URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Submission: On May 21 via manual from GB

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main IP is 109.73.175.3, located in United Kingdom and belongs to DIMENOC, US. The main domain is www.brokenbrowser.com.
This is the only time www.brokenbrowser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 109.73.175.3 33182 (DIMENOC)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
31 4
Domain Requested by
26 www.brokenbrowser.com www.brokenbrowser.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.brokenbrowser.com
www.google-analytics.com
1 fonts.googleapis.com www.brokenbrowser.com
31 4

This site contains links to these domains. Also see Links.

Domain
twitter.com
youtu.be
www.cracking.com.ar
goo.gl
www.amazon.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Frame ID: 23F4159FFC7A03836FFAA5CC21A3882D
Requests: 31 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

31
Requests

6 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

648 kB
Transfer

1090 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
60 KB
14 KB
Document
General
Full URL
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
95fd9f520a6e53f6451c3beb57c603bde8d6a4a35e7feded03d032197b58391b

Request headers

Host
www.brokenbrowser.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Link
<http://www.brokenbrowser.com/wp-json/>; rel="https://api.w.org/" <http://www.brokenbrowser.com/?p=1140>; rel=shortlink
Etag
"4615-1621353609;gz"
X-LiteSpeed-Cache
hit
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
14369
Date
Fri, 21 May 2021 13:31:55 GMT
Server
LiteSpeed
crayon.min.css
www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/css/min/
20 KB
4 KB
Stylesheet
General
Full URL
http://www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Sep 2016 17:45:01 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3947
Expires
Fri, 28 May 2021 13:31:55 GMT
vs2012-black.css
www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/themes/vs2012-black/
5 KB
1 KB
Stylesheet
General
Full URL
http://www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/themes/vs2012-black/vs2012-black.css
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
fe31bfe8b35fed624e465c50962ca5c704882ae52a3a153b15e2849e53f49a63

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Sep 2016 17:45:01 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
702
Expires
Fri, 28 May 2021 13:31:55 GMT
monaco.css
www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/fonts/
529 B
579 B
Stylesheet
General
Full URL
http://www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
8b33eebc11529672afc8f1ac6d5d4ef24bed8dfec1505a2510c805e0dd21565f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Sep 2016 17:45:03 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
241
Expires
Fri, 28 May 2021 13:31:55 GMT
style.css
www.brokenbrowser.com/wp-content/themes/sahifa/
194 KB
36 KB
Stylesheet
General
Full URL
http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
c580e971d51a07f0457a60badc952bd714065257951559dddf0903c69a3d6c81

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Dec 2016 10:45:22 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
36074
Expires
Fri, 28 May 2021 13:31:55 GMT
skin.css
www.brokenbrowser.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/
7 KB
2 KB
Stylesheet
General
Full URL
http://www.brokenbrowser.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Dec 2016 10:45:22 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1319
Expires
Fri, 28 May 2021 13:31:55 GMT
css
fonts.googleapis.com/
752 B
883 B
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b6f05ab9333e008cdd3168183413a77142093a239a1878449373600a5f87749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.brokenbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 21 May 2021 13:31:55 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Fri, 21 May 2021 13:31:55 GMT
jquery.js
www.brokenbrowser.com/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
http://www.brokenbrowser.com/wp-includes/js/jquery/jquery.js
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Sep 2019 11:49:49 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33838
Expires
Fri, 28 May 2021 13:31:55 GMT
jquery-migrate.min.js
www.brokenbrowser.com/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
http://www.brokenbrowser.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 10:41:28 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4034
Expires
Fri, 28 May 2021 13:31:55 GMT
crayon.min.js
www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/js/min/
22 KB
7 KB
Script
General
Full URL
http://www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Sep 2016 17:45:01 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6808
Expires
Fri, 28 May 2021 13:31:55 GMT
01-normal-view.png
www.brokenbrowser.com/wp-content/uploads/2017/04/
38 KB
38 KB
Image
General
Full URL
http://www.brokenbrowser.com/wp-content/uploads/2017/04/01-normal-view.png
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
89e892435ce4b5db37e30384d4ae28b3604a342274d5246a3fc3fc7142be00da

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Fri, 14 Apr 2017 15:34:14 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
38970
Expires
Fri, 28 May 2021 13:31:55 GMT
02-reading-view.png
www.brokenbrowser.com/wp-content/uploads/2017/04/
38 KB
38 KB
Image
General
Full URL
http://www.brokenbrowser.com/wp-content/uploads/2017/04/02-reading-view.png
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
d097ab0d39ed06fe95a63e1d7416ee518dfd3ef212cfda47637c32121c8c62f0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Fri, 14 Apr 2017 15:34:15 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
38647
Expires
Fri, 28 May 2021 13:31:55 GMT
03-reading-view-protocol.png
www.brokenbrowser.com/wp-content/uploads/2017/04/
26 KB
27 KB
Image
General
Full URL
http://www.brokenbrowser.com/wp-content/uploads/2017/04/03-reading-view-protocol.png
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
9ef6242c3b56874ee7230f4ecdf12910d3ed4d26e76b061edcc2e844bef1b14a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Fri, 14 Apr 2017 15:51:48 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
27051
Expires
Fri, 28 May 2021 13:31:55 GMT
04-redirect-non-refresh.png
www.brokenbrowser.com/wp-content/uploads/2017/04/
42 KB
42 KB
Image
General
Full URL
http://www.brokenbrowser.com/wp-content/uploads/2017/04/04-redirect-non-refresh.png
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
4f14bf5f618c1729fd51854de6b372f12dc9363b1f3db8f66bd16c09c24ab943

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Fri, 14 Apr 2017 23:00:24 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
42865
Expires
Fri, 28 May 2021 13:31:55 GMT
05-google-redirect.png
www.brokenbrowser.com/wp-content/uploads/2017/04/
41 KB
41 KB
Image
General
Full URL
http://www.brokenbrowser.com/wp-content/uploads/2017/04/05-google-redirect.png
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
aff56e10bd140a8add6e91378687deb2deb38f44490244ed1c5c662c26afb779

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Fri, 14 Apr 2017 23:30:11 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
41547
Expires
Fri, 28 May 2021 13:31:55 GMT
06-google-redirects-to-cracking.png
www.brokenbrowser.com/wp-content/uploads/2017/04/
40 KB
41 KB
Image
General
Full URL
http://www.brokenbrowser.com/wp-content/uploads/2017/04/06-google-redirects-to-cracking.png
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
2e3821d4b018a487d36144126e08a4c9531786cb69e6c6dc53cdf8b174062d12

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Fri, 14 Apr 2017 23:47:53 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
41311
Expires
Fri, 28 May 2021 13:31:55 GMT
07-svg-prompt.png
www.brokenbrowser.com/wp-content/uploads/2017/04/
19 KB
19 KB
Image
General
Full URL
http://www.brokenbrowser.com/wp-content/uploads/2017/04/07-svg-prompt.png
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
d99c22a7d78bbe86fb2c31319ba17b3ccd562a5a5b34953468534661e06a9db8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Sat, 15 Apr 2017 02:35:08 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
19468
Expires
Fri, 28 May 2021 13:31:55 GMT
08-accessing-the-top.png
www.brokenbrowser.com/wp-content/uploads/2017/04/
27 KB
28 KB
Image
General
Full URL
http://www.brokenbrowser.com/wp-content/uploads/2017/04/08-accessing-the-top.png
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
d8c2a42a51394a13760a56cf6eea99bb4d572196542846e3fc44af06603b7a30

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Sat, 15 Apr 2017 03:22:38 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
27919
Expires
Fri, 28 May 2021 13:31:55 GMT
09-full-document-write.png
www.brokenbrowser.com/wp-content/uploads/2017/04/
29 KB
29 KB
Image
General
Full URL
http://www.brokenbrowser.com/wp-content/uploads/2017/04/09-full-document-write.png
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
bc6bf841180784a4f7904caae38ab3d45aff949a37757ce76419e6a5060d0e35

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Sun, 16 Apr 2017 14:20:54 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
29724
Expires
Fri, 28 May 2021 13:31:55 GMT
tie-scripts.js
www.brokenbrowser.com/wp-content/themes/sahifa/js/
78 KB
23 KB
Script
General
Full URL
http://www.brokenbrowser.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
f7b4a5ee711db465e287737f1e7c9f5460a8db46104142efea00bba674b7abc4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Dec 2016 10:45:21 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
23332
Expires
Fri, 28 May 2021 13:31:55 GMT
ilightbox.packed.js
www.brokenbrowser.com/wp-content/themes/sahifa/js/
75 KB
23 KB
Script
General
Full URL
http://www.brokenbrowser.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Dec 2016 10:45:21 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
23190
Expires
Fri, 28 May 2021 13:31:55 GMT
wp-embed.min.js
www.brokenbrowser.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
http://www.brokenbrowser.com/wp-includes/js/wp-embed.min.js
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Apr 2021 18:49:56 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
741
Expires
Fri, 28 May 2021 13:31:55 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.brokenbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3903
date
Fri, 21 May 2021 12:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 21 May 2021 14:26:52 GMT
body-bg7.png
www.brokenbrowser.com/wp-content/themes/sahifa/images/patterns/
21 KB
21 KB
Image
General
Full URL
http://www.brokenbrowser.com/wp-content/themes/sahifa/images/patterns/body-bg7.png
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Fri, 09 Dec 2016 10:45:23 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
21146
Expires
Fri, 28 May 2021 13:31:55 GMT
stripe.png
www.brokenbrowser.com/wp-content/themes/sahifa/images/
93 B
384 B
Image
General
Full URL
http://www.brokenbrowser.com/wp-content/themes/sahifa/images/stripe.png
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Fri, 09 Dec 2016 10:45:22 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
93
Expires
Fri, 28 May 2021 13:31:55 GMT
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/
21 KB
21 KB
Font
General
Full URL
http://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.brokenbrowser.com
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 15:44:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Feb 2020 01:56:42 GMT
Server
sffe
Age
78431
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
21232
X-XSS-Protection
0
Expires
Fri, 20 May 2022 15:44:44 GMT
fontawesome-webfont.woff2
www.brokenbrowser.com/wp-content/themes/sahifa/fonts/fontawesome/
70 KB
70 KB
Font
General
Full URL
http://www.brokenbrowser.com/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Pragma
no-cache
Origin
http://www.brokenbrowser.com
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
Connection
keep-alive
Cache-Control
no-cache
Origin
http://www.brokenbrowser.com
Referer
http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Fri, 09 Dec 2016 10:45:22 GMT
Server
LiteSpeed
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
71896
Content-Type
font/woff2
BebasNeue-webfont.woff
www.brokenbrowser.com/wp-content/themes/sahifa/fonts/BebasNeue/
20 KB
20 KB
Font
General
Full URL
http://www.brokenbrowser.com/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

Pragma
no-cache
Origin
http://www.brokenbrowser.com
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
Connection
keep-alive
Cache-Control
no-cache
Origin
http://www.brokenbrowser.com
Referer
http://www.brokenbrowser.com/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Fri, 09 Dec 2016 10:45:22 GMT
Server
LiteSpeed
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
19996
Content-Type
font/woff
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/
22 KB
22 KB
Font
General
Full URL
http://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.brokenbrowser.com
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 16 May 2021 03:48:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Feb 2020 02:52:18 GMT
Server
sffe
Age
466980
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
22340
X-XSS-Protection
0
Expires
Mon, 16 May 2022 03:48:55 GMT
monaco-webfont.woff
www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco/
21 KB
21 KB
Font
General
Full URL
http://www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco/monaco-webfont.woff
Requested by
Host: www.brokenbrowser.com
URL: http://www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css
Protocol
HTTP/1.1
Server
109.73.175.3 , United Kingdom, ASN33182 (DIMENOC, US),
Reverse DNS
109-73-175-3.static.hostdime.com
Software
LiteSpeed /
Resource Hash
9c2e1d2864f53c224d6542bed9a1ab1de620dae21a2146eb4ff982dd8fcd4567

Request headers

Pragma
no-cache
Origin
http://www.brokenbrowser.com
Accept-Encoding
gzip, deflate
Host
www.brokenbrowser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css
Connection
keep-alive
Cache-Control
no-cache
Origin
http://www.brokenbrowser.com
Referer
http://www.brokenbrowser.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:31:55 GMT
Last-Modified
Fri, 02 Sep 2016 17:45:03 GMT
Server
LiteSpeed
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
21372
Content-Type
font/woff
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1344578867&t=pageview&_s=1&dl=http%3A%2F%2Fwww.brokenbrowser.com%2Fsop-bypass-abusing-read-protocol%2F&ul=en-us&de=UTF-8&dt=SOP%20bypass%20courtesy%20of%20the%20reading%20mode%20(Edge)%20%E2%80%93%20Broken%20Browser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=490611563&gjid=1250426127&cid=1047446128.1621603915&tid=UA-85969340-1&_gid=1950977156.1621603915&_r=1&_slc=1&z=1849904190
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.brokenbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 May 2021 13:31:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.brokenbrowser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| CrayonSyntaxSettings object| CrayonSyntaxStrings function| jQueryCrayon object| CrayonUtil object| jqueryPopup function| popupWindow function| popdownWindow object| CrayonSyntax string| GoogleAnalyticsObject function| ga object| tie function| createTicker boolean| isInTag function| typetext object| tie_isMobile function| tie_SmothScroll object| html5 object| Modernizr function| yepnope object| jQuery112407369169967186389 object| browserPrefixes object| wp string| currentURL string| currentDir object| GET object| $window object| $the_post object| $wrapper object| php_js boolean| isActive object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.brokenbrowser.com/ Name: _gat
Value: 1
.brokenbrowser.com/ Name: _gid
Value: GA1.2.1950977156.1621603915
.brokenbrowser.com/ Name: _ga
Value: GA1.2.1047446128.1621603915

1 Console Messages

Source Level URL
Text
console-api log URL: http://www.brokenbrowser.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
www.brokenbrowser.com
www.google-analytics.com
109.73.175.3
2a00:1450:4001:802::2003
2a00:1450:4001:808::200e
2a00:1450:4001:82f::200a
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e3821d4b018a487d36144126e08a4c9531786cb69e6c6dc53cdf8b174062d12
3b6f05ab9333e008cdd3168183413a77142093a239a1878449373600a5f87749
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4f14bf5f618c1729fd51854de6b372f12dc9363b1f3db8f66bd16c09c24ab943
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
89e892435ce4b5db37e30384d4ae28b3604a342274d5246a3fc3fc7142be00da
8b33eebc11529672afc8f1ac6d5d4ef24bed8dfec1505a2510c805e0dd21565f
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
95fd9f520a6e53f6451c3beb57c603bde8d6a4a35e7feded03d032197b58391b
9c2e1d2864f53c224d6542bed9a1ab1de620dae21a2146eb4ff982dd8fcd4567
9ef6242c3b56874ee7230f4ecdf12910d3ed4d26e76b061edcc2e844bef1b14a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
aff56e10bd140a8add6e91378687deb2deb38f44490244ed1c5c662c26afb779
bc6bf841180784a4f7904caae38ab3d45aff949a37757ce76419e6a5060d0e35
c580e971d51a07f0457a60badc952bd714065257951559dddf0903c69a3d6c81
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d097ab0d39ed06fe95a63e1d7416ee518dfd3ef212cfda47637c32121c8c62f0
d8c2a42a51394a13760a56cf6eea99bb4d572196542846e3fc44af06603b7a30
d99c22a7d78bbe86fb2c31319ba17b3ccd562a5a5b34953468534661e06a9db8
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104
e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
f7b4a5ee711db465e287737f1e7c9f5460a8db46104142efea00bba674b7abc4
fe31bfe8b35fed624e465c50962ca5c704882ae52a3a153b15e2849e53f49a63