxsEfCVpfZ-gREWBPOsBP5bFb1IYTwFUirXftibrXzXmA2nWgA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-JR5VT52U.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 1 KB
1 KB 139ms
91ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-JR5VT52U.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8b91ee4af78a9558d2bbbc889b190d7c47647405fabc8ae5be1c014d6c938228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"8dc2caa5dfa40c0964a44a081b0b17d9"
x-amz-version-id: _8xnJxoEpvTiFxGHHyvVZ85IFf3u.3cf
age: 3268855
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: H1ZA55Kbk2STaHQ2CB4JQNpGUJCb945UodR_SoTwn3hPyQ5kCBmfsw==
date: Tue, 12 Nov 2024 18:30:19 GMT
content-type: text/javascript
last-modified: Tue, 12 Nov 2024 18:22:56 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="H1ZA55Kbk2STaHQ2CB4JQNpGUJCb945UodR_SoTwn3hPyQ5kCBmfsw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-RIUMFBNJ.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 447 B
1 KB 155ms
108ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-RIUMFBNJ.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
etag: "30ed32fa3444df726bb60d89113cf478"
x-amz-version-id: vYavs6UabxhB5PKPh4VT.q026xitGK6K
age: 8189235
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: GzHtx0rZ4S9d3-VLjP_VZf6MehHHvJA9G8NS8CneWBTrUDUaSKU00A==
date: Mon, 16 Sep 2024 19:43:59 GMT
content-type: text/javascript
last-modified: Mon, 16 Sep 2024 15:39:52 GMT
vary: Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="GzHtx0rZ4S9d3-VLjP_VZf6MehHHvJA9G8NS8CneWBTrUDUaSKU00A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 447
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 ta6g8804cUItITUduwyLAq6TfOSOHc9jy9XGOWm7ngQ.NYIUAFL3.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 380 KB
51 KB 140ms
93ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ta6g8804cUItITUduwyLAq6TfOSOHc9jy9XGOWm7ngQ.NYIUAFL3.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

380d53289aae04c44b3d18a0b2c4df365fbe7524bcf057cd6c0d6dcbb3721827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"8054083e6725df0419848dd05ce55ebb"
x-amz-version-id: HHOE90LOAQQ9wdhIH0DwSD0_UyDwkuwG
age: 154717
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: jR38kgAzlx54mc08gEePVuNHuyliKchBq0O3uqED_30nZqOOToLIhg==
date: Wed, 18 Dec 2024 19:32:37 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:12 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="jR38kgAzlx54mc08gEePVuNHuyliKchBq0O3uqED_30nZqOOToLIhg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-FFWPVOSO.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 3 KB
2 KB 76ms
29ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-FFWPVOSO.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

11410ff9d26d727b478233a525b9b01cd020a236b52791fa9292d300b47b70d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"bc2c107eba066be0603014b8e8f62fe2"
x-amz-version-id: hVOP0h6ab88qWr6Kc5xwGqhr40GvDk1H
age: 677960
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ioKtEoknKRRGsSKi9DENUMQUIb5qVLQ-TO41Mp9uHWbF2Q1i1yHbZg==
date: Thu, 12 Dec 2024 18:11:54 GMT
content-type: text/javascript
last-modified: Thu, 12 Dec 2024 17:50:58 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="ioKtEoknKRRGsSKi9DENUMQUIb5qVLQ-TO41Mp9uHWbF2Q1i1yHbZg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-66BE3LAA.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 250 KB
63 KB 156ms
110ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-66BE3LAA.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9837fc4c74d841519f1f7001cd549599deff16581d3c610143cc0be65ef1652d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"779b9f5b9df41959887216e1bcb723c8"
x-amz-version-id: 7ytVTeSdK.tD5_IHczs2_uJFmXfe9WSz
age: 154717
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: iZOVycwU32iHn6tJ7UN6Cq0zRVS7GC91T3AuS5lyRlJzqaoUj1AcNA==
date: Wed, 18 Dec 2024 19:32:37 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:12 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="iZOVycwU32iHn6tJ7UN6Cq0zRVS7GC91T3AuS5lyRlJzqaoUj1AcNA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-IQJXJS56.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 2 MB
462 KB 116ms
115ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-IQJXJS56.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0d483fb31b7baa932fb38d9e974bcca41a9ecfa605e0d540b66e54e39fe69f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"31dd62f5e78dc021748cb2e226a1a631"
x-amz-version-id: ha0.ZQo2WOP80YQTROckWsD0vmO7dcYH
age: 5515809
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: HDYKrDIhi2Lb9Zw_alwS1jnUBJNyaGesV1smvk-JEOUrSi3g0kNlYw==
date: Thu, 17 Oct 2024 18:21:05 GMT
content-type: text/javascript
last-modified: Thu, 17 Oct 2024 17:21:59 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="HDYKrDIhi2Lb9Zw_alwS1jnUBJNyaGesV1smvk-JEOUrSi3g0kNlYw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=17
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-VMDAUC3K.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 19 KB
5 KB 106ms
105ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-VMDAUC3K.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

934a0090ea09dac177119e0604e09ff36cdfaaacdf4c32a01e6d63cdff28082f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"a46add8657ad1789aeca4c19d5a75c1a"
x-amz-version-id: bgPOD_.oYzjHi9S2rORa2f3c83.mubzJ
age: 154717
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 2p61mLff0TgAgEJ6SbvZXSVRbaRKristF5_hvRBDBvdYs9BZBvSNEA==
date: Wed, 18 Dec 2024 19:32:37 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:12 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="2p61mLff0TgAgEJ6SbvZXSVRbaRKristF5_hvRBDBvdYs9BZBvSNEA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=10
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-F53654VH.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 391 KB
57 KB 110ms
109ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-F53654VH.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

bdb9c4abf0c61c96ed5b2237c37aafcf3ca69eeda0f7a96130cfb76dfe0c6995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"92d94655841f0c4ec7b16749bd4e11ba"
x-amz-version-id: LHsRiZSw06IqjnXfHSU3lHajwJGXBGrC
age: 160351
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: REyTRG821XrOPHSWR4RvSNYACcBY8D-FRYcfLwDIH8ZEqUo1l5fwZA==
date: Wed, 18 Dec 2024 17:58:43 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:13 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="REyTRG821XrOPHSWR4RvSNYACcBY8D-FRYcfLwDIH8ZEqUo1l5fwZA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=13
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-SCNS7PGQ.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 55 KB
18 KB 137ms
136ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-SCNS7PGQ.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

3b28bbdcf425401f640c23417356ba6636dea9d26bb780793414191da3ac6016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"52a6e22815c1a806118cb6be60dedd85"
x-amz-version-id: sgMFU1wR__TlYbnvFPq2_5ssrKKCrkJX
age: 160351
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: TOH_F69pw7_81CaTdYDENuk1rD2szVuSIw63J__Tl_t0fiG9XXFEQA==
date: Wed, 18 Dec 2024 17:58:43 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:13 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="TOH_F69pw7_81CaTdYDENuk1rD2szVuSIw63J__Tl_t0fiG9XXFEQA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=21
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-ILJTUMOU.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 22 KB
5 KB 135ms
134ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-ILJTUMOU.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

93060a437366c0be0a28d1ed84767124fa3a8b4505cf10adefe10c1a59d31b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"5c5357eae35bdaf3d8853b42f1104790"
x-amz-version-id: Cem.D_zl2TSnR1L2gLj4qn4uYmGt2OC4
age: 154717
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ty3UPXWiSpAuUwjQYeXTPkKcXNCb8I-Ng4xToBobTKJi7cISrFwIag==
date: Wed, 18 Dec 2024 19:32:37 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:12 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="ty3UPXWiSpAuUwjQYeXTPkKcXNCb8I-Ng4xToBobTKJi7cISrFwIag==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=18
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-YKA5FSSU.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 145 KB
21 KB 107ms
106ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-YKA5FSSU.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b72ea8c627173c38dc5b7fb91a3454d5d270fd35f3b149c4fbf8fb8099406ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"99c26a2d0dbfe022230b702c7b977cca"
x-amz-version-id: kqaUS1YNf3P57UqWhYVAwsvy9tdnzpnD
age: 154717
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: vPPMeRI_2Xg9uvAdgDsGqcJiaFzzahs0MSBoidalWHOep-ea_7mBAQ==
date: Wed, 18 Dec 2024 19:32:37 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:12 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="vPPMeRI_2Xg9uvAdgDsGqcJiaFzzahs0MSBoidalWHOep-ea_7mBAQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=11
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-WVF3SRVA.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 781 B
2 KB 108ms
107ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-WVF3SRVA.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8314bcf42d268a6a05b1b31e44fe8a63a982831d240cff23cf155496f53ebe8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
etag: "3dcfce17100381d1455919b9ec2ff97d"
x-amz-version-id: S3UG5eu7n0GQJ0_RqaVSw.cA9G3oly2m
age: 105431
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: FASJCFvlI_Cao0Sg3CfilFkeUjuPAAw56mokX6lclnhVxHxGwzTuvA==
date: Thu, 19 Dec 2024 09:14:03 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:12 GMT
vary: Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="FASJCFvlI_Cao0Sg3CfilFkeUjuPAAw56mokX6lclnhVxHxGwzTuvA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=12
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 781
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-FR26L6T7.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 10 KB
2 KB 112ms
111ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-FR26L6T7.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

15480ef9225b1f55dfc1e24166773ce63bad28a494548643515fac4f15b9c31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"18f8641888fbf2f2e56a9e58d51b62e7"
x-amz-version-id: swD9uAA.85lExPaCh9fIzT9FfOampRYW
age: 154717
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: pbdC48EVABKltdhgvbxIb1zK_9RIcsCMBNk0Ig3ta2uHFgTKr9_efg==
date: Wed, 18 Dec 2024 19:32:37 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:12 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="pbdC48EVABKltdhgvbxIb1zK_9RIcsCMBNk0Ig3ta2uHFgTKr9_efg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=14
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-FMY46QBD.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 20 KB
5 KB 112ms
111ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-FMY46QBD.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

d7525fe1b379953d9cb9c710fb95950289ee4c733ba7a81037e3b215c08db802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"53a241a492f439acb3c68ae7c6e43758"
x-amz-version-id: YSs.vKoEuOwx.eYchsf9FbGxB7RG_9fv
age: 160351
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 7yybqEXmxvGY7RBkbdhmL_thybqIrbWri8f_bEBkNwCv9JzAouPbqw==
date: Wed, 18 Dec 2024 17:58:43 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:13 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="7yybqEXmxvGY7RBkbdhmL_thybqIrbWri8f_bEBkNwCv9JzAouPbqw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=15
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-URPGPU5E.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 700 B
2 KB 135ms
134ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-URPGPU5E.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

1eb831c9ea67d25e2d76aa8a3019cb3aa1afa360115725555c84483af4c09ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
etag: "9c8a492c1dfa360555f455ff9953eb91"
x-amz-version-id: _Ab7jXYeqhDgdfk39bSaNvJZm7WH0Abh
age: 105431
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: AwiZIp8iqqQ4BBg0RYuSEMjWngekC-7L5wdohfczDFcDnL89Qk8IlA==
date: Thu, 19 Dec 2024 09:14:03 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:13 GMT
vary: Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="AwiZIp8iqqQ4BBg0RYuSEMjWngekC-7L5wdohfczDFcDnL89Qk8IlA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=20
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 700
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-ZBRS4ARU.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 4 KB
3 KB 113ms
112ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-ZBRS4ARU.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cf01623bef352e80bf05bcccc0fe5989fb8cc599601c9cc68bc3990af350d01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"f8bac7eb906deb35bde9beec73df4278"
x-amz-version-id: AlvYTWIV2WfjtPz4sCqRzMac2BtAljHT
age: 160351
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: iXpIc3eH8PPd0kbhzqvazVSXRrAE9CpaGYU6W0soDrT3IgvHHVeUxg==
date: Wed, 18 Dec 2024 17:58:43 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:13 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="iXpIc3eH8PPd0kbhzqvazVSXRrAE9CpaGYU6W0soDrT3IgvHHVeUxg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=16
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 script_main.JWKODJRP.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 13 KB
7 KB 114ms
113ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.JWKODJRP.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ad0451f3c03e0d4c9a7b3022e738c46caf96b8d690a78e0c7e9872d5c780ce86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"eba7aa9e9b20a0c6474804ebc79ac2d1"
x-amz-version-id: jkWkROmR.ysPfAEA.eDAJu_5HudX4Lff
age: 160351
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: EJ9nELAAREgWi3w8aAfy17rhQtuUCT6rBJdv_6jKBVGlpeEq0YcUdw==
date: Wed, 18 Dec 2024 17:58:43 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:13 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="EJ9nELAAREgWi3w8aAfy17rhQtuUCT6rBJdv_6jKBVGlpeEq0YcUdw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=16
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 script Show response
events.framer.com/ 18 KB
7 KB 186ms
121ms Script
text/javascript 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.framer.com/script

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-114.fra60.r.cloudfront.net

Software

Resource Hash

89e61318afc569842f98ccd196ff7cfbb36ec69bad3af935dd5c7149b494fde4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length: 18177
timestamp: Fri, 20 Dec 2024 14:31:01 GMT
content-encoding: gzip
x-amz-apigw-id: DGDj1E6WIAMEVOw=
x-amzn-trace-id: Root=1-67657fb1-13a9b2fb42fe0f8f389bd56b
x-amzn-requestid: a0b16a30-bb23-4e54-bd2e-1bbc3112b92b
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 6204
x-amz-cf-id: vr0mGhsjFQ7KZgNYQ0-oDaM_9iFPQM5vV-HK8Eld4H8OvTg_iqwTiA==
date: Fri, 20 Dec 2024 14:31:13 GMT
content-type: text/javascript
x-amz-cf-pop: FRA60-P7

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1903ee47f38fb5a0b56ce197b51aa0e1be80b22ab3afcd1a466eb1ee536aa8b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 1ZFS7N918ojhhd0nQWdj3jz4w.woff2
framerusercontent.com/assets/ 27 KB
28 KB 117ms
101ms Font
font/woff2 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/1ZFS7N918ojhhd0nQWdj3jz4w.woff2

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cc324555c1cd681a59c27be1eda61da587d17bf71cc1ed8aa3e4a51e77907685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 3000
etag: "9a2dbfafd3686aa72cb303a41be28527"
x-amz-version-id: FhKj_VGbf4ha4CqtjcCeHMQzi9fH8cVU
age: 13571109
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: GLR1EujU7IrESktktcVQ60XUrcUdodrIjCAWqfhoZ0FoJBVNEu8mcA==
date: Tue, 16 Jul 2024 12:46:05 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 14:12:44 GMT
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="GLR1EujU7IrESktktcVQ60XUrcUdodrIjCAWqfhoZ0FoJBVNEu8mcA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28004
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: aws:kms

GET
H2 200 Inter-Medium.latin-Y3IVPL46.woff2
app.framerstatic.com/ 19 KB
20 KB 109ms
34ms Font
font/woff2 2600:9000:223e:2400:d:6b42:4ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.framerstatic.com/Inter-Medium.latin-Y3IVPL46.woff2

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:2400:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c861d136456a64c9c5619e9fa7c37c80144ea5d8879d88554c1f8abaaae891bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 3600
etag: "f366e7b832c6d0e8a2038665895c0762"
x-amz-version-id: null
age: 27110135
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: dTousVmMtwRmwk4Lpvpf9RwPp63f80eRoTHCe9k79_UvnLBxKAy9sw==
date: Sat, 10 Feb 2024 19:55:39 GMT
content-type: font/woff2
last-modified: Sat, 10 Feb 2024 12:18:59 GMT
x-frame-options: deny
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19904
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P4
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 vQyevYAyHtARFwPqUzQGpnDs.woff2
framerusercontent.com/assets/ 27 KB
28 KB 123ms
107ms Font
font/woff2 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/vQyevYAyHtARFwPqUzQGpnDs.woff2

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4107b11930c4eef1f6ae5a76d441562e6d21a601f1781f37fd085542cd87412b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 3000
etag: "a14a424239fd9cb2e305f2243b1f6177"
x-amz-version-id: SH9la86RvjI0NEj8MqfrPHVtgDnLUhAV
age: 13570944
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: v6NW74dOb-lfKFm21IWuadC2EJIRmO3Od3_9LR4ZIqCVS4pPYcI1Gg==
date: Tue, 16 Jul 2024 12:48:50 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 14:12:38 GMT
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="v6NW74dOb-lfKFm21IWuadC2EJIRmO3Od3_9LR4ZIqCVS4pPYcI1Gg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27404
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: aws:kms

GET
H2 200 kOWMU7BA0v3rI55MyNChIjzJJk.webp
framerusercontent.com/images/ 157 KB
158 KB 138ms
136ms Image
image/avif 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/kOWMU7BA0v3rI55MyNChIjzJJk.webp?scale-down-to=2048

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

997fb2ecebc476796c26ffc08e7dd30fcb9a7c2ddcebee1d9ad3ed1d00db917c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

etag: "7c9189fe18df60fde6ba8ba11c2c7abf"
age: 89295
x-content-type-options: nosniff
x-amzn-requestid: 072cc898-3579-4f90-a9c9-169acd54a19e
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: A8D2zmu5tNH7iNYBonMoWIebBDp8CdKuyVKZ2jSgNe7P9Bh-6W2m1A==
date: Thu, 19 Dec 2024 13:42:58 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="A8D2zmu5tNH7iNYBonMoWIebBDp8CdKuyVKZ2jSgNe7P9Bh-6W2m1A==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=104
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-676422de-4a6dd1dd7fac17e857cf5b8e;Parent=573ab09a32802d06;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 Way36x4YAG030oY95W956m4NMlE.webp
framerusercontent.com/images/ 11 KB
12 KB 41ms
40ms Image
image/avif 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Way36x4YAG030oY95W956m4NMlE.webp?scale-down-to=512

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c45a04caa3f1fe16f8370a14f4ab76be2388e1e84151e95a03ef234116de8907

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

etag: "53d8d1b4ba3b8e3985f9fd0e14a7b806"
age: 688741
x-content-type-options: nosniff
x-amzn-requestid: 1337ccec-d87d-4d88-a84d-9ef34e1d4cfc
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 6ZOXtzhv7Zykq-KVJGLhj7uKjNUP0KQZEmUjOwK2xhnpQGfkClojuA==
date: Thu, 12 Dec 2024 15:12:12 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="6ZOXtzhv7Zykq-KVJGLhj7uKjNUP0KQZEmUjOwK2xhnpQGfkClojuA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-675afd4c-687fa2f438b786b87d89fe68;Sampled=1;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 2iZKHFgbhhPbSXPJTCZSAjibSz0.webp
framerusercontent.com/images/ 14 KB
15 KB 75ms
75ms Image
image/avif 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/2iZKHFgbhhPbSXPJTCZSAjibSz0.webp?scale-down-to=512

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8d7dbb5bd48cf785d70a7205170e43e1a5c20518cc56cbe3723588fc9367493a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

etag: "4b6222251476f799c2cb03871d43ce05"
age: 868228
x-content-type-options: nosniff
x-amzn-requestid: a0e9cb6c-1bb4-400f-b724-29d999ed8b91
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Lq0BaPaOq76Kd8KYnQM2kaMHPbOlMc8TRWHAcyRHovVggDpdPSexxw==
date: Tue, 10 Dec 2024 13:20:45 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="Lq0BaPaOq76Kd8KYnQM2kaMHPbOlMc8TRWHAcyRHovVggDpdPSexxw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=10
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6758402c-163635ef05757170620d0145;Parent=7ab6c9b0c89b8555;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 XFsFr3Y6HDDfkPLgSPRuhldm2g.webp
framerusercontent.com/images/ 13 KB
14 KB 70ms
69ms Image
image/avif 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/XFsFr3Y6HDDfkPLgSPRuhldm2g.webp?scale-down-to=512

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3228edf4ab6733ab80ece58cbaa333ec9aebfbba591ea10847f5f80d72718b87

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

etag: "c65ad346c5c1fa59ef847a1a28b06677"
age: 1211631
x-content-type-options: nosniff
x-amzn-requestid: f1739626-e2e0-47f7-9d0b-60276e653328
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: p_xdTzKYQkoQgjzY035WSSKQqa6lRJKb3v9IQ5rxgcsJX0sKQH8G9g==
date: Fri, 06 Dec 2024 13:57:22 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="p_xdTzKYQkoQgjzY035WSSKQqa6lRJKb3v9IQ5rxgcsJX0sKQH8G9g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-675302c2-74e6f9e405c89f60406ca132;Parent=7bc194a7b5529999;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 Wbt9vg2M3MLSUK6C8ZimtsouOws.webp
framerusercontent.com/images/ 13 KB
14 KB 80ms
79ms Image
image/avif 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Wbt9vg2M3MLSUK6C8ZimtsouOws.webp?scale-down-to=512

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

62e73c6143776d9d4b4008c49a5dfe8366f14377fc9468cd839fba9243d2b510

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

etag: "6e4452128dad288b01d3eed90d12f1d6"
age: 359973
x-content-type-options: nosniff
x-amzn-requestid: e79322bd-e3cf-486d-9020-4f2db479c7de
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 6OiyXZFY11wQ41fbpvl-qKo6oZhIxEZ3ZRifSUirr-ISGAK2bCxhGA==
date: Mon, 16 Dec 2024 10:31:40 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="6OiyXZFY11wQ41fbpvl-qKo6oZhIxEZ3ZRifSUirr-ISGAK2bCxhGA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=11
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6760018c-41d9d5280b492557093b4f8d;Parent=7ac783b3973ac60a;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 fOXtYSvzsNlw0tzPVKMsf72n0.png
framerusercontent.com/images/ 24 KB
25 KB 46ms
45ms Image
image/avif 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/fOXtYSvzsNlw0tzPVKMsf72n0.png?scale-down-to=2048

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e1d4e429bec9bc36a28143018ae0400faee2ea7ffe9442942794e016a094220c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

etag: "a5fd6921c78d186fd22e12abbea6a593"
age: 17289230
x-content-type-options: nosniff
x-amzn-requestid: 9df5ba47-2ec8-4bec-96e9-11a9fef30e48
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: xa12U_KbGYsbXeAOdmP5RHdVzaE6cP1KIy8Aa87RAe7SrjRrhh3o5g==
date: Mon, 03 Jun 2024 11:57:23 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="xa12U_KbGYsbXeAOdmP5RHdVzaE6cP1KIy8Aa87RAe7SrjRrhh3o5g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: root=1-665dafa2-42d508f768a18ae373bdb131;sampled=1;lineage=f456f256:0
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 DXD0Q7LSl7HEvDzucnyLnGBHM.woff2
framerusercontent.com/assets/ 27 KB
28 KB 110ms
104ms Font
font/woff2 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/DXD0Q7LSl7HEvDzucnyLnGBHM.woff2

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2dc968863319a6f57e6428a7b4c292ae254d3e462b5f23f71bab492317067d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://hunt.io/

Response headers

access-control-max-age: 3000
etag: "757ca4a792b8c7bbe09f6e6cee76e727"
x-amz-version-id: bCCG3uSnAgT3MLzz1ZSQU2cVkYB4Lve.
age: 13571109
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ew6dMv8lnAnvoa7vLJZwCI1YCMZF7PpG5l6e2koerhsZ0Ja_o7fP-Q==
date: Tue, 16 Jul 2024 12:46:05 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 14:11:33 GMT
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="ew6dMv8lnAnvoa7vLJZwCI1YCMZF7PpG5l6e2koerhsZ0Ja_o7fP-Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27992
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: aws:kms

GET
H2 200 figure_1.webp
app.hunt.io/images/blogs/ghost-and-pantegana/ 217 KB
218 KB 493ms
420ms Image
image/webp 2606:4700:3108::ac42:2888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.hunt.io/images/blogs/ghost-and-pantegana/figure_1.webp

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f6563c3ac22759064b34b10f231067c34d1a50016eac75999a41492e9e4fe36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

cf-cache-status: MISS
etag: "66682f4e-3629a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILpDNrU6EvxTHk%2FHCyMhywvTe8isCcQASjJ8Jrh91WDrvF1202VwlHN10fBLA6UOM0VYsY5384pws%2FCRBBRkrrr0XUiZsfYvjNk%2FNjJSuwt7GE%2BTkm0GcKK6WQeQFxIY1MeqUe8%2BNbqI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26898&min_rtt=21703&rtt_var=12867&sent=9&recv=13&lost=0&retrans=0&sent_bytes=3979&recv_bytes=2348&delivery_rate=181726&cwnd=255&unsent_bytes=0&cid=706770eb2cfb9f43&ts=425&x=0"
date: Fri, 20 Dec 2024 14:31:14 GMT
content-type: image/webp
last-modified: Tue, 11 Jun 2024 11:04:46 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5055b71f14db0c-FRA
accept-ranges: bytes
content-length: 221850
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 figure_2.webp
app.hunt.io/images/blogs/ghost-and-pantegana/ 92 KB
93 KB 499ms
426ms Image
image/webp 2606:4700:3108::ac42:2888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.hunt.io/images/blogs/ghost-and-pantegana/figure_2.webp

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f541fb07cb82178daf91805821ba0bb448cec7d75652e65d09abb6f3e46816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

cf-cache-status: MISS
etag: "66682f4e-1704a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJJTWwX3a79DIV%2F%2FnrK29jXs2uAJ%2Fdroq2g%2FRRy4FVP3xkyDAGDPUqh97awzYHA2PuwMKiIdX8y8JVcZI29%2BuXdiYS7wQ5WJ3XqjoqFz%2Br5bo47M32QVB7%2BVrHaiao6lzcGd%2FMzlFGDV"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26898&min_rtt=21703&rtt_var=12867&sent=37&recv=13&lost=0&retrans=0&sent_bytes=35770&recv_bytes=2348&delivery_rate=181726&cwnd=255&unsent_bytes=0&cid=706770eb2cfb9f43&ts=431&x=0"
date: Fri, 20 Dec 2024 14:31:14 GMT
content-type: image/webp
last-modified: Tue, 11 Jun 2024 11:04:46 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5055b71f10db0c-FRA
accept-ranges: bytes
content-length: 94282
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 98ms
31ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CKJY21YJ7N&gtm=45je4cc1v9166211784za200&_p=1734705073629&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=670364617.1734705074&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734705073&sct=1&seg=0&dl=https%3A%2F%2Fhunt.io%2Fblog%2Fgh0st-and-pantegana-two-rats-that-refuse-to-fade-away&dt=Gh0st%20and%20Pantegana%3A%20Two%20RATs%20that%20Refuse%20to%20Fade%20Away&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=624
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CKJY21YJ7N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://hunt.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 14:31:13 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 anonymous
events.framer.com/ 0
380 B 381ms
379ms Ping
application/json 3.160.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: events.framer.com
URL: https://events.framer.com/script
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-114.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://hunt.io/

Response headers

x-amz-apigw-id: DGDj4FLtoAMECmQ=
x-amzn-trace-id: Root=1-67657fb2-4f40b48b5e5426f123472471;Parent=0c3b33d3e5a75f42;Sampled=0;Lineage=1:c457ad49:0
x-amzn-requestid: 5da4b0a5-4426-4764-bec3-fbd9733c93df
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: N1-sSH6tGeHW-AMIy4TzDDMgEaeNzhQBav7zpZdoebanWBiQa1tBgQ==
date: Fri, 20 Dec 2024 14:31:14 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P7

GET
H2 200 psEar9BZHC3V1ST6mGHxVJQfBxc.png
framerusercontent.com/images/ 391 B
1 KB 34ms
33ms Other
image/png 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/images/psEar9BZHC3V1ST6mGHxVJQfBxc.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1444a7eaffad2eae4dd0999fb1fd4c308e51876b70db2c4f1181c8a038f1f859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

etag: "939ec6fdc5062f6529950c37ab817812"
age: 17711687
x-content-type-options: nosniff
x-amzn-requestid: b0ac55ce-81d8-4ec5-a63d-b4e0230c1b65
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 0jO5G9QT0Pnl86VFswKnvF_KXYRAd9IqZtpNe3vpUCIOZcZuu4go8g==
date: Wed, 29 May 2024 14:36:26 GMT
content-type: image/png
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="0jO5G9QT0Pnl86VFswKnvF_KXYRAd9IqZtpNe3vpUCIOZcZuu4go8g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: root=1-66573d6a-4e285cd21e7c73b36b481c52;sampled=1;lineage=f456f256:0
content-security-policy-report-only: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 206 wvsIsx8BB-indexes-default.framercms Show response
framerusercontent.com/modules/drpNeVQopLY1P5khDike/e0wqswTdgdtVKWVegybm/ 3 KB
4 KB 27ms
26ms Fetch
application/octet-stream 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/drpNeVQopLY1P5khDike/e0wqswTdgdtVKWVegybm/wvsIsx8BB-indexes-default.framercms

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-SCNS7PGQ.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

49f78c9fec4a900fc3f012ebbbe226c80ecbbf10aa2c6fee3b1a91b7db9e0f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=6983-10213
Referer: https://hunt.io/

Response headers

access-control-expose-headers: Content-Range
age: 72352
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: AjqaGSFoRhzNZwibFOlfolzYkbhLUQrGZh7C5PjObWxJPGBwJr_u1w==
date: Thu, 19 Dec 2024 18:25:22 GMT
content-type: application/octet-stream
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="AjqaGSFoRhzNZwibFOlfolzYkbhLUQrGZh7C5PjObWxJPGBwJr_u1w==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cache-control: public, max-age=604800, immutable
timing-allow-origin: *
Content-Range: bytes 6983-10213/279741
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
Content-Length: 3231
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H3 206 wvsIsx8BB-chunk-default-0.framercms Show response
framerusercontent.com/modules/drpNeVQopLY1P5khDike/e0wqswTdgdtVKWVegybm/ 4 KB
5 KB 31ms
31ms Fetch
application/octet-stream 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/drpNeVQopLY1P5khDike/e0wqswTdgdtVKWVegybm/wvsIsx8BB-chunk-default-0.framercms

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-SCNS7PGQ.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

895c291b9a3093c490764655b301b2aad2f4d8469ea39a62e8a41513ce7daea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=142136-146431
Referer: https://hunt.io/

Response headers

access-control-expose-headers: Content-Range
age: 491217
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="K5lr6O7XCNTxD1hbJxb9pqHzRpSjMoHOyd3Tgyy9J79d3BiSiHyVAA==",cdn-downstream-fbl=2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 22:04:17 GMT
content-type: application/octet-stream
x-amz-cf-id: K5lr6O7XCNTxD1hbJxb9pqHzRpSjMoHOyd3Tgyy9J79d3BiSiHyVAA==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, immutable
timing-allow-origin: *
Content-Range: bytes 142136-146431/251282
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
Content-Length: 4296
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H3 200 wvsIsx8BB-chunk-default-dict.framercms Show response
framerusercontent.com/modules/drpNeVQopLY1P5khDike/e0wqswTdgdtVKWVegybm/ 31 KB
32 KB 32ms
32ms Fetch
application/octet-stream 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/drpNeVQopLY1P5khDike/e0wqswTdgdtVKWVegybm/wvsIsx8BB-chunk-default-dict.framercms

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-SCNS7PGQ.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9840333452f256bc5bbe041f4b3a5e1a47a11cc6ece9fb70ed0dcd3b9eb1744c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

access-control-expose-headers: Content-Range
age: 44707
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="5hRjqG9C5J1kuWxjtzTnCePeaDlckkhmuyZIbqAh_PmMTJ-fEKpeJw==",cdn-downstream-fbl=1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 02:06:07 GMT
content-type: application/octet-stream
x-amz-cf-id: 5hRjqG9C5J1kuWxjtzTnCePeaDlckkhmuyZIbqAh_PmMTJ-fEKpeJw==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, immutable
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 32000
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H3 206 wvsIsx8BB-indexes-default.framercms Show response
framerusercontent.com/modules/drpNeVQopLY1P5khDike/e0wqswTdgdtVKWVegybm/ 1 KB
2 KB 32ms
32ms Fetch
application/octet-stream 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/drpNeVQopLY1P5khDike/e0wqswTdgdtVKWVegybm/wvsIsx8BB-indexes-default.framercms

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-SCNS7PGQ.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4b77ebe5c461a1010512970dc5019b2de6eb00b168f4d409d839fe2eed116879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-1252
Referer: https://hunt.io/

Response headers

access-control-expose-headers: Content-Range
age: 72352
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="DCMFyx5MlDAOSzeunmjtANIFcgUXshhjeh3Br-vRy2bFRASZ6NOtqg==",cdn-downstream-fbl=2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Dec 2024 18:25:22 GMT
content-type: application/octet-stream
x-amz-cf-id: DCMFyx5MlDAOSzeunmjtANIFcgUXshhjeh3Br-vRy2bFRASZ6NOtqg==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, immutable
timing-allow-origin: *
Content-Range: bytes 0-1252/279741
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
Content-Length: 1253
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H3

200

Sun.js Show response
framerusercontent.com/modules/wp6xzA2QrHTqCWJAsoKa/Hyhw8DdNtDxDqd366SY7/
Redirect Chain

https://framer.com/m/phosphor-icons/Sun.js@0.0.53
https://framerusercontent.com/modules/wp6xzA2QrHTqCWJAsoKa/Hyhw8DdNtDxDqd366SY7/Sun.js

5 KB
2 KB

31ms
31ms

Script
text/javascript

2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/wp6xzA2QrHTqCWJAsoKa/Hyhw8DdNtDxDqd366SY7/Sun.js

Protocol

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e77e2400288b5496592bb75f3d2c61871d947b1705f8a2d98c4bdea3a8ebbadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://framerusercontent.com/

Response headers

access-control-expose-headers: Content-Range
content-encoding: br
age: 303341
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="13yr4YVm-Za-yeHEY-l5RwkN4g7DsIijWtHtlXdn9ike92wEfJ5XIw==",cdn-downstream-fbl=1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Tue, 17 Dec 2024 02:15:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-id: 13yr4YVm-Za-yeHEY-l5RwkN4g7DsIijWtHtlXdn9ike92wEfJ5XIw==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, immutable
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

Redirect headers

access-control-expose-headers: Content-Range
age: 19
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: kYUBmN3-QAaoyN1Qp3UtptXV7thZK9b_Eivy-b8D4WtviKwnE7deEg==
date: Fri, 20 Dec 2024 14:30:55 GMT
content-type: text/html; charset=utf-8
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600
location: https://framerusercontent.com/modules/wp6xzA2QrHTqCWJAsoKa/Hyhw8DdNtDxDqd366SY7/Sun.js
referrer-policy: strict-origin-when-cross-origin
via: 1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 109
x-xss-protection: 0
x-amz-cf-pop: FRA60-P8

GET
H3

200

Moon.js Show response
framerusercontent.com/modules/qdFz1d7MF7d8Wsxrv3Ew/tbOlJ2GGWCCiI25KWvfU/
Redirect Chain

https://framer.com/m/phosphor-icons/Moon.js@0.0.53
https://framerusercontent.com/modules/qdFz1d7MF7d8Wsxrv3Ew/tbOlJ2GGWCCiI25KWvfU/Moon.js

4 KB
2 KB

32ms
31ms

Script
text/javascript

2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/qdFz1d7MF7d8Wsxrv3Ew/tbOlJ2GGWCCiI25KWvfU/Moon.js

Protocol

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cf51594b76c66c43206e9aa471baec6a92594ea6b8cbead1b40f445468de76e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://framerusercontent.com/

Response headers

access-control-expose-headers: Content-Range
content-encoding: br
age: 108767
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="pv_wdEUbOgqBmolGL1g66oC_l8G_t_5yECmsr38ASocDJaZz5tkScA==",cdn-downstream-fbl=2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Dec 2024 08:18:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-id: pv_wdEUbOgqBmolGL1g66oC_l8G_t_5yECmsr38ASocDJaZz5tkScA==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, immutable
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

Redirect headers

access-control-expose-headers: Content-Range
age: 2076
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 0K9rfN3R1w0Fpw1LRwty0TyAkyUqCsFSMeORc3IpetXsr-Jg83uy6Q==
date: Fri, 20 Dec 2024 13:56:38 GMT
content-type: text/html; charset=utf-8
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600
location: https://framerusercontent.com/modules/qdFz1d7MF7d8Wsxrv3Ew/tbOlJ2GGWCCiI25KWvfU/Moon.js
referrer-policy: strict-origin-when-cross-origin
via: 1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 110
x-xss-protection: 0
x-amz-cf-pop: FRA60-P8

GET
H2 200 figure_1.webp
app.hunt.io/images/blogs/ghost-and-pantegana/ 217 KB
0 0ms
0ms Image
image/webp 2606:4700:3108::ac42:2888
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.hunt.io/images/blogs/ghost-and-pantegana/figure_1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2888 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f6563c3ac22759064b34b10f231067c34d1a50016eac75999a41492e9e4fe36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

cf-cache-status: MISS
etag: "66682f4e-3629a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILpDNrU6EvxTHk%2FHCyMhywvTe8isCcQASjJ8Jrh91WDrvF1202VwlHN10fBLA6UOM0VYsY5384pws%2FCRBBRkrrr0XUiZsfYvjNk%2FNjJSuwt7GE%2BTkm0GcKK6WQeQFxIY1MeqUe8%2BNbqI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26898&min_rtt=21703&rtt_var=12867&sent=9&recv=13&lost=0&retrans=0&sent_bytes=3979&recv_bytes=2348&delivery_rate=181726&cwnd=255&unsent_bytes=0&cid=706770eb2cfb9f43&ts=425&x=0"
date: Fri, 20 Dec 2024 14:31:14 GMT
content-type: image/webp
last-modified: Tue, 11 Jun 2024 11:04:46 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f5055b71f14db0c-FRA
accept-ranges: bytes
content-length: 221850
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 206 wvsIsx8BB-indexes-default.framercms Show response
framerusercontent.com/modules/drpNeVQopLY1P5khDike/e0wqswTdgdtVKWVegybm/ 594 B
1 KB 34ms
33ms Fetch
application/octet-stream 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/drpNeVQopLY1P5khDike/e0wqswTdgdtVKWVegybm/wvsIsx8BB-indexes-default.framercms

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-SCNS7PGQ.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

017a0615222ff277161363f5f920b7dfcc13be95b437641801b01294638c16ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=13950-14543
Referer: https://hunt.io/

Response headers

access-control-expose-headers: Content-Range
age: 72352
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="XaBG1Fc7pldTGBeQ_OuN9qGKMuhEMTcSSBQcLZxGQ47jID2MUYt58A==",cdn-downstream-fbl=3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Dec 2024 18:25:22 GMT
content-type: application/octet-stream
x-amz-cf-id: XaBG1Fc7pldTGBeQ_OuN9qGKMuhEMTcSSBQcLZxGQ47jID2MUYt58A==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, immutable
timing-allow-origin: *
Content-Range: bytes 13950-14543/279741
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
Content-Length: 594
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H3 206 wvsIsx8BB-chunk-default-0.framercms Show response
framerusercontent.com/modules/drpNeVQopLY1P5khDike/e0wqswTdgdtVKWVegybm/ 7 KB
8 KB 35ms
35ms Fetch
application/octet-stream 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/modules/drpNeVQopLY1P5khDike/e0wqswTdgdtVKWVegybm/wvsIsx8BB-chunk-default-0.framercms

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-SCNS7PGQ.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9c7377b8200cb0ad88c8bda201d8d3294c4774a15a3d20bc08baa4d4655c31ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=4-7343
Referer: https://hunt.io/

Response headers

access-control-expose-headers: Content-Range
age: 491217
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="9KEKuSKOLA0f1uO-Ywrt4s72Ht2y8e-949cN5E2m0a41KiY6MPrjVA==",cdn-downstream-fbl=6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 22:04:17 GMT
content-type: application/octet-stream
x-amz-cf-id: 9KEKuSKOLA0f1uO-Ywrt4s72Ht2y8e-949cN5E2m0a41KiY6MPrjVA==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, immutable
timing-allow-origin: *
Content-Range: bytes 4-7343/251282
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
Content-Length: 7340
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 Way36x4YAG030oY95W956m4NMlE.webp
framerusercontent.com/images/ 11 KB
0 0ms
0ms Image
image/avif 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Way36x4YAG030oY95W956m4NMlE.webp?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c45a04caa3f1fe16f8370a14f4ab76be2388e1e84151e95a03ef234116de8907

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

etag: "53d8d1b4ba3b8e3985f9fd0e14a7b806"
age: 688741
x-content-type-options: nosniff
x-amzn-requestid: 1337ccec-d87d-4d88-a84d-9ef34e1d4cfc
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 6ZOXtzhv7Zykq-KVJGLhj7uKjNUP0KQZEmUjOwK2xhnpQGfkClojuA==
date: Thu, 12 Dec 2024 15:12:12 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="6ZOXtzhv7Zykq-KVJGLhj7uKjNUP0KQZEmUjOwK2xhnpQGfkClojuA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=8
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-675afd4c-687fa2f438b786b87d89fe68;Sampled=1;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 2iZKHFgbhhPbSXPJTCZSAjibSz0.webp
framerusercontent.com/images/ 14 KB
0 1ms
1ms Image
image/avif 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/2iZKHFgbhhPbSXPJTCZSAjibSz0.webp?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8d7dbb5bd48cf785d70a7205170e43e1a5c20518cc56cbe3723588fc9367493a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

etag: "4b6222251476f799c2cb03871d43ce05"
age: 868228
x-content-type-options: nosniff
x-amzn-requestid: a0e9cb6c-1bb4-400f-b724-29d999ed8b91
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Lq0BaPaOq76Kd8KYnQM2kaMHPbOlMc8TRWHAcyRHovVggDpdPSexxw==
date: Tue, 10 Dec 2024 13:20:45 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="Lq0BaPaOq76Kd8KYnQM2kaMHPbOlMc8TRWHAcyRHovVggDpdPSexxw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=10
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6758402c-163635ef05757170620d0145;Parent=7ab6c9b0c89b8555;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 XFsFr3Y6HDDfkPLgSPRuhldm2g.webp
framerusercontent.com/images/ 13 KB
0 0ms
0ms Image
image/avif 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/XFsFr3Y6HDDfkPLgSPRuhldm2g.webp?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3228edf4ab6733ab80ece58cbaa333ec9aebfbba591ea10847f5f80d72718b87

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

etag: "c65ad346c5c1fa59ef847a1a28b06677"
age: 1211631
x-content-type-options: nosniff
x-amzn-requestid: f1739626-e2e0-47f7-9d0b-60276e653328
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: p_xdTzKYQkoQgjzY035WSSKQqa6lRJKb3v9IQ5rxgcsJX0sKQH8G9g==
date: Fri, 06 Dec 2024 13:57:22 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="p_xdTzKYQkoQgjzY035WSSKQqa6lRJKb3v9IQ5rxgcsJX0sKQH8G9g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=9
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-675302c2-74e6f9e405c89f60406ca132;Parent=7bc194a7b5529999;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H2 200 Wbt9vg2M3MLSUK6C8ZimtsouOws.webp
framerusercontent.com/images/ 13 KB
0 2ms
2ms Image
image/avif 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/Wbt9vg2M3MLSUK6C8ZimtsouOws.webp?scale-down-to=512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

62e73c6143776d9d4b4008c49a5dfe8366f14377fc9468cd839fba9243d2b510

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hunt.io/

Response headers

etag: "6e4452128dad288b01d3eed90d12f1d6"
age: 359973
x-content-type-options: nosniff
x-amzn-requestid: e79322bd-e3cf-486d-9020-4f2db479c7de
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 6OiyXZFY11wQ41fbpvl-qKo6oZhIxEZ3ZRifSUirr-ISGAK2bCxhGA==
date: Mon, 16 Dec 2024 10:31:40 GMT
content-type: image/avif
vary: Accept
x-frame-options: deny
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="6OiyXZFY11wQ41fbpvl-qKo6oZhIxEZ3ZRifSUirr-ISGAK2bCxhGA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=11
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6760018c-41d9d5280b492557093b4f8d;Parent=7ac783b3973ac60a;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6331d4bbb4ca00ba6bb24a0730ab986c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12

GET
H3 200 Jl3Kv7P-kDAXGrkG_Y3TePXcWEHsZdHVwzyhfgdi4S8.Z3PP3SHS.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 97 KB
13 KB 32ms
32ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/Jl3Kv7P-kDAXGrkG_Y3TePXcWEHsZdHVwzyhfgdi4S8.Z3PP3SHS.mjs

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.JWKODJRP.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a1a7c8378b9fd011ac6eb20ee65eb2b09c648bd819be2dd1e2699914b3a3c776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.JWKODJRP.mjs

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"8bf2d736df8605a9f3ead6e404c11dbb"
x-amz-version-id: mPbX1a_jipYcXH1XyUO3HLA6ut14vwjQ
age: 160352
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="cZC-BbjqxD1ZL3esVDr1td3tXSF3S9r21UhqeXv3nf5TZXOsopEs8A==",cdn-downstream-fbl=2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Dec 2024 17:58:43 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:13 GMT
vary: Accept-Encoding,Origin
x-amz-cf-id: cZC-BbjqxD1ZL3esVDr1td3tXSF3S9r21UhqeXv3nf5TZXOsopEs8A==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 zhL8nU7XNNGFRlAIY2FM-h62K_VrrSiSRyTqnUBhnM8.2ONAQ3L6.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 41 KB
8 KB 36ms
36ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/zhL8nU7XNNGFRlAIY2FM-h62K_VrrSiSRyTqnUBhnM8.2ONAQ3L6.mjs

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.JWKODJRP.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

89adc349755c267911da66468e4bc24adae2f53bf851388e17529c1843d92a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.JWKODJRP.mjs

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"af252ad5a6edd6fc85cdf8f9e88f1237"
x-amz-version-id: yzIkXe5jSJWgiaWzimWMHAFNdXjCoT4U
age: 154715
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="7q5KWXQaDc828fB3PYtXxvA3c38PoEeRWMFRPtTTwXyywPlv-EL_Iw==",cdn-downstream-fbl=5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Dec 2024 19:32:40 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:12 GMT
vary: Accept-Encoding,Origin
x-amz-cf-id: 7q5KWXQaDc828fB3PYtXxvA3c38PoEeRWMFRPtTTwXyywPlv-EL_Iw==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 zf7oaQsVisvCUlpUMhEzxzxL1qwjjWU7pRoRegRYu8A.CPSBDKUK.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 45 KB
8 KB 38ms
37ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/zf7oaQsVisvCUlpUMhEzxzxL1qwjjWU7pRoRegRYu8A.CPSBDKUK.mjs

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.JWKODJRP.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a58d93c71d80fe6495733aed848ed9d2537503dbcb0974eaacac61cf39d55213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.JWKODJRP.mjs

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"07b92e44e8bfb173b0cbb86fa222b2f5"
x-amz-version-id: 93tSKpGlQqiqRtnJMqjoY0RH.VhhJ7r9
age: 154715
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="vW3xBw0uykb2kYIyVo2KaBWL3F7cs7tszWVl0HbrWoXZ08U1PnPsBQ==",cdn-downstream-fbl=3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Dec 2024 19:32:40 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:12 GMT
vary: Accept-Encoding,Origin
x-amz-cf-id: vW3xBw0uykb2kYIyVo2KaBWL3F7cs7tszWVl0HbrWoXZ08U1PnPsBQ==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 uGlNsLGsxLbZSRZ1mvzu3m0ZuvxWi0UMM-zLyu4GSN4.HVSLD37U.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 74 KB
11 KB 34ms
34ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/uGlNsLGsxLbZSRZ1mvzu3m0ZuvxWi0UMM-zLyu4GSN4.HVSLD37U.mjs

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.JWKODJRP.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

91b9eb9280efec1fdbcb56bb2385db1d1caaafea5a6ca7ea676f16b6e4deceba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.JWKODJRP.mjs

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"37fe282f7785846dc855a8324a0bfd06"
x-amz-version-id: C8swaXEW62eAoNRGCCVU96UYrylPZ4Kl
age: 154715
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="IFxR7LopRXolxbdKxTJgqpMSNFPx80cOsuPy0uA4bGRW7_2qsvFKYw==",cdn-downstream-fbl=3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Dec 2024 19:32:40 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:13 GMT
vary: Accept-Encoding,Origin
x-amz-cf-id: IFxR7LopRXolxbdKxTJgqpMSNFPx80cOsuPy0uA4bGRW7_2qsvFKYw==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 pRiwASxP9OJsmj9eXZodYhMZRAVY5w9eI5HAcshw2Vw.W3CFR3IX.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 91 KB
13 KB 33ms
32ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/pRiwASxP9OJsmj9eXZodYhMZRAVY5w9eI5HAcshw2Vw.W3CFR3IX.mjs

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.JWKODJRP.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

63c0d4d04db8ceb61f003d81ffe0431d560eaa25aa7733fcb153fc678468b4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/script_main.JWKODJRP.mjs

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"bb6d6c8b1623e55d7833070517546bc0"
x-amz-version-id: u.wouwOQwLuZs1DJND6MhLfIR5y02lcC
age: 154715
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="ygXCsMUW8RkBlU2j4R7FxpCoexDBOVKLw6CC3cy3WL8qW6wVqR8Q_A==",cdn-downstream-fbl=2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Dec 2024 19:32:40 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:12 GMT
vary: Accept-Encoding,Origin
x-amz-cf-id: ygXCsMUW8RkBlU2j4R7FxpCoexDBOVKLw6CC3cy3WL8qW6wVqR8Q_A==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 chunk-75KC3OJW.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 999 B
2 KB 33ms
33ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-75KC3OJW.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f8c7aece584727904d9ece558d571f0a745d505013a200a9e4382d293401e840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/zhL8nU7XNNGFRlAIY2FM-h62K_VrrSiSRyTqnUBhnM8.2ONAQ3L6.mjs

Response headers

access-control-max-age: 0
etag: "c8efc240356389f13cecc167c1012996"
x-amz-version-id: o4YHMjQ.oXSy6VZhcWaxh8uLt6h88EWw
age: 1857849
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="Oiywt6iWY70ASJf4gCINaXNpFSssVcEPDMhIGTx_AmG07F_-YipGag==",cdn-downstream-fbl=3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 02:27:06 GMT
content-type: text/javascript
last-modified: Thu, 28 Nov 2024 16:33:32 GMT
vary: Origin
x-amz-cf-id: Oiywt6iWY70ASJf4gCINaXNpFSssVcEPDMhIGTx_AmG07F_-YipGag==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 999
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 chunk-3OHOHP5K.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 1 KB
1 KB 31ms
31ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-3OHOHP5K.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

85423271cadc50e7a8873249d3ece6c62b3180112ac657e66347ce4241d31dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/Jl3Kv7P-kDAXGrkG_Y3TePXcWEHsZdHVwzyhfgdi4S8.Z3PP3SHS.mjs

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"0d3db3f4c9f52ed4383abbcc60719616"
x-amz-version-id: RGc_Ws_DDVt19gqO4V500uKpAg8wxHba
age: 4473734
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="I6BEpz0Shgsquw4-IbU_jT-I9VYvW9Qr2cUkLbD7V_DO2_GF0IlCVQ==",cdn-downstream-fbl=2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 19:49:00 GMT
content-type: text/javascript
last-modified: Tue, 29 Oct 2024 18:16:43 GMT
vary: Accept-Encoding,Origin
x-amz-cf-id: I6BEpz0Shgsquw4-IbU_jT-I9VYvW9Qr2cUkLbD7V_DO2_GF0IlCVQ==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 chunk-2GYV7IVM.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 933 B
2 KB 35ms
34ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-2GYV7IVM.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

195e5840ca8966eb3ab97a9eb1582e7375d49810416f043dd8378af918367b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/uGlNsLGsxLbZSRZ1mvzu3m0ZuvxWi0UMM-zLyu4GSN4.HVSLD37U.mjs

Response headers

access-control-max-age: 0
etag: "24298ba8391c7d23a5170e0e38318a28"
x-amz-version-id: 4vGIXYTq8ueJqN572Ig7jiu.3n5EU9ic
age: 8663026
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="MFjYCFiRaXkeIX9yc2oTVhJ1F3PK99iKojhlEhG7ZsHR4M4xnr6kXw==",cdn-downstream-fbl=2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Wed, 11 Sep 2024 08:07:29 GMT
content-type: text/javascript
last-modified: Tue, 10 Sep 2024 13:03:14 GMT
vary: Origin
x-amz-cf-id: MFjYCFiRaXkeIX9yc2oTVhJ1F3PK99iKojhlEhG7ZsHR4M4xnr6kXw==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 933
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 chunk-2MP2Z6KV.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 993 B
2 KB 33ms
33ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-2MP2Z6KV.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

20f16f669e39ddc2f4fce46463481ec43157c6d23258ec2f59f32a23c3d66a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/pRiwASxP9OJsmj9eXZodYhMZRAVY5w9eI5HAcshw2Vw.W3CFR3IX.mjs

Response headers

access-control-max-age: 0
etag: "a0270dad90dd051af03ad27f756ce88b"
x-amz-version-id: Xa6i0f68HFqGuYAYsjcBEL8VNbvS_6X7
age: 4882198
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="EfEq7reWFdbwGBT-7BF55FcqDp-FNm3n0wHRhOe4z-fm_WpH95wOWw==",cdn-downstream-fbl=2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Oct 2024 02:21:17 GMT
content-type: text/javascript
last-modified: Thu, 24 Oct 2024 17:21:26 GMT
vary: Origin
x-amz-cf-id: EfEq7reWFdbwGBT-7BF55FcqDp-FNm3n0wHRhOe4z-fm_WpH95wOWw==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 993
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 chunk-CVFGEIRU.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 16 KB
4 KB 37ms
37ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-CVFGEIRU.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

786810b6317d2b86f3a3cc35e127d5e1ae58f3f4ff417325768642d941941844

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/pRiwASxP9OJsmj9eXZodYhMZRAVY5w9eI5HAcshw2Vw.W3CFR3IX.mjs

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"375ee4432c65af7895f7224b1c7d14d3"
x-amz-version-id: iSOSNsXzRyw3VlM3k3D1APlgz32BAMN4
age: 154714
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="xCeJJP_FG-vMKNQYI3xEjkpzvIXBFGdhgODXTlrZHGKEsaPB9o5Z1g==",cdn-downstream-fbl=1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Dec 2024 19:32:41 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 17:20:12 GMT
vary: Accept-Encoding,Origin
x-amz-cf-id: xCeJJP_FG-vMKNQYI3xEjkpzvIXBFGdhgODXTlrZHGKEsaPB9o5Z1g==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 chunk-W7PAJESI.mjs Show response
framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/ 997 B
2 KB 38ms
37ms Script
text/javascript 2600:9000:2724:c800:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/chunk-W7PAJESI.mjs

Requested by

Host: hunt.io
URL: https://hunt.io/blog/gh0st-and-pantegana-two-rats-that-refuse-to-fade-away

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2724:c800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

fd2c9f5458dff3221f07b1f32bb05b7d9fbf9e9f435448ed14ed1c273d0e493e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hunt.io
Referer: https://framerusercontent.com/sites/6JIWbys4J7luUrNMA4Ci7w/zf7oaQsVisvCUlpUMhEzxzxL1qwjjWU7pRoRegRYu8A.CPSBDKUK.mjs

Response headers

access-control-max-age: 0
etag: "7840196577db9a0c47d25a45b1404bd5"
x-amz-version-id: rZzGzmQf2m1qGMZetHMM9Ni1D68QMvdt
age: 1857849
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-hit-layer;desc="EDGE",cdn-rid;desc="XC7trJEr-DSQPS0WbRJP2D9TwSQdZ58qePGeVOOEh5lU6GCcfs8qnQ==",cdn-downstream-fbl=2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 02:27:06 GMT
content-type: text/javascript
last-modified: Thu, 28 Nov 2024 16:33:32 GMT
vary: Origin
x-amz-cf-id: XC7trJEr-DSQPS0WbRJP2D9TwSQdZ58qePGeVOOEh5lU6GCcfs8qnQ==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 997
x-xss-protection: 0
x-amz-cf-pop: FRA56-P12
server: CloudFront
x-amz-server-side-encryption: AES256

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hunt.io/	1970-01-21 11:27:45	Name: _ga_CKJY21YJ7N Value: GS1.1.1734705073.1.0.1734705073.0.0.0
			.hunt.io/	1970-01-21 11:27:45	Name: _ga Value: GA1.1.670364617.1734705074

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.framerstatic.com
app.hunt.io
events.framer.com
framer.com
framerusercontent.com
hunt.io
region1.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2600:9000:223e:2400:d:6b42:4ec0:93a1
2600:9000:2724:c800:d:ada1:a280:93a1
2600:9000:2761:f800:10:9b9d:b9c0:93a1
2606:4700:3108::ac42:2888
2a00:1450:4001:808::2008
3.160.150.114
35.71.142.77
017a0615222ff277161363f5f920b7dfcc13be95b437641801b01294638c16ea
0ce1f879c04e091089964453047a58bd59c69003b198a00c3b3a0fd89672bdd6
0d483fb31b7baa932fb38d9e974bcca41a9ecfa605e0d540b66e54e39fe69f6b
0f6563c3ac22759064b34b10f231067c34d1a50016eac75999a41492e9e4fe36
11410ff9d26d727b478233a525b9b01cd020a236b52791fa9292d300b47b70d7
1444a7eaffad2eae4dd0999fb1fd4c308e51876b70db2c4f1181c8a038f1f859
15480ef9225b1f55dfc1e24166773ce63bad28a494548643515fac4f15b9c31a
1903ee47f38fb5a0b56ce197b51aa0e1be80b22ab3afcd1a466eb1ee536aa8b3
195e5840ca8966eb3ab97a9eb1582e7375d49810416f043dd8378af918367b9f
1eb831c9ea67d25e2d76aa8a3019cb3aa1afa360115725555c84483af4c09ede
20f16f669e39ddc2f4fce46463481ec43157c6d23258ec2f59f32a23c3d66a8a
2dc968863319a6f57e6428a7b4c292ae254d3e462b5f23f71bab492317067d5f
3228edf4ab6733ab80ece58cbaa333ec9aebfbba591ea10847f5f80d72718b87
380d53289aae04c44b3d18a0b2c4df365fbe7524bcf057cd6c0d6dcbb3721827
3b28bbdcf425401f640c23417356ba6636dea9d26bb780793414191da3ac6016
4107b11930c4eef1f6ae5a76d441562e6d21a601f1781f37fd085542cd87412b
49f78c9fec4a900fc3f012ebbbe226c80ecbbf10aa2c6fee3b1a91b7db9e0f1d
4b77ebe5c461a1010512970dc5019b2de6eb00b168f4d409d839fe2eed116879
4dff80896665e85a73ad1b159b0bb3e10fa3d94bcf5d8b155a32fd2e3bf0c6c2
62e73c6143776d9d4b4008c49a5dfe8366f14377fc9468cd839fba9243d2b510
63c0d4d04db8ceb61f003d81ffe0431d560eaa25aa7733fcb153fc678468b4ea
786810b6317d2b86f3a3cc35e127d5e1ae58f3f4ff417325768642d941941844
80f541fb07cb82178daf91805821ba0bb448cec7d75652e65d09abb6f3e46816
8314bcf42d268a6a05b1b31e44fe8a63a982831d240cff23cf155496f53ebe8f
85423271cadc50e7a8873249d3ece6c62b3180112ac657e66347ce4241d31dc9
895c291b9a3093c490764655b301b2aad2f4d8469ea39a62e8a41513ce7daea1
89adc349755c267911da66468e4bc24adae2f53bf851388e17529c1843d92a96
89e61318afc569842f98ccd196ff7cfbb36ec69bad3af935dd5c7149b494fde4
8b3c03539d1657012443b146757a6fabd87fa0302e6f857c233c67c7fa1aff60
8b91ee4af78a9558d2bbbc889b190d7c47647405fabc8ae5be1c014d6c938228
8d7dbb5bd48cf785d70a7205170e43e1a5c20518cc56cbe3723588fc9367493a
91b9eb9280efec1fdbcb56bb2385db1d1caaafea5a6ca7ea676f16b6e4deceba
93060a437366c0be0a28d1ed84767124fa3a8b4505cf10adefe10c1a59d31b5c
934a0090ea09dac177119e0604e09ff36cdfaaacdf4c32a01e6d63cdff28082f
9837fc4c74d841519f1f7001cd549599deff16581d3c610143cc0be65ef1652d
9840333452f256bc5bbe041f4b3a5e1a47a11cc6ece9fb70ed0dcd3b9eb1744c
997fb2ecebc476796c26ffc08e7dd30fcb9a7c2ddcebee1d9ad3ed1d00db917c
9c7377b8200cb0ad88c8bda201d8d3294c4774a15a3d20bc08baa4d4655c31ae
a1a7c8378b9fd011ac6eb20ee65eb2b09c648bd819be2dd1e2699914b3a3c776
a58d93c71d80fe6495733aed848ed9d2537503dbcb0974eaacac61cf39d55213
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
ad0451f3c03e0d4c9a7b3022e738c46caf96b8d690a78e0c7e9872d5c780ce86
b72ea8c627173c38dc5b7fb91a3454d5d270fd35f3b149c4fbf8fb8099406ba8
bdb9c4abf0c61c96ed5b2237c37aafcf3ca69eeda0f7a96130cfb76dfe0c6995
c45a04caa3f1fe16f8370a14f4ab76be2388e1e84151e95a03ef234116de8907
c861d136456a64c9c5619e9fa7c37c80144ea5d8879d88554c1f8abaaae891bf
cc324555c1cd681a59c27be1eda61da587d17bf71cc1ed8aa3e4a51e77907685
cf01623bef352e80bf05bcccc0fe5989fb8cc599601c9cc68bc3990af350d01c
cf51594b76c66c43206e9aa471baec6a92594ea6b8cbead1b40f445468de76e0
d7525fe1b379953d9cb9c710fb95950289ee4c733ba7a81037e3b215c08db802
e1d4e429bec9bc36a28143018ae0400faee2ea7ffe9442942794e016a094220c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77e2400288b5496592bb75f3d2c61871d947b1705f8a2d98c4bdea3a8ebbadd
f8c7aece584727904d9ece558d571f0a745d505013a200a9e4382d293401e840
fd2c9f5458dff3221f07b1f32bb05b7d9fbf9e9f435448ed14ed1c273d0e493e

hunt.io Open in urlscan Pro 35.71.142.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

75 %IPv6

6 Domains

8 Subdomains

8 IPs

2 Countries

1823 kBTransfer

5862 kBSize

2 Cookies

10 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hunt.io Open in urlscan Pro
35.71.142.77 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

75 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

1823 kB
Transfer

5862 kB
Size

2
Cookies

60 HTTP transactions
1 data transactions