Submitted URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8...
Effective URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8...
Submission: On March 27 via manual from RU — Scanned from DE

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 105 HTTP transactions. The main IP is 162.159.152.4, located in and belongs to CLOUDFLARENET, US. The main domain is labs.guard.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 14th 2022. Valid for: a year.
This is the only time labs.guard.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 162.159.152.4 13335 (CLOUDFLAR...)
1 69 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2606:4700:7::... 13335 (CLOUDFLAR...)
2 2600:1f18:24e... 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.9.95.56 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
4 2600:9000:212... 16509 (AMAZON-02)
105 9
Apex Domain
Subdomains
Transfer
77 medium.com
medium.com — Cisco Umbrella Rank: 10702
glyph.medium.com — Cisco Umbrella Rank: 20448
cdn-client.medium.com — Cisco Umbrella Rank: 21158
miro.medium.com — Cisco Umbrella Rank: 15870
1014 KB
19 guard.io
labs.guard.io
57 KB
5 branch.io
cdn.branch.io — Cisco Umbrella Rank: 985
api2.branch.io — Cisco Umbrella Rank: 661
24 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
20 KB
2 datadoghq.com
browser-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 5479
229 B
1 app.link
app.link — Cisco Umbrella Rank: 2007
597 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 899
6 KB
105 7
Domain Requested by
53 cdn-client.medium.com labs.guard.io
cdn-client.medium.com
19 labs.guard.io 1 redirects cdn-client.medium.com
14 miro.medium.com labs.guard.io
9 glyph.medium.com labs.guard.io
glyph.medium.com
4 api2.branch.io cdn-client.medium.com
2 www.google-analytics.com labs.guard.io
cdn-client.medium.com
2 browser-http-intake.logs.datadoghq.com cdn-client.medium.com
1 app.link cdn.branch.io
1 cdn.branch.io labs.guard.io
1 static.cloudflareinsights.com labs.guard.io
1 medium.com 1 redirects
105 11
Subject Issuer Validity Valid
labs.guard.io
Cloudflare Inc ECC CA-3
2022-11-14 -
2023-11-13
a year crt.sh
medium.com
Cloudflare Inc ECC CA-3
2023-02-21 -
2023-05-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-11 -
2023-05-10
a year crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-22 -
2024-03-22
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.branch.io
Amazon RSA 2048 M01
2023-02-21 -
2023-11-09
9 months crt.sh
appipv4.link
Amazon RSA 2048 M01
2023-02-24 -
2023-06-23
4 months crt.sh

This page contains 1 frames:

Primary Page: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Frame ID: 0EF7DB7FDF9596736E009448EE0631FE
Requests: 104 HTTP requests in this frame

Screenshot

Page Title

“FakeGPT”: New Variant of Fake-ChatGPT Chrome Extension Stealing Facebook Ad Accounts with Thousands of Daily Installs | by Guardio | Mar, 2023 | Medium

Page URL History Show full URLs

  1. https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-ac... HTTP 307
    https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-va... HTTP 307
    https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-ac... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

105
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

11
Subdomains

9
IPs

3
Countries

1121 kB
Transfer

3254 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282 HTTP 307
    https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282 HTTP 307
    https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

105 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
labs.guard.io/
Redirect Chain
  • https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
  • https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
  • https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
189 KB
44 KB
Document
General
Full URL
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f02ea437002186df42ccf6278348ca5f10fdf10a18f8951d650a8c0f653a9fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://medium.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ae706ce2ebc03dc-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://medium.com
content-type
text/html; charset=utf-8
date
Mon, 27 Mar 2023 10:42:26 GMT
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, lite/main-20230327-071906-014b73d21d, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
medium-missing-time
204
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
319
x-request-received-at
1679913745721

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ae706cd0c6b3614-FRA
content-length
0
content-type
text/plain;charset=UTF-8
date
Mon, 27 Mar 2023 10:42:25 GMT
location
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
worker-missing-cookies
1
x-content-type-options
nosniff
x-envoy-upstream-service-time
15
unbound.css
glyph.medium.com/css/
18 KB
1 KB
Stylesheet
General
Full URL
https://glyph.medium.com/css/unbound.css
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1713
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=7200
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7ae706d1ab2f3614-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Mon, 27 Mar 2023 12:42:26 GMT
manifest.476fcf85.js
cdn-client.medium.com/lite/static/js/
13 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a7798b932189586c10476725680d487c508de89bd1824df1b58d78e84af8430
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
0OrmtMQvKUaqbmWtrWbFxk.t13JGzU4C
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
GK6R4MVGKX8QMZ9M
age
219360
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
xP4qwoN9mHBNGoIxDaUgST+n+leU8fEpq+NUIa9d0IG3NBfSMezi+/h1PWApi+UlkeqgAFepQcc=
last-modified
Fri, 24 Mar 2023 21:17:16 GMT
server
cloudflare
etag
W/"1c6d35d2b000df4685401a90ad245941"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb723614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
105.9e1f764a.js
cdn-client.medium.com/lite/static/js/
762 KB
230 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5672352c6067919339803100571f773db22963c9a71b4a3e075f973655169dac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
1_IvNAK.i8OURs1ZHqipkYZXczu3tXI9
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
PYVVQJHMB3N6F8WM
age
249954
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
s1AgziJRoOBHoUHlqkjFgFht1dcDBmY2aJIrhi7BmqSvDZt0pCUo95gGwPaRNoH29nZLFEaX1fg=
last-modified
Fri, 24 Mar 2023 11:02:27 GMT
server
cloudflare
etag
W/"67aeb98535cc8867073b117116fe3d4e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb753614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
main.5b51cc7a.js
cdn-client.medium.com/lite/static/js/
770 KB
189 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/main.5b51cc7a.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
109305b83312289d5b5026f82598c22c14fc16fa6c973ddbe8e049b59b27ae98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
iUr0ItycaMCfZsL.q78gtGOOE9q07K4b
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
MNK421M673S36VQ3
age
11122
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
txpV2EuY6nB6AXTN26Rm4KSff2trebmdbm/BEfVADzGnBYG5Efi9MHrOQ5lhqOXqqXrhrraj/WA=
last-modified
Mon, 27 Mar 2023 07:28:46 GMT
server
cloudflare
etag
W/"93d02494959f0be02ecc49a0ed769a75"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb733614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
instrumentation.c71f0248.chunk.js
cdn-client.medium.com/lite/static/js/
3 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/instrumentation.c71f0248.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
5yZx.RXNRFD2wk5kW8slm2OPTbsuZqQM
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
835SQSN2WCD6BDVB
age
1054418
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
CIbKMR+t1FwOgWV5FFaSjLXobXH66piRTPGhGH8z/BWltP4A8xUkL0PtGWirKXHw6vOBEepMsnQ=
last-modified
Wed, 07 Sep 2022 22:21:02 GMT
server
cloudflare
etag
W/"1c4019035217766e8fa41b4d396c90c0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1ab4f3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
reporting.bbdcaa9d.chunk.js
cdn-client.medium.com/lite/static/js/
1 KB
917 B
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/reporting.bbdcaa9d.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
hDbV.8OiTMB.Vn8rqDBCJ.dxBb4bMoaR
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
2R4YTKBCDDS6HF3J
age
1054441
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
hpLJFwZLVe3kLMmVyN1xu6SbW8NO3o//weOaZ5BXpjjUY6yHS7cvPj69YBWyN1dhbN/YbQe1UB4=
last-modified
Fri, 01 Jul 2022 00:11:40 GMT
server
cloudflare
etag
W/"72bc359fe3377069bd162b3be6ed3d05"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb7a3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
5642.36172d8f.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5642.36172d8f.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32579933fa7409a851f4fed587cb4a19111bf097eb787ba275666500c1dc1596
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
N5zfrX_fPDUkHADIaE9IDKP_E9o4ZXJV
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
YR1ZGVFT1MNTYCTH
age
318884
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
jMGCKZpGzM44arO02in2I0BYsPyPlVIFsc5ZXNzHfQBw3KY8qagbEVElI6vDQVHafDsuyPG4Eyg=
last-modified
Wed, 08 Mar 2023 20:47:45 GMT
server
cloudflare
etag
W/"96030f693a075a8ed90e715174adf06f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb803614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
799.361fd2fb.chunk.js
cdn-client.medium.com/lite/static/js/
30 KB
13 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/799.361fd2fb.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03339318237f203c39972793a5232b2c94f3ea7a2c814641ae62660d8dd6e02b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
QMhsOw..2z7t_WH9w.ZD6x4nreWG.vQr
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
QG33HRZ7DN7FBY2W
age
576266
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
JKaC1fn4iEDQS+SX7HMP5xGUVhmcDNQ9Cn4YrY0Sl/YORAv8Dp0FrFoMP3GMpoaYgZuLl5TdcGQ=
last-modified
Fri, 03 Mar 2023 20:16:01 GMT
server
cloudflare
etag
W/"3064a40f043f886dcc4f589b5706495b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb7d3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
1860.abea291f.chunk.js
cdn-client.medium.com/lite/static/js/
6 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1860.abea291f.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6173a1b363b6bffdf4ec8d533f260644b17cc6f8a747f2d4f529795a3cdf0c04
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
uS1tfjVEi120fx7YYvwb1tmcC69xBC_N
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
CKH6YE43QJ55AQA6
age
575060
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Q2BPbM1yg27+tTLenM0rnN6OFZaeLeGLVxQ+u+6Q13qKVuysDCpWVYYfoGtG4AKACwHCX1oWUp0=
last-modified
Fri, 06 Jan 2023 21:37:55 GMT
server
cloudflare
etag
W/"85d86a66b898bcf1f697adede4c175db"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb643614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
3838.7ae103cd.chunk.js
cdn-client.medium.com/lite/static/js/
7 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3838.7ae103cd.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0573eb7e1b3f0dbaad578ead6eb03bfbd6280ae5d9a2827ad95b260717410939
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
2W.hiqflZMS1Uu78pZoO3HKgXmMTqecm
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
CKH3FJ3BAV5QG9A3
age
575060
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ZaIhFcLEkMb+8UMOJN8mZZ39MZMo1pkb+NEaDWNgT/xigPBH6WegPId2pY/Uacn7Qn7xh8faisc=
last-modified
Mon, 06 Mar 2023 18:50:07 GMT
server
cloudflare
etag
W/"7be8dacf1eb69da190ae2840037680db"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb613614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
2905.c789e347.chunk.js
cdn-client.medium.com/lite/static/js/
11 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2905.c789e347.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6c7af4cf38f7cf7c3f086b94b3c188b80a3cd014d34b6d090cea7ab1bb83013
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
8tt6f_6G9YsHe4BJj_fx505leBX78r5k
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
VW6RZVTS4NQAZBF8
age
605376
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ooJ+PO9SoQ+VcpRoQbSXhTSPrV8a5lo1UIax/dCDUUEgX2DCjayB1BigKT72Ska8OO/CHDa3hX0=
last-modified
Fri, 17 Mar 2023 18:09:55 GMT
server
cloudflare
etag
W/"9b3e0c0bbf65a58c2460c99fac05466e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb683614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
8007.e7e42be3.chunk.js
cdn-client.medium.com/lite/static/js/
10 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8007.e7e42be3.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae4a152dbc443cb2190ebe669b3604fa97bae75f8012b0364ffb2ff2d4def713
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
GCST7lvuIH0KJ0ZTnx.wLhYNBstOq8pl
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
QG36YP10HMAVEYNT
age
576266
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
tF5q+jafuBhzt+0SKoPKSaq6cCgnwGVA4BcgHoYQA16tBd96pb0AZZKir5g/qPdcj909ZK37kkA=
last-modified
Fri, 03 Mar 2023 20:16:01 GMT
server
cloudflare
etag
W/"70cde53a50943875dc8cdadc6cc02d19"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb663614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
8695.ac0f83b3.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8695.ac0f83b3.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50a979f6e8a062abeacd9791b81cbedbe908659d6bc12d73f1102167bfc41937
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
QHLtf7kDTyQGy0BXV0UCGe3J0J3T3OiS
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
QG31NKHVD77TXP3A
age
576266
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
FqYubMp9+/5UC9f6/cfezA9WW3lwATrYE6pbEFHLrK++2E+q+nJaEbWJTsqOteFXOGM5O35IW2o=
last-modified
Fri, 03 Mar 2023 20:16:02 GMT
server
cloudflare
etag
W/"de93ef1b6b3aae9065a3d952e34db489"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb6c3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
8.5980bcd4.chunk.js
cdn-client.medium.com/lite/static/js/
26 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8.5980bcd4.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17b661a486215879018ecdf2463102d385f2c4fb74558fd15582e9f4844523d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
pJvmeAlpCD1R.goLN3jYFb7dMtAGD1zw
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
CSJ5NY1QV5J2JWQP
age
924198
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
rFAMOZJmj+HO0YhJ4cJXyBRSKJbo7tCfv1y49srFaSbQakg/7BJ77llXjtWzlAVP84vXnp873Yw=
last-modified
Thu, 16 Mar 2023 13:52:09 GMT
server
cloudflare
etag
W/"90db6c8a443715167c389219177065f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb6b3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
9683.eb71cf3a.chunk.js
cdn-client.medium.com/lite/static/js/
38 KB
9 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9683.eb71cf3a.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b32f55e453df9dafb38e1526d6df303dad3082f9c3af5d02e051d43cc3fb88
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
wJPPlW7zXhFKkO.Zm5Mb8nkuPPYKcotk
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
J8HKT1258VNQSAQR
age
405348
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
RmLpAg1fY9GfonyGDZgXgAYm14tbDuv17t4a/X0jmroeuAu8Ydgx3nYhne3K6qIWO87L7vKlIvQ=
last-modified
Mon, 20 Mar 2023 21:31:22 GMT
server
cloudflare
etag
W/"96f15df28268013294d7b40f7eb4d18a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb6e3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
9174.61ecc422.chunk.js
cdn-client.medium.com/lite/static/js/
98 KB
28 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9174.61ecc422.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c4e5c4fd526522c11301d87d90cd21092dbef86faeb8bc73c2b53331cefdf8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
xihLu7.5PboeJBp.CstIOqPBG6JyBE6u
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
YXV1KQ7SYERF4NM5
age
236741
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
HiRqb7NgnOJbDF5EbwnkTc94KjL/97L02zePQTXSYDowNXkHA5Q39pilho9c9CyzFCjnFeSotzE=
last-modified
Fri, 24 Mar 2023 16:47:40 GMT
server
cloudflare
etag
W/"610abbc261c6ea109677d73bcd7b1b39"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb6d3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
6714.db481b20.chunk.js
cdn-client.medium.com/lite/static/js/
13 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/6714.db481b20.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
987b520121ba6601b336c4173fd71afba7c979fec402177956f0b6f251e63a42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
KldbtPfHtgxB1UEFzGJhV1zWUlOu6OjU
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
QG3C8562PMX9BCA9
age
576266
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
7C5CgdcVCYlVG158jTn1odly5FbMzsl6QcYCKTtBYxl2T4p8PQMZRaHynBNkg5yecqkI2FmXDTo=
last-modified
Fri, 03 Mar 2023 20:16:00 GMT
server
cloudflare
etag
W/"fb9c3f0df154ec7314bbcff0cb8c27b1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb823614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
5203.23a22ad8.chunk.js
cdn-client.medium.com/lite/static/js/
15 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5203.23a22ad8.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d19349e1a7fc17631e75d4434c94ded800f5bcb8cf8e019abe59369b9e574e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
uD1TB8JyXvDbJEXNxavvZswpYfa1t9.8
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
GSFGAJCPCBSTEX37
age
594069
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
KSOdEcL9rQFokNvNoFX4ZsWX2macqyPYpdFQa87GxIXH5h+v22v6M4Y/vfhgw8+HVRbRocAun0g=
last-modified
Fri, 17 Mar 2023 21:03:22 GMT
server
cloudflare
etag
W/"9fefde6e96381be6edeb30aa4a60c1b1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb6f3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
5472.a7dd22a2.chunk.js
cdn-client.medium.com/lite/static/js/
10 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5472.a7dd22a2.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e53ebfbcc9c25748543c93340d2eb361c3fae51ae63261e01e54758703593afc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
gSXxPhc0hcRrksmL2PGhPrVOkWw4VC83
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
TYK0PEA01R37Z2AF
age
1054441
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
/HTy1mXHJwPGew/xYMqQ7tFbF5Jg3lNbiP2FCK1QESRXm8fU5OQ78/pj2bTQ3xJ5WF5PwhIz13s=
last-modified
Fri, 21 Oct 2022 21:04:08 GMT
server
cloudflare
etag
W/"bfe1dd364c3e6da6632a1d6c3b6fb9a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb853614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
3283.a6b85089.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3283.a6b85089.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0134174dae124a376b9eda4f9991d1719140f1dd5743f7039ecee84a9a1293d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
I_v.LHtbKYSdtEHYOIUVOQP4oz3f1I9Z
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
CS8SMA8THJMSB0GF
age
1163606
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
UzpV0tLS24dslzmmo7i3j9aeY8bRNATAvYGKK8655fUA/AVGd2OPsDKL3VrWr3yD4zpjQqU/5DU=
last-modified
Thu, 09 Mar 2023 19:34:00 GMT
server
cloudflare
etag
W/"07410328db4630d7647ee936c45e01d0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb833614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
4129.9a8d63eb.chunk.js
cdn-client.medium.com/lite/static/js/
18 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4129.9a8d63eb.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2911927df6c0a93829e78411112c7814bc7b90ecb78c3656c43d501ce89a0a65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
WfRiIovzGKzIBXx4jbOQWkmNpcHVogDv
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
KXWK4781GHTPM2HZ
age
594069
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
RTKe5BLNNRoS16c7G0hzDKiqJ5SbOsF6B/Rt02TBzB0RlDnwMBnbQm4r0DtnARaCP2xF+9mabiY=
last-modified
Fri, 17 Mar 2023 21:03:20 GMT
server
cloudflare
etag
W/"d6fa6c4407818897ed25daf584a5dd7c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb873614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
8580.e792aa8d.chunk.js
cdn-client.medium.com/lite/static/js/
19 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8580.e792aa8d.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0daa86ae7a8d02fd70a8eed0aef1ab1fd2f012a85ec387c0887a7d943ef6f262
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
kH0gCA1zPklX1p7HdhXRjAzllo0ZuTmA
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
97NP9WTTSPYPJT0K
age
297548
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
gkZ32VVOUNsWMdhEZkImOsBMa8B01QnwFur9jTFX+FsFBMH51j8vsjHJC4fO5io1o00/6YDhdqOSuHk5Lsy3PA==
last-modified
Thu, 09 Mar 2023 20:25:10 GMT
server
cloudflare
etag
W/"66328de0066e00e767538efbd2cf0121"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb863614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
1802.1dde9f90.chunk.js
cdn-client.medium.com/lite/static/js/
42 KB
12 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1802.1dde9f90.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457c73fda826dc12d4ee8d563ddfbdb3971411032e4d661bd19a4420e6a8bcfb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
dCPQw651JTmuRipVQXOrDUxmKAMooi7k
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
DT982KTH4KVJTDM9
age
414918
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
jN+RdL7OuGH80be3g+u4Am9ZS1woDWPBTlUO1UxYQWXTLpVQyx8Zf3D7xWMJl2cIQpoYQVkprME=
last-modified
Tue, 07 Mar 2023 19:10:11 GMT
server
cloudflare
etag
W/"bfdb5e419c234024c996b86650621423"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb8c3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
4078.182beff5.chunk.js
cdn-client.medium.com/lite/static/js/
10 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4078.182beff5.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a9538496fc598aef8185ce64a1416f66dbb480363eacd5466477f888985c161
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
xjtc1w3dA5YeyATt8lkc6IY7tO0v2BCH
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
97NSSTE6BHWPZPWE
age
297548
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
TKMzwc4qqgLaceiuzfHxqsIMLxkgGp4pzOero8twZKE2GR4jbg+iTIkXOaqcSUVPogPR7hY8FNtQJr47gyVkZA==
last-modified
Thu, 09 Mar 2023 20:25:05 GMT
server
cloudflare
etag
W/"46c9eaa275cbf3108a4c9c63c30a6a5a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb8a3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
6636.bb9c6757.chunk.js
cdn-client.medium.com/lite/static/js/
8 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/6636.bb9c6757.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e908bc0bd99283dd6f61e60a919c277a92763001d3c2d22f2253e4f902b09688
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
BG922tR8apP5JQ1sE5WJmtc2MWHIRJmH
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
1J40XQAF95XDM4BM
age
245079
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
a6KY4Z/VNR212pPHkNDrp7ZGcqet+WYMRnHonNdr72d40mKrKv4Tzx4b6+OblVDoPmlOC8KOt5c=
last-modified
Tue, 21 Mar 2023 13:42:43 GMT
server
cloudflare
etag
W/"60b89ef9e30867adf267926be2e7dc11"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb903614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
5572.8add0420.chunk.js
cdn-client.medium.com/lite/static/js/
18 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5572.8add0420.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79055c5ced00aaa34cd82639689ff5e0a82479a77deaf5647bd5239839c6d7f4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
AlXOku2avR3l3zJZpqZ.L1SaWJb6wgew
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
1J451Z28FV6T6104
age
245079
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
9vmDELp86Te4oTcoot2qwbzxbMG2DrY+9KMNcqCMGP1HMlzRHyMJGd0BHXi12Avx4nT+GMdt3iA=
last-modified
Tue, 21 Mar 2023 13:42:41 GMT
server
cloudflare
etag
W/"5132974cc54d61854d4c1070bec3912c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb8e3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
1743.42985c62.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1743.42985c62.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7a186a71840944885d3c455f4e3c5b73fcc575b75fcd91f4e111ea512e75b8f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
lln_mSqQczRjOIEMXIxBEgGqsFD3hyhB
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
4MRBKHCZY7DRMFQB
age
603036
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
KqcGk24OpH7ZWFOxUYIgH34J0m9KAUpMr75iwZBkQ+OBkUzh/p+97sMnOtwWasDQIYIQ+BpiYOI=
last-modified
Mon, 20 Mar 2023 10:25:00 GMT
server
cloudflare
etag
W/"3e107f7798febeec4247918bdd418957"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb923614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
2455.10b7a1c8.chunk.js
cdn-client.medium.com/lite/static/js/
45 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2455.10b7a1c8.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de16b6ad8b62c74f785db80c6cda1da7b480899643c69e482b9c9ca62120aeaa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
3cUTJnmlxB.381ZBLxCamPR_vnOXf37a
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
1J408XXDJ7NDHSJE
age
245079
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
uSfmoxAOEq8/r57gSxXvB7Bm32lm+IkI+SxB2y91Oy/fHxn+l+KWTnJlXLvQu8QiH23hNcmB9e0=
last-modified
Tue, 21 Mar 2023 13:42:36 GMT
server
cloudflare
etag
W/"3db71944554b811509d0cb8fcb3c8d24"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb913614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
3115.0915c66c.chunk.js
cdn-client.medium.com/lite/static/js/
29 KB
10 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3115.0915c66c.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e0fd5124a43543afad915b027f29bb84fddb17255673cbaaa1f9da33f049ae8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
w.CfszpRJSjS0Ix1hAt96cjADTSR0jU9
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
1J4DAK20GVYE1YVD
age
244702
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
0qazRS8bXEcdgR7APnw8xfpNmPsD+mzeS2GAqyFtiS9DknkNz43VcDlW0y5vsVla/qbB2N06H38=
last-modified
Fri, 24 Mar 2023 14:06:36 GMT
server
cloudflare
etag
W/"35af4edfa5f1d8defdf955cd0a0ee964"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb973614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
2287.a89f9d21.chunk.js
cdn-client.medium.com/lite/static/js/
15 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2287.a89f9d21.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ec15dd15d0b36925c06e9cd208be62b2bd75010d9681c067867fc429b29d9f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
rqICbRIWEFamsXMFg_kW4QvWWY96KbA7
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
QG33HSDPZ5HZSASJ
age
576266
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
yhtm1SybL3c0lowTHiSFTNcc2ZWjKza/zm/yMdsfCwxjRiGYMBXAiPFXl/vTmzKEKIBMe3KpULo=
last-modified
Fri, 03 Mar 2023 20:15:53 GMT
server
cloudflare
etag
W/"a73a2c40d4fc740817809c493ef138ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb943614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
2920.12aec699.chunk.js
cdn-client.medium.com/lite/static/js/
16 KB
6 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2920.12aec699.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b75797cf449be117986913ab61b0fe44ab2aba98cd6fed86a319fab3fd3cd1e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
DR8gakT9JplT5Vb0YlPa6H3hGjJ2y79M
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
QG3648BYC86V9SVY
age
576266
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
YHyC5ixQXytTnvzUewQz1HUhS4bvk3/Gxlz5XeN4o4PkMSvHXLan2bGRD0Km0TnV37V+7aUlufA=
last-modified
Fri, 03 Mar 2023 20:15:54 GMT
server
cloudflare
etag
W/"ec3127d2065aa849be5c5019c87d822f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb9c3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
2223.8e707c7a.chunk.js
cdn-client.medium.com/lite/static/js/
20 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2223.8e707c7a.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
019b9549d1add8514876e9aaabb20c29e90fcbca7c08eb7962168c4a1ad163c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
5.nIgPWC7IjBL9iWFsyUn3Nw0jWGAq.2
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
QG3E24RYR5ZWM0XH
age
576266
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
OT/MPZ0nn8nMqoI4VFxI93CneHM3Fr3kyLAgUAzpkDicfGigqFkbU9kVfh8n2NFskC8Y5bk72GY=
last-modified
Fri, 03 Mar 2023 20:15:53 GMT
server
cloudflare
etag
W/"ec0d159a986229a6c6b9282fe8bcb8c4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb993614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
319.a1f55686.chunk.js
cdn-client.medium.com/lite/static/js/
25 KB
9 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/319.a1f55686.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c452648a5259b5db228427477a67b2605e4dea75b45024436e7899c9097f1fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
T0Gog.yQricZ5V89ps21G7uure.cZdh.
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
S41M6R94C8AH46T5
age
231580
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
1JjeLiXDs9oAPJ8J8xpY6o2hqCDmbSgJq7F79ZaWJXq6GazzuF3otbxONRzrO3O/93xcRzWJr2Y=
last-modified
Thu, 23 Mar 2023 20:42:30 GMT
server
cloudflare
etag
W/"0ad58c26e41784f95621fee0748d66b0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bba13614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
1911.071e9f80.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1911.071e9f80.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7922cea637f271d76bc107e7955bbf5b89a4e757e19459c6575a4f11dc06e643
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
44OFoAuroKS2eF.mqAvp_r6HxtXCleNU
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
S41T8F37JH5VKXBV
age
231580
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
VZPGN8mjsPhjSODktzSYbhsUQUwYJEGE4ZwEkEfpoe+ayawgrz1YvkdGQQHQEFfFtMcR0w54YPs=
last-modified
Thu, 23 Mar 2023 20:42:28 GMT
server
cloudflare
etag
W/"c015f7c82cb6a9d953126c2dc34d59c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb9f3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
8051.1e236389.chunk.js
cdn-client.medium.com/lite/static/js/
60 KB
14 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8051.1e236389.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1925453f0c7fcc73914d9ff411bbdc787a17639020213ab8e726c0238d6a0ec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
d4nqnmLPFXcZLNScSaAzpg8rAxHhDrd4
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
S41VHBWXSPAEX8QD
age
231579
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
EFk8XYScZbFpRQCYnYaTbOBzmrUJcNHjd8idLTg1OfHB0Ql2ytuwSfa71DNsUWmjoyN6BoNRKhw=
last-modified
Thu, 23 Mar 2023 20:42:36 GMT
server
cloudflare
etag
W/"f4cec147bed5e89f7ca05101e4c76fef"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1ab323614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
1069.ec72bd6d.chunk.js
cdn-client.medium.com/lite/static/js/
24 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1069.ec72bd6d.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3931bd7f23bc38d81098698e191881070610cf3fdd333eab9d4a12afa969a31a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
DE4l6f4vRwaqfYGITGMVxBBtgHrJV8Nf
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
1J49N18SR0RT1M1S
age
244702
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
YjONI46BsANo1PIWMrKHOIv0oZRMHZo5/pA7Dex2e2tv0cNChJ7casiD0KYYCM+Q7+phKBTJlFI=
last-modified
Tue, 21 Mar 2023 13:42:34 GMT
server
cloudflare
etag
W/"6f2c3fb4c687e2005b2f9eec541fb29e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bba33614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
3720.a32d41c5.chunk.js
cdn-client.medium.com/lite/static/js/
23 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3720.a32d41c5.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d90d9b25e381a5dc97ed9e96eddb5928686281984682f25e32d6d4934890b15c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
PmhnnOZcb1lTj5y2F4my9bxQ8M1F_8_i
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
S41H8B4DYKG1B9KF
age
231579
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Dm+gXpq6+vcJub/mzjwvbpQ9Xu3rb2XBul/MyH7sfB7QJrZQx1iUwqY5G0Vn+KCg6O6a7k55u9w=
last-modified
Thu, 23 Mar 2023 20:42:31 GMT
server
cloudflare
etag
W/"3bfe61db156d3e880ec5117fea66a955"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1ab393614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
6255.1018cd9a.chunk.js
cdn-client.medium.com/lite/static/js/
25 KB
9 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/6255.1018cd9a.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15cc2881089acdd5534ce3ce3c3524b1c8fb0f51238e79a7d7c09ed2e300423f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
plkLsBAET9pmqjhRAShz7AIhsxndB82k
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
S41S4GNQVJQXNGG4
age
231579
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
BbCk7zGGzXAASpyGM3ImkxpD2QBCCt9qSL8L1pzKGhaVSYSFcmaN7NJV9eLVHU648/IM3HdzkFE=
last-modified
Fri, 24 Mar 2023 16:43:16 GMT
server
cloudflare
etag
W/"13adea5d8a308bbf31274106ac805231"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1ab353614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
3657.c62673a4.chunk.js
cdn-client.medium.com/lite/static/js/
22 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/3657.c62673a4.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c90145729c8ac298928c43206ddc0cbf770a05280b94e58b9fe033132927c81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
cX9LI8GtvAj0yPF1fvhj_BTlub6qw2qo
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
S41P32BRVJ2R4BCM
age
231579
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
kXF2/SE2JU8utGne8yjccg/Q5WIkiJJQOfs8sR/6qZQ1BIS0NgqyzpSfBNblVDoDk+iLUFKq3kQ=
last-modified
Fri, 24 Mar 2023 16:43:12 GMT
server
cloudflare
etag
W/"6acb5d7ac0ec41dae70e94776c9f4315"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1ab403614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
6974.b94d2340.chunk.js
cdn-client.medium.com/lite/static/js/
26 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/6974.b94d2340.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
575be440fd61e4d3666cd1d027a88bca046ce1b2a4be3c49a4c192c6ebb02774
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
eYutijHrL8LVAjkCWfUVcJhzYxgRQ9uS
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
7337X6HRHZSFAGTH
age
832890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
cEN6Pwm//H+ZpZGXUFF0cyV8ENDO32heNPr80CpTI4rHZNLpBRJ6Z3QdEuQB8A6qzQnlR8oytlU=
last-modified
Wed, 15 Feb 2023 17:31:49 GMT
server
cloudflare
etag
W/"d39e78b5af1cb87cfd5dc2e50150e460"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1ab3e3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
925.2f232a58.chunk.js
cdn-client.medium.com/lite/static/js/
109 KB
28 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/925.2f232a58.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aabd7237fd06f6a0911f5161f31467fbdff9bdc6270c8400fb02b0e589926290
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
lL8ZZliNBwd.iRyWAZsXOxzYS4lUMBMZ
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
S41KV83V1G66CN5V
age
231579
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
cePZvaXZJzKbLK6OIUFgZVCwULHb66vMRp4iDGxFaPxCAgPCPYvEeWDWgeQdjPJ+GTzDZvuvHmM=
last-modified
Fri, 24 Mar 2023 16:43:19 GMT
server
cloudflare
etag
W/"d49be2387cc04b5241ea6202fef1e358"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1ab473614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
PostPage.MainContent.78621cce.chunk.js
cdn-client.medium.com/lite/static/js/
26 KB
9 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.78621cce.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
262e375e9795bcba1e73546c02ce7ef5eb30067bce5a8a7c70e0a9e5ce5d6883
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
_wAMR4OnKxpJZ_QSFcyZqNhIiCWfLL6h
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
9FZ6A7A8X5NHBXH6
age
310694
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
zvAgnajNfUZq/KBK18/gvYGd5/t7wEn/il1yBvOL1soYUXO2em7u99oDDpIANrFaEDRWxkg2FVVQ9y7ERdRWKQ==
last-modified
Thu, 09 Mar 2023 20:00:25 GMT
server
cloudflare
etag
W/"3de5a7ee009c58638fb1dc566052e5f3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1ab433614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
2629.e288575a.chunk.js
cdn-client.medium.com/lite/static/js/
8 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2629.e288575a.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec60da686bdb6ecb9649da974c150a9ac39b834b4340f02a25e5ea787ebdeff3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
iHslecwMYIqBF1RLUZxzvDE.u3uJbg9M
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
N3X7JRN88MQ3FGTG
age
336565
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
tUR50VqK+TlFsqjx+0CvFtDouEjw9uHav+XSBZadf/qV2WeYfvCTrpGZdH+lX+IHvA8F/Gt1Byc=
last-modified
Fri, 03 Mar 2023 20:15:54 GMT
server
cloudflare
etag
W/"ab0967f7dcf89ce4b65bf91c607ac765"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb7e3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
5627.182c65f9.chunk.js
cdn-client.medium.com/lite/static/js/
16 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5627.182c65f9.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb77d553412e3911b30897a9a25388cc091cfa9fd87930852bc47dc5cd82757d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
nWZ.CdKsXxRA11Fe4lCb0PMRU_onr92w
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
N3XAA2SK967QFT63
age
336564
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
KCjdZjtW6u4nNskXiSDAmv/N9b99UnCViri/qX8wNn7zhU5A3+gy2r/W/93DKS+10yctE7Ucsmc=
last-modified
Wed, 22 Mar 2023 20:51:45 GMT
server
cloudflare
etag
W/"3a5f2095cbb8d506fd1bd2ffecc2fe94"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb7b3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
8880.2f261ff4.chunk.js
cdn-client.medium.com/lite/static/js/
24 KB
7 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/8880.2f261ff4.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb05d842097704d80ae4cbabc01da78700a238784dced37722a07c30236840a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
arGb0sZdVytpnkE_giDg9XkXSEtUXy88
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
Q13BCBXG0KJG41WD
age
326463
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
n/0rs3ohBpnBxSd+BmMtYBbYNixWyqKX0BNozEXNzlUEEOLzaQ9svKsdkmjCe39R92eRa8DKNpQ=
last-modified
Thu, 23 Mar 2023 15:47:00 GMT
server
cloudflare
etag
W/"5eb9d54977ad919fb0f4c1fb0e7c23ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1ab4a3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
PostPage.RightColumnContent.17084ba2.chunk.js
cdn-client.medium.com/lite/static/js/
21 KB
5 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.17084ba2.chunk.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f65625d4e5e602275192a263aa5829346dda4c0e91e269ba2804d9b78e9a961
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
x-amz-version-id
yIU9RIpoflgdUd.Tag4TTvAK3NFF750z
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
1J491XV6V2NTES6Y
age
244702
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
67HNdumiHBhXSTBDRv/UOiWa8P7IEmIs0pnQTyqQVwhVv7ko/1Sm093RRGO2UhVJYGj15940VxI=
last-modified
Tue, 21 Mar 2023 13:43:07 GMT
server
cloudflare
etag
W/"565baf357b51c3cd36949b09713d9e1d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d1bb783614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
vb26e4fa9e5134444860be286fd8771851679335129114
static.cloudflareinsights.com/beacon.min.js/
16 KB
6 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542

Request headers

Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Origin
https://labs.guard.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 17:58:49 GMT
server
cloudflare
etag
W/2023.3.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7ae706d258119211-FRA
sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://labs.guard.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
4683246
x-envoy-upstream-service-time
39
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7ae706d248a93685-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 26 Mar 2024 10:42:26 GMT
sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
19 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://labs.guard.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
4683246
x-envoy-upstream-service-time
51
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7ae706d248af3685-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 26 Mar 2024 10:42:26 GMT
source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
12 KB
12 KB
Font
General
Full URL
https://glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://labs.guard.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
4683246
x-envoy-upstream-service-time
30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7ae706d248b33685-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 26 Mar 2024 10:42:26 GMT
source-serif-pro-700-normal.woff
glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
12 KB
13 KB
Font
General
Full URL
https://glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://labs.guard.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
4683243
x-envoy-upstream-service-time
34
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7ae706d248b73685-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 26 Mar 2024 10:42:26 GMT
source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
12 KB
13 KB
Font
General
Full URL
https://glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-italic.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://labs.guard.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
4683246
x-envoy-upstream-service-time
32
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7ae706d248b83685-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 26 Mar 2024 10:42:26 GMT
source-code-pro-400-normal.woff
glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
7 KB
7 KB
Font
General
Full URL
https://glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-code-pro-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://labs.guard.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
4683243
x-envoy-upstream-service-time
583
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7ae706d248b93685-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 26 Mar 2024 10:42:26 GMT
sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/
18 KB
19 KB
Font
General
Full URL
https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://labs.guard.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
4683246
x-envoy-upstream-service-time
48
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7ae706d248ba3685-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 26 Mar 2024 10:42:26 GMT
1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:64:64/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:64:64/1*dmbNkD5D-u45r44go_cf0g.png
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
245120
x-envoy-upstream-service-time
43
content-disposition
inline; filename="1*dmbNkD5D-u45r44go_cf0g.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1310
x-request-id
b019cc1c-dc12-4f57-a350-e915bc339ed4
sepia-upstream
medium
server
cloudflare
etag
"qUlGJkYhB4LINmyi_TVOvM25Dy409gGbmK5EqrHhPd0/RImNiNjU3ZGRlN2RhNjI0NjU3YTVmNmQ0ZDdhNzEyMDM3Ig"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7ae706d31d7a3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
1*s7SJaF9dODo7rWqa2rFQ6Q.png
miro.medium.com/v2/resize:fill:96:96/
5 KB
5 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:96:96/1*s7SJaF9dODo7rWqa2rFQ6Q.png
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4915cb0960fda9afe3b4d35b4e569e4944be7be81c2f7f30d16f88f4cbbf5eb6
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
222363
x-envoy-upstream-service-time
122
content-disposition
inline; filename="1*s7SJaF9dODo7rWqa2rFQ6Q.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5020
x-request-id
f960d3b7-7919-4012-b00b-cd837c5ee2b4
sepia-upstream
medium
server
cloudflare
etag
"2ClxYkeZkhLd4kUTfpOdRzBNwICgGzimHBVrQIKoB9U/RImIzYjQ4OTY4NWY1ZDM4M2EzYmFkNmE5YWRhYjE1MGU5Ig"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230320-172405-c0b98726a8
accept-ranges
bytes
cf-ray
7ae706d31d7b3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
1*dk6Oz-DYOQPUhODIZTIVAA.png
miro.medium.com/v2/resize:fit:720/format:webp/
26 KB
26 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fit:720/format:webp/1*dk6Oz-DYOQPUhODIZTIVAA.png
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160057a9ff13f4259bd4df4bb3dd3e2bc435e49b93f8a451ec818bc7e3c5c87b
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time
779
content-disposition
inline; filename="1*dk6Oz-DYOQPUhODIZTIVAA.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26134
x-request-id
74028ce4-1c62-452e-a188-0b5ed4080040
sepia-upstream
medium
server
cloudflare
etag
"YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjc2NGU4ZWNmZTBkODM5MDNkNDg0ZTBjODY1MzIxNTAwIg"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230324-113241-2364650ba0
accept-ranges
bytes
cf-ray
7ae706d32d7e3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
1*N_117h-kpxFLRgfzxPP6MA.png
miro.medium.com/v2/resize:fit:720/format:webp/
42 KB
43 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fit:720/format:webp/1*N_117h-kpxFLRgfzxPP6MA.png
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da15a28f3982706969212484d7424b3323813a5b44176f7da9d3bdc1a542fea4
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time
560
content-disposition
inline; filename="1*N_117h-kpxFLRgfzxPP6MA.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43260
x-request-id
58b03758-daaf-4cea-a5f5-78971b090039
sepia-upstream
medium
server
cloudflare
etag
"YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjM3ZmQ3NWVlMWZhNGE3MTE0YjQ2MDdmM2M0ZjNmYTMwIg"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230320-172405-c0b98726a8
accept-ranges
bytes
cf-ray
7ae706d31d7c3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
1*DnAEr4bTx8Ywi5jnPO9RIw.png
miro.medium.com/v2/resize:fit:720/format:webp/
43 KB
44 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fit:720/format:webp/1*DnAEr4bTx8Ywi5jnPO9RIw.png
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ed67da0bdabd16ddaca960a2ea253496cf4dd3526d30867a189704b11c6a467
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-envoy-upstream-service-time
677
content-disposition
inline; filename="1*DnAEr4bTx8Ywi5jnPO9RIw.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44400
x-request-id
7dae0db6-7b32-4f8d-bc81-ba5806841a8b
sepia-upstream
medium
server
cloudflare
etag
"YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjBlNzAwNGFmODZkM2M3YzYzMDhiOThlNzNjZWY1MTIzIg"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230320-172405-c0b98726a8
accept-ranges
bytes
cf-ray
7ae706d32d813614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
1*s7SJaF9dODo7rWqa2rFQ6Q.png
miro.medium.com/v2/resize:fill:176:176/
13 KB
14 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:176:176/1*s7SJaF9dODo7rWqa2rFQ6Q.png
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80a252cee9dbd81949fcda2a31ee089bba091c13482d2a2044670c42920b619
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:26 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
90803
x-envoy-upstream-service-time
145
content-disposition
inline; filename="1*s7SJaF9dODo7rWqa2rFQ6Q.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13744
x-request-id
a36e3ca9-fae9-4869-866d-834ec4f0a3a3
sepia-upstream
medium
server
cloudflare
etag
"cYOHBppU5_IQqNc_J_FqxtylWztmHm-fdmnA7PgkwUg/RImIzYjQ4OTY4NWY1ZDM4M2EzYmFkNmE5YWRhYjE1MGU5Ig"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230323-095621-5e670b79f5
accept-ranges
bytes
cf-ray
7ae706d32d7f3614-FRA
expires
Tue, 26 Mar 2024 10:42:26 GMT
pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/
0
0
Preflight
General
Full URL
https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:4924:1683:6b84:60b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://labs.guard.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
access-control-allow-headers
x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
0
content-length
0
date
Mon, 27 Mar 2023 10:42:27 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
2230.571ed6c4.chunk.js
cdn-client.medium.com/lite/static/js/
20 KB
8 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/2230.571ed6c4.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293cb36ca1c002f569bcbce51360a20745ce87b2e515be849d83d5269d7d2174
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
x-amz-version-id
jyYM.ZgM9PE2gJOEnsek2uD4i4PcWdTK
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
5B1CYTHMK2616DY7
age
1054442
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Otu4Bzadtbnet2y7EcEb8o/GGiEGQboxNDtYyXCV5GM+59Q94+pwvBgKKEOrg9xRHn4Y4uwRjlE=
last-modified
Mon, 24 Oct 2022 03:04:44 GMT
server
cloudflare
etag
W/"80138a2fe8e56b8f784a37863eea34c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d8bdc03614-FRA
expires
Tue, 26 Mar 2024 10:42:27 GMT
pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/
2 B
229 B
Fetch
General
Full URL
https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5b51cc7a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:4924:1683:6b84:60b3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
PostGiveTipOnExternalPlatform.9d2f1bb0.chunk.js
cdn-client.medium.com/lite/static/js/
9 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostGiveTipOnExternalPlatform.9d2f1bb0.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a0cb6328126994438b5a127dc9d3bb890323c339df243cc9f19bc3bde40bfa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
x-amz-version-id
gfVC0i9ar1hRC7yHzx0kIpM2hym2t6ri
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
2A6P84E28JSP8YA7
age
606803
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
vA9lirNj43z6QkmTpGbyFmB32LEvivucepjrDE0ZWsI6trIBiNDiFEsb6NNY/jhQK3K7powF82o=
last-modified
Fri, 03 Mar 2023 20:16:19 GMT
server
cloudflare
etag
W/"0c24ccc2ef91aca3121eafe35386f13a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706d98c8a03a0-FRA
expires
Tue, 26 Mar 2024 10:42:27 GMT
graphql
labs.guard.io/_/
143 B
566 B
Fetch
General
Full URL
https://labs.guard.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ed14158453c2969240624e26500bf14c33f6f97e6cd4470f311382000a0e15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5f811603da736617
medium-frontend-path
/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation
VisitorQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app
lite/main-20230327-071906-014b73d21d
apollographql-client-version
main-20230327-071906-014b73d21d
ot-tracer-spanid
0a7d583a7020cb5b

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
22
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"8f-4KVi8W84Z2laItUJ6EoJPNdOwsU"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d
cf-ray
7ae706dafbe0046a-FRA
x-request-received-at
1679913747762
graphql
labs.guard.io/_/
974 B
836 B
Fetch
General
Full URL
https://labs.guard.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7101db1dbc4ff14b45fb47e8dec43ef8b71aa1606c4be04aa83e787f3e9e8e21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5f811603da736617
medium-frontend-path
/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation
ClapCountQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app
lite/main-20230327-071906-014b73d21d
apollographql-client-version
main-20230327-071906-014b73d21d
ot-tracer-spanid
0a7d583a7020cb5b

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
62
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"3ce-DD1vfsWXoXYdanTx3himQ9Phv38"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
cf-ray
7ae706dafbe4046a-FRA
x-request-received-at
1679913747764
graphql
labs.guard.io/_/
478 B
749 B
Fetch
General
Full URL
https://labs.guard.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
798ac101e9328c4c2c94e3901198733670dfa1a1d09440e94e74b85fb3fb94c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5f811603da736617
medium-frontend-path
/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation
FloatingPostActionsQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app
lite/main-20230327-071906-014b73d21d
apollographql-client-version
main-20230327-071906-014b73d21d
ot-tracer-spanid
0a7d583a7020cb5b

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
53
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"1de-pMeTeXRD1UJxKYXiJxqoxUtcIH8"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
cf-ray
7ae706dafbe5046a-FRA
x-request-received-at
1679913747767
graphql
labs.guard.io/_/
210 B
580 B
Fetch
General
Full URL
https://labs.guard.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea070061aafd1001bdaaf68f7a8a012c3a5d1e5982c971da14f65943c1d68537
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5f811603da736617
medium-frontend-path
/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation
NewsletterV3ViewerEdge
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app
lite/main-20230327-071906-014b73d21d
apollographql-client-version
main-20230327-071906-014b73d21d
ot-tracer-spanid
0a7d583a7020cb5b

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"d2-PyLHdAEKOMRf8/Sna+J/Kja6o/k"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
cf-ray
7ae706dafbe7046a-FRA
x-request-received-at
1679913747767
graphql
labs.guard.io/_/
108 B
544 B
Fetch
General
Full URL
https://labs.guard.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5f811603da736617
medium-frontend-path
/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation
usePostPageMeterQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app
lite/main-20230327-071906-014b73d21d
apollographql-client-version
main-20230327-071906-014b73d21d
ot-tracer-spanid
0a7d583a7020cb5b

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
64
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"6c-I3CG28DxUiEEF9QH3iLEotaTHR8"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
cf-ray
7ae706dafbeb046a-FRA
x-request-received-at
1679913747762
graphql
labs.guard.io/_/
6 KB
3 KB
Fetch
General
Full URL
https://labs.guard.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6218d5fa65862fd0e406e131b1460546b2e0cb7fcd8b979095743290f25cf28f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5f811603da736617
medium-frontend-path
/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation
RecircSidebarQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app
lite/main-20230327-071906-014b73d21d
apollographql-client-version
main-20230327-071906-014b73d21d
ot-tracer-spanid
0a7d583a7020cb5b

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
167
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"1845-jtIL8ziqr91/kFVSRW3fd5/hoxo"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
cf-ray
7ae706db1c0b046a-FRA
x-request-received-at
1679913747782
graphql
labs.guard.io/_/
27 B
419 B
Fetch
General
Full URL
https://labs.guard.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5f811603da736617
medium-frontend-path
/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation
ViewerQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app
lite/main-20230327-071906-014b73d21d
apollographql-client-version
main-20230327-071906-014b73d21d
ot-tracer-spanid
0a7d583a7020cb5b

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27
x-xss-protection
0
server
cloudflare
etag
W/"1b-zcE2qsOE110W+7rHoTa9C+cwT68"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d
cf-ray
7ae706db1c1f046a-FRA
x-request-received-at
1679913747791
graphql
labs.guard.io/_/
96 B
533 B
Fetch
General
Full URL
https://labs.guard.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e543b82c6cc0cfab55e6bb56334d01ec7b92f0013095c489408297e6d72c515
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5f811603da736617
medium-frontend-path
/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation
InteractivePostBodyQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app
lite/main-20230327-071906-014b73d21d
apollographql-client-version
main-20230327-071906-014b73d21d
ot-tracer-spanid
0a7d583a7020cb5b

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
60
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"60-2wSuHVA8T5+3pVs7EdFV8t0CkCk"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
cf-ray
7ae706db1c23046a-FRA
x-request-received-at
1679913747795
graphql
labs.guard.io/_/
103 B
511 B
Fetch
General
Full URL
https://labs.guard.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe013aaffd40c811e5c329e429d314d95f9a2b4a40efd75e3c2ca8b27448f86d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5f811603da736617
medium-frontend-path
/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation
MaybeTextToSpeechQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app
lite/main-20230327-071906-014b73d21d
apollographql-client-version
main-20230327-071906-014b73d21d
ot-tracer-spanid
0a7d583a7020cb5b

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
28
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"67-jvhr4o5elefz0k1Jr7eD1bAd9sM"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d
cf-ray
7ae706db1c24046a-FRA
x-request-received-at
1679913747785
9410.207f1d22.chunk.js
cdn-client.medium.com/lite/static/js/
6 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/9410.207f1d22.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb1ed19249c07f3ad9aa269ca1a0a5a41096960f35bddb839fbdad08767e3017
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
x-amz-version-id
b8aj3gwm6vL2ggzrCpcbINd9fTj43ZJu
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
GY2FGSRF1VA9017M
age
884766
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
xr1KXaeT3EFtZxqnwafTL5aRp0ioTXXF99Bry62UPS3Sr6GDikSBYs6K6HmagKspVdmSeQEV+8o=
last-modified
Fri, 14 Oct 2022 16:15:50 GMT
server
cloudflare
etag
W/"3597e61f2093f3a02a7f54ef5ab8a2fb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706db8f9b03a0-FRA
expires
Tue, 26 Mar 2024 10:42:27 GMT
7749.84f2f188.chunk.js
cdn-client.medium.com/lite/static/js/
7 KB
3 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/7749.84f2f188.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d5c1203e3eb0b39d54d649e3cb5a765a5d7f583f51d913a0e0f7aaa6cf2bc58
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
x-amz-version-id
QEFZaWV4sZ7n4PeoZ91lI0iaXoadAvX.
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
XQZWARR1Z5NW300Y
age
884251
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
7YleklXL1PgKhzO7GQYqzTD/iCp6MCwmi9uStF1IKWb2G9wpFCMqoppACVj2RweoAfg09hsXMps=
last-modified
Fri, 14 Oct 2022 16:15:47 GMT
server
cloudflare
etag
W/"6f6eb7ed01fd5a45ed59b9c9cf9c5967"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706db8fa003a0-FRA
expires
Tue, 26 Mar 2024 10:42:27 GMT
5631.3ff4ebf1.chunk.js
cdn-client.medium.com/lite/static/js/
10 KB
4 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/5631.3ff4ebf1.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3509c454b102f44e784622f3c20676a48a66b42cd9c674c59bf9f1c8a735f9a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
x-amz-version-id
E0fdYBRUgj.w7TCBlHFbZcTkAAcRpROj
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
2HVH4A7FQ32XF19R
age
275523
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
hLVU1aLjMwICT9ym6hW5Eg0k48RbikpIKFJeF0cP5aftajmU9HVMgW4okEeRkuX40LSvI2nKNew=
last-modified
Fri, 14 Oct 2022 16:15:43 GMT
server
cloudflare
etag
W/"29dc281a8e3a362396ae180b39093fe4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706db8fa303a0-FRA
expires
Tue, 26 Mar 2024 10:42:27 GMT
1878.73a360f3.chunk.js
cdn-client.medium.com/lite/static/js/
3 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/1878.73a360f3.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
265526ce77f97d404aa19bc51556dceafed4c642c3eac315a0633db316b07257
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
x-amz-version-id
SMExzDti7TSp_JFGZ8IKCQ32MHq2SPGi
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
GY2APQ0XWPXXTDN4
age
910879
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
I423zOUVPNsB5P59pZP4sgLuUxfwTE2BqFbb2QOihFvWX4Giwx2pqluRo25qDrC13OvaSp100Uc=
last-modified
Fri, 14 Oct 2022 16:15:35 GMT
server
cloudflare
etag
W/"4d19a85e9f379efaa0cc693a608cf96a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706db8fa603a0-FRA
expires
Tue, 26 Mar 2024 10:42:27 GMT
graphql
labs.guard.io/_/
81 B
496 B
Fetch
General
Full URL
https://labs.guard.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14630d61ff002f2fc564d00a080ba2cef7e0811be983a192549c43335b1d706e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5f811603da736617
medium-frontend-path
/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation
PostGiveTipOnExternalPlatformQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app
lite/main-20230327-071906-014b73d21d
apollographql-client-version
main-20230327-071906-014b73d21d
ot-tracer-spanid
0a7d583a7020cb5b

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
26
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"51-hbfNDSGVO0/XLJV9LgsKsOBLP4E"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d
cf-ray
7ae706db9cbe046a-FRA
x-request-received-at
1679913747857
rum
labs.guard.io/cdn-cgi/
0
139 B
XHR
General
Full URL
https://labs.guard.io/cdn-cgi/rum?
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/json

Response headers

date
Mon, 27 Mar 2023 10:42:27 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://labs.guard.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7ae706dc3db9046a-FRA
/
labs.guard.io/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://labs.guard.io/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5b51cc7a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
Medium-Clientele-Client
lite
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
worker-missing-cookies
0
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, clientele/main-20230323-095621-5e670b79f5
x-envoy-upstream-service-time
14
cf-ray
7ae706dd7f81046a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
labs.guard.io/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://labs.guard.io/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5b51cc7a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
Medium-Clientele-Client
lite
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
worker-missing-cookies
0
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, clientele/main-20230323-095621-5e670b79f5
x-envoy-upstream-service-time
16
cf-ray
7ae706dd7f84046a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
labs.guard.io/_/clientele/reports/performance/
0
0
Fetch
General
Full URL
https://labs.guard.io/_/clientele/reports/performance/
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5b51cc7a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
Medium-Clientele-Client
lite
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
worker-missing-cookies
0
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, clientele/main-20230323-095621-5e670b79f5
x-envoy-upstream-service-time
12
cf-ray
7ae706dd7f85046a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Mar 2023 10:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2237
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 27 Mar 2023 12:05:11 GMT
branch-latest.min.js
cdn.branch.io/
72 KB
22 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=b4ed44b054cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-56.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b435ccf90393f5a5829b1a4baa617535ddd7a79ce6afc18bec910a9850a465e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
BOMt_IsAkSHOHMzi5YYRwnohx2f0fLrn
content-encoding
gzip
via
1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
date
Mon, 27 Mar 2023 10:40:32 GMT
last-modified
Fri, 17 Mar 2023 19:04:29 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
116
etag
"f2903cb492844599e93b4db0a3f540c1"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
content-length
22224
x-amz-cf-id
C8MOsMpnXz2QbIWTLUsiyV6BihrCk6z34qDgPKuZYctpUXFY8CZmgA==
sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/
28 KB
28 KB
Font
General
Full URL
https://glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff
Requested by
Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glyph.medium.com/css/unbound.css
Origin
https://labs.guard.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
4683246
x-envoy-upstream-service-time
47
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7ae706dfcc9a3685-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Tue, 26 Mar 2024 10:42:28 GMT
1*XL5QclUh4RwVmsq8szytzg.png
miro.medium.com/v2/resize:fill:20:20/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:20:20/1*XL5QclUh4RwVmsq8szytzg.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8724e03987435c26bcb349f0dae558b524c11210bc93fc6504723524f14d582
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
242263
x-envoy-upstream-service-time
65
content-disposition
inline; filename="1*XL5QclUh4RwVmsq8szytzg.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1442
x-request-id
ed961be6-bfda-4291-99dc-218f15e35436
sepia-upstream
medium
server
cloudflare
etag
"otqmLAd0vwSg8JnocfiFOlzcufMbpEtiQZGBgUclANM/RIjVjYmU1MDcyNTUyMWUxMWMxNTlhY2FiY2IzM2NhZGNlIg"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230303-101917-2bba7b0c9d
accept-ranges
bytes
cf-ray
7ae706dfcdf803a0-FRA
expires
Tue, 26 Mar 2024 10:42:28 GMT
1*IPZF1hcDWwpPqOz2vL7NxQ.png
miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/
8 KB
8 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/1*IPZF1hcDWwpPqOz2vL7NxQ.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae9114902b2ab33b092fbb3f9082924a72fe93924969932340e9fd54d16089b
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
242263
x-envoy-upstream-service-time
147
content-disposition
inline; filename="1*IPZF1hcDWwpPqOz2vL7NxQ.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7942
x-request-id
428d4645-9689-44a3-af57-265cbc024176
sepia-upstream
medium
server
cloudflare
etag
"CEJCrFHfG4y6nbf_epJhcTgOn_SkbQA5Li5dB0M7VUE/RIjIwZjY0NWQ2MTcwMzViMGE0ZmE4ZWNmNmJjYmVjZGM1Ig"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230303-101917-2bba7b0c9d
accept-ranges
bytes
cf-ray
7ae706dfcdfa03a0-FRA
expires
Tue, 26 Mar 2024 10:42:28 GMT
1*7Gx_ANpQwUSZ2UfjVyH_lA.png
miro.medium.com/v2/resize:fill:20:20/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:20:20/1*7Gx_ANpQwUSZ2UfjVyH_lA.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2410eea0a29d1bdf77ec70bf2f53b0b77adfac2de33ca829943f758b12fdfb99
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
239289
x-envoy-upstream-service-time
134
content-disposition
inline; filename="1*7Gx_ANpQwUSZ2UfjVyH_lA.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1314
x-request-id
c5c6ad86-72fd-4767-94cc-19781164cd75
sepia-upstream
medium
server
cloudflare
etag
"otqmLAd0vwSg8JnocfiFOlzcufMbpEtiQZGBgUclANM/RImVjNmM3ZjAwZGE1MGMxNDQ5OWQ5NDdlMzU3MjFmZjk0Ig"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7ae706dfcdfc03a0-FRA
expires
Tue, 26 Mar 2024 10:42:28 GMT
0*Cu5IUVl2_TptGg46
miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/0*Cu5IUVl2_TptGg46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e8addc36fcc7ebabf0199ec910423b7044b25895211d993fb550956c76e9cc
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
26929
x-envoy-upstream-service-time
284
content-disposition
inline; filename="0*Cu5IUVl2_TptGg46.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1854
x-request-id
1dab6c49-dd2b-4fca-b32f-f8d2fc0dab7c
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"CEJCrFHfG4y6nbf_epJhcTgOn_SkbQA5Li5dB0M7VUE/RIjAwNmJkNzM2NjE5NzFiYTllMDljZDZkMTlhMmFlOTg1LTMi"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230308-234401-14525b721d
accept-ranges
bytes
cf-ray
7ae706dfcdfd03a0-FRA
expires
Tue, 26 Mar 2024 10:42:28 GMT
1*Wox5_BLPmTjbUu6ezWCkeQ.jpeg
miro.medium.com/v2/resize:fill:20:20/
631 B
1 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:20:20/1*Wox5_BLPmTjbUu6ezWCkeQ.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81f57e6fb25434f5eda588bdddaae55d343b285a28e4df5fdc5eed5646cdc5aa
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
228821
x-envoy-upstream-service-time
140
content-disposition
inline; filename="1*Wox5_BLPmTjbUu6ezWCkeQ.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
631
x-request-id
638527fa-136b-4450-b83f-57e995e5e0a6
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"otqmLAd0vwSg8JnocfiFOlzcufMbpEtiQZGBgUclANM/RIjVhOGM3OWZjMTJjZjk5MzhkYjUyZWU5ZWNkNjBhNDc5Ig"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230303-101917-2bba7b0c9d
accept-ranges
bytes
cf-ray
7ae706dfcdfe03a0-FRA
expires
Tue, 26 Mar 2024 10:42:28 GMT
1*JS87GNJBlEXFq0ouMKzcIg.png
miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/
2 KB
3 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/1*JS87GNJBlEXFq0ouMKzcIg.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f6863941a69dacb051d913b6a6483a06d5fde434a689d9a0402d7d2abecc65
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
1507
x-envoy-upstream-service-time
56
content-disposition
inline; filename="1*JS87GNJBlEXFq0ouMKzcIg.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2129
x-request-id
924871fe-4f1f-4933-92c4-404575db5955
sepia-upstream
medium
server
cloudflare
etag
"CEJCrFHfG4y6nbf_epJhcTgOn_SkbQA5Li5dB0M7VUE/RIjI1MmYzYjE4ZDI0MTk0NDVjNWFiNGEyZTMwYWNkYzIyIg"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230308-234401-14525b721d
accept-ranges
bytes
cf-ray
7ae706dfce0003a0-FRA
expires
Tue, 26 Mar 2024 10:42:28 GMT
2*3vJU4sgGd_CmFQFl4wH6-Q.jpeg
miro.medium.com/v2/resize:fill:20:20/
976 B
1 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:20:20/2*3vJU4sgGd_CmFQFl4wH6-Q.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77bf5c7f91ff6aa8149d4793569cd79cfce03791cfe8632a2a88bc086b4d992
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
257233
x-envoy-upstream-service-time
101
content-disposition
inline; filename="2*3vJU4sgGd_CmFQFl4wH6-Q.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
976
x-request-id
3f566f91-5462-4303-9162-3aa54298ce25
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"otqmLAd0vwSg8JnocfiFOlzcufMbpEtiQZGBgUclANM/RIjJlNDI3Y2JjOTA5ODc3ODVhNzVmYjdlMWY4MDk0YzRiIg"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230308-234401-14525b721d
accept-ranges
bytes
cf-ray
7ae706dfce0203a0-FRA
expires
Tue, 26 Mar 2024 10:42:28 GMT
1*0fHUKyg3xtpNWpop35PR4g.png
miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/1*0fHUKyg3xtpNWpop35PR4g.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20a4fbe5c62f180ce9fd4679f55b696f7b6fbcd116bfd6c21a9de36b54266ccb
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
content-security-policy
script-src 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
177458
x-envoy-upstream-service-time
105
content-disposition
inline; filename="1*0fHUKyg3xtpNWpop35PR4g.png"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1205
x-request-id
40c2518f-aa6d-4834-afdb-0f4e44339bb6
sepia-upstream
medium
server
cloudflare
etag
"CEJCrFHfG4y6nbf_epJhcTgOn_SkbQA5Li5dB0M7VUE/RImQxZjFkNDJiMjgzN2M2ZGE0ZDVhOWEyOWRmOTNkMWUyIg"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
medium-fulfilled-by
miro-v2/main-20230324-113241-2364650ba0
accept-ranges
bytes
cf-ray
7ae706dfce0403a0-FRA
expires
Tue, 26 Mar 2024 10:42:28 GMT
graphql
labs.guard.io/_/
84 B
500 B
Fetch
General
Full URL
https://labs.guard.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41a6f4c366c08b5790eb229e9fb26dd413031651050e8b443d8a1da31b294640
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5f811603da736617
medium-frontend-path
/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation
ClapCountQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app
lite/main-20230327-071906-014b73d21d
apollographql-client-version
main-20230327-071906-014b73d21d
ot-tracer-spanid
0a7d583a7020cb5b

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
26
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"54-20roxWpllD0bm54OeAVJlC3pRgw"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d
cf-ray
7ae706dfdae1046a-FRA
x-request-received-at
1679913748805
_r
app.link/
91 B
597 B
Script
General
Full URL
https://app.link/_r?sdk=web2.72.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
d0d4d99d44899e59305178e7904d5a3c4ed4b74476e214ef289af9e665711345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
etag
W/"5b-6oFtFAheqo173kFbDlMECdS6ukM"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
91
x-amz-cf-id
Tm2_8nm_r7NXqOeHWdjv7SoCpZoqwLjnhUaL_1vSl0zxHqA69MKd2Q==
collect
www.google-analytics.com/j/
3 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2128316746&t=pageview&_s=1&dl=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282&ul=en-us&de=UTF-8&dt=%E2%80%9CFakeGPT%E2%80%9D%3A%20New%20Variant%20of%20Fake-ChatGPT%20Chrome%20Extension%20Stealing%20Facebook%20Ad%20Accounts%20with%20Thousands%20of%20Daily%20Installs%20%7C%20by%20Guardio%20%7C%20Mar%2C%202023%20%7C%20Medium&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1697275361&gjid=810982231&cid=957265882.1679913748&tid=UA-24232453-2&_gid=1653578676.1679913748&_r=1&_slc=1&z=571893355
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Mar 2023 10:42:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://labs.guard.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
4375.74282e94.chunk.js
cdn-client.medium.com/lite/static/js/
28 KB
9 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/4375.74282e94.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fadd67e1ecf12bdd2fa18d6192d411068afd3f3cb4fd93d9a8a528070dd000d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
x-amz-version-id
owR.hxU0rBJTXzzupVwm1VjruWjwgtcc
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
AYC83W2QB7WGCK84
age
297544
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MQMo2SIiiSMUw6SsfMnkzmw6Rb80mzLACsyjLdD8F2ALk5qheUMhPREQDeYjB6SdfG5JQpjH3+U=
last-modified
Thu, 09 Mar 2023 23:38:51 GMT
server
cloudflare
etag
W/"3420452988d3d29e1f104bba04a2b232"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706dffe3903a0-FRA
expires
Tue, 26 Mar 2024 10:42:28 GMT
PostNextFiveStories.717a022a.chunk.js
cdn-client.medium.com/lite/static/js/
3 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/PostNextFiveStories.717a022a.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a1272ec4f1f3ab3e74bfe2a19dfe25699eac24a353376e10066aed4398a0acc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
x-amz-version-id
OxlCq20Y1rLOfo1Wua.C2QAwvvEwwAIW
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
GVFNERDHKA8XSC1P
age
321764
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
TBcw/GAwoej/TN02NBv/unNx/lOQwcpe0RLOyC2JVZi/50aU+YaUhpusnNboLyJijlnRwDKGciE=
last-modified
Wed, 08 Mar 2023 22:09:08 GMT
server
cloudflare
etag
W/"35bd16f834c86aa992fb2c790b524670"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7ae706dffe3a03a0-FRA
expires
Tue, 26 Mar 2024 10:42:28 GMT
graphql
labs.guard.io/_/
22 KB
4 KB
Fetch
General
Full URL
https://labs.guard.io/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
990c7440076bf31194067106569b47ea7cd94c4d504f376753a6b43c6705ea6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

apollographql-client-name
lite
medium-frontend-route
post
ot-tracer-sampled
true
accept-language
de-DE,de;q=0.9
ot-tracer-traceid
5f811603da736617
medium-frontend-path
/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation
PostNextFiveStoriesQuery
content-type
application/json
accept
*/*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app
lite/main-20230327-071906-014b73d21d
apollographql-client-version
main-20230327-071906-014b73d21d
ot-tracer-spanid
0a7d583a7020cb5b

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-envoy-upstream-service-time
83
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
server
cloudflare
etag
W/"574f-Qt0vloAhBamOwnyGkxwxHw60RZI"
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
cf-ray
7ae706e06bc8046a-FRA
x-request-received-at
1679913748648
open
api2.branch.io/v1/
316 B
693 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
58f4aecbdedc1e9c157d18343ded11a1ed41fb65b0418bb87691c2c1ab203b80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Mar 2023 10:42:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
6de5fb84-53b4-4576-a2c8-559257f0c173-2023032710
content-length
316
x-amz-cf-id
cTetIClXjGm5dGDSXG3-DC6P0s7GQW2MS18qGK5RZXIcfLLPnHz2NA==
profile
api2.branch.io/v1/
183 B
613 B
XHR
General
Full URL
https://api2.branch.io/v1/profile
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a27e840dc0014d82d0536ab76cd30f1f0d6e05f0e742f153aa4168430fe55f36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Mar 2023 10:42:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"b7-21SOXOiG0A0bIY+7FSE0E/+lsJs"
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
3521d987cdf242c59fdd0d8483bdbc78-2023032710
content-length
183
x-amz-cf-id
dRihF5RoZFq9cQt1xGw3kaLtJNncRd8n_eDtCw-LmkGWUlhT6afs_g==
pageview
api2.branch.io/v1/
28 B
435 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Mar 2023 10:42:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
7339d2a9d58d42fb8fcef16f397d432f-2023032710
content-length
28
x-amz-cf-id
TAaRymY4c2h43IXprYSFnwz5dbPL4RW7cD8Ep6n_jLmKXGJst0IVAg==
pageview
api2.branch.io/v1/
28 B
435 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Mar 2023 10:42:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
26df7d52576044d48cc8a4126d8225fd-2023032710
content-length
28
x-amz-cf-id
bt4EzJhsFVlYLImeLjd8j43Q-WnsUmZxoYRyP9MbYBnU1biO7oInHA==
batch
labs.guard.io/_/
17 B
296 B
Fetch
General
Full URL
https://labs.guard.io/_/batch
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5b51cc7a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.152.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
x-xsrf-token
1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/json

Response headers

date
Mon, 27 Mar 2023 10:42:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
worker-missing-cookies
0
vary
Accept-Encoding
content-type
application/json
medium-fulfilled-by
edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4
x-envoy-upstream-service-time
148
cf-ray
7ae706f7fca1046a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| __BUILD_ID__ string| __GRAPHQL_URI__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| webpackChunklite function| setImmediate function| clearImmediate object| regeneratorRuntime object| DD_RUM function| main object| __APOLLO_CLIENT__ object| __cfBeacon string| GoogleAnalyticsObject function| ga object| branch object| google_tag_data object| gaplugins object| gaGlobal object| gaData

11 Cookies

Domain/Path Name / Value
.labs.guard.io/ Name: __cfruid
Value: 29138dd323709448fe3080ff9edfe64de76ff4cb-1679913745
.medium.com/ Name: uid
Value: lo_c7808abc0904
.medium.com/ Name: sid
Value: 1:o+Dw11zKWzADlfUYfy7pXvI16U87q7gyQnDkdLyYKBA3PUMrGpsfd68pVCVR6HvL
.medium.com/ Name: __cfruid
Value: 4989a861cdd7c4d77dc16bf5ea2363b9c43d9f95-1679913745
labs.guard.io/ Name: uid
Value: lo_c7808abc0904
labs.guard.io/ Name: sid
Value: 1:NPA+9eosEmqVl8zTG/pfDBH8XvAcmUDiPXqmm29tOkllPeldAzD/6fQL3kQs637r
labs.guard.io/ Name: _dd_s
Value: rum=0&expire=1679914647326
.guard.io/ Name: _ga
Value: GA1.2.957265882.1679913748
.guard.io/ Name: _gid
Value: GA1.2.1653578676.1679913748
.guard.io/ Name: _gat
Value: 1
.app.link/ Name: _s
Value: 3U4L0IGv%2FYMPz2rYBwYyDrQgy66zCfouMzA%2BEUe%2BMtESirz6ePHxdSSiK2Yyt%2B8j

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://medium.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
labs.guard.io
medium.com
miro.medium.com
static.cloudflareinsights.com
www.google-analytics.com
162.159.152.4
2600:1f18:24e6:b901:4924:1683:6b84:60b3
2600:9000:2127:4a00:19:9934:6a80:93a1
2600:9000:2127:6600:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2606:4700::6810:3965
2a00:1450:4001:810::200e
65.9.95.56
0134174dae124a376b9eda4f9991d1719140f1dd5743f7039ecee84a9a1293d4
019b9549d1add8514876e9aaabb20c29e90fcbca7c08eb7962168c4a1ad163c1
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
03339318237f203c39972793a5232b2c94f3ea7a2c814641ae62660d8dd6e02b
0573eb7e1b3f0dbaad578ead6eb03bfbd6280ae5d9a2827ad95b260717410939
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
0d19349e1a7fc17631e75d4434c94ded800f5bcb8cf8e019abe59369b9e574e0
0daa86ae7a8d02fd70a8eed0aef1ab1fd2f012a85ec387c0887a7d943ef6f262
0e0fd5124a43543afad915b027f29bb84fddb17255673cbaaa1f9da33f049ae8
109305b83312289d5b5026f82598c22c14fc16fa6c973ddbe8e049b59b27ae98
10f6863941a69dacb051d913b6a6483a06d5fde434a689d9a0402d7d2abecc65
14630d61ff002f2fc564d00a080ba2cef7e0811be983a192549c43335b1d706e
15cc2881089acdd5534ce3ce3c3524b1c8fb0f51238e79a7d7c09ed2e300423f
160057a9ff13f4259bd4df4bb3dd3e2bc435e49b93f8a451ec818bc7e3c5c87b
17b661a486215879018ecdf2463102d385f2c4fb74558fd15582e9f4844523d3
1ae9114902b2ab33b092fbb3f9082924a72fe93924969932340e9fd54d16089b
1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e543b82c6cc0cfab55e6bb56334d01ec7b92f0013095c489408297e6d72c515
20a4fbe5c62f180ce9fd4679f55b696f7b6fbcd116bfd6c21a9de36b54266ccb
2410eea0a29d1bdf77ec70bf2f53b0b77adfac2de33ca829943f758b12fdfb99
262e375e9795bcba1e73546c02ce7ef5eb30067bce5a8a7c70e0a9e5ce5d6883
265526ce77f97d404aa19bc51556dceafed4c642c3eac315a0633db316b07257
2911927df6c0a93829e78411112c7814bc7b90ecb78c3656c43d501ce89a0a65
293cb36ca1c002f569bcbce51360a20745ce87b2e515be849d83d5269d7d2174
2f65625d4e5e602275192a263aa5829346dda4c0e91e269ba2804d9b78e9a961
32579933fa7409a851f4fed587cb4a19111bf097eb787ba275666500c1dc1596
3509c454b102f44e784622f3c20676a48a66b42cd9c674c59bf9f1c8a735f9a3
3931bd7f23bc38d81098698e191881070610cf3fdd333eab9d4a12afa969a31a
3fadd67e1ecf12bdd2fa18d6192d411068afd3f3cb4fd93d9a8a528070dd000d
41a6f4c366c08b5790eb229e9fb26dd413031651050e8b443d8a1da31b294640
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
457c73fda826dc12d4ee8d563ddfbdb3971411032e4d661bd19a4420e6a8bcfb
4915cb0960fda9afe3b4d35b4e569e4944be7be81c2f7f30d16f88f4cbbf5eb6
4a7798b932189586c10476725680d487c508de89bd1824df1b58d78e84af8430
4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46
50a979f6e8a062abeacd9791b81cbedbe908659d6bc12d73f1102167bfc41937
5672352c6067919339803100571f773db22963c9a71b4a3e075f973655169dac
575be440fd61e4d3666cd1d027a88bca046ce1b2a4be3c49a4c192c6ebb02774
58f4aecbdedc1e9c157d18343ded11a1ed41fb65b0418bb87691c2c1ab203b80
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a9538496fc598aef8185ce64a1416f66dbb480363eacd5466477f888985c161
6173a1b363b6bffdf4ec8d533f260644b17cc6f8a747f2d4f529795a3cdf0c04
6218d5fa65862fd0e406e131b1460546b2e0cb7fcd8b979095743290f25cf28f
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
6b435ccf90393f5a5829b1a4baa617535ddd7a79ce6afc18bec910a9850a465e
6c452648a5259b5db228427477a67b2605e4dea75b45024436e7899c9097f1fa
6d5c1203e3eb0b39d54d649e3cb5a765a5d7f583f51d913a0e0f7aaa6cf2bc58
6f02ea437002186df42ccf6278348ca5f10fdf10a18f8951d650a8c0f653a9fd
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
7101db1dbc4ff14b45fb47e8dec43ef8b71aa1606c4be04aa83e787f3e9e8e21
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
79055c5ced00aaa34cd82639689ff5e0a82479a77deaf5647bd5239839c6d7f4
7922cea637f271d76bc107e7955bbf5b89a4e757e19459c6575a4f11dc06e643
798ac101e9328c4c2c94e3901198733670dfa1a1d09440e94e74b85fb3fb94c9
7ed67da0bdabd16ddaca960a2ea253496cf4dd3526d30867a189704b11c6a467
81f57e6fb25434f5eda588bdddaae55d343b285a28e4df5fdc5eed5646cdc5aa
8b75797cf449be117986913ab61b0fe44ab2aba98cd6fed86a319fab3fd3cd1e
8c4e5c4fd526522c11301d87d90cd21092dbef86faeb8bc73c2b53331cefdf8a
8c90145729c8ac298928c43206ddc0cbf770a05280b94e58b9fe033132927c81
93ec15dd15d0b36925c06e9cd208be62b2bd75010d9681c067867fc429b29d9f
987b520121ba6601b336c4173fd71afba7c979fec402177956f0b6f251e63a42
990c7440076bf31194067106569b47ea7cd94c4d504f376753a6b43c6705ea6a
9a1272ec4f1f3ab3e74bfe2a19dfe25699eac24a353376e10066aed4398a0acc
a27e840dc0014d82d0536ab76cd30f1f0d6e05f0e742f153aa4168430fe55f36
a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542
a7b32f55e453df9dafb38e1526d6df303dad3082f9c3af5d02e051d43cc3fb88
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
aabd7237fd06f6a0911f5161f31467fbdff9bdc6270c8400fb02b0e589926290
ae4a152dbc443cb2190ebe669b3604fa97bae75f8012b0364ffb2ff2d4def713
b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b6c7af4cf38f7cf7c3f086b94b3c188b80a3cd014d34b6d090cea7ab1bb83013
b7a186a71840944885d3c455f4e3c5b73fcc575b75fcd91f4e111ea512e75b8f
bb1ed19249c07f3ad9aa269ca1a0a5a41096960f35bddb839fbdad08767e3017
be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3
c4a0cb6328126994438b5a127dc9d3bb890323c339df243cc9f19bc3bde40bfa
ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f
d0d4d99d44899e59305178e7904d5a3c4ed4b74476e214ef289af9e665711345
d1925453f0c7fcc73914d9ff411bbdc787a17639020213ab8e726c0238d6a0ec
d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213
d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee
d77bf5c7f91ff6aa8149d4793569cd79cfce03791cfe8632a2a88bc086b4d992
d7e8addc36fcc7ebabf0199ec910423b7044b25895211d993fb550956c76e9cc
d90d9b25e381a5dc97ed9e96eddb5928686281984682f25e32d6d4934890b15c
da15a28f3982706969212484d7424b3323813a5b44176f7da9d3bdc1a542fea4
de16b6ad8b62c74f785db80c6cda1da7b480899643c69e482b9c9ca62120aeaa
e0ed14158453c2969240624e26500bf14c33f6f97e6cd4470f311382000a0e15
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53ebfbcc9c25748543c93340d2eb361c3fae51ae63261e01e54758703593afc
e80a252cee9dbd81949fcda2a31ee089bba091c13482d2a2044670c42920b619
e8724e03987435c26bcb349f0dae558b524c11210bc93fc6504723524f14d582
e908bc0bd99283dd6f61e60a919c277a92763001d3c2d22f2253e4f902b09688
ea070061aafd1001bdaaf68f7a8a012c3a5d1e5982c971da14f65943c1d68537
ec60da686bdb6ecb9649da974c150a9ac39b834b4340f02a25e5ea787ebdeff3
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
fb77d553412e3911b30897a9a25388cc091cfa9fd87930852bc47dc5cd82757d
fe013aaffd40c811e5c329e429d314d95f9a2b4a40efd75e3c2ca8b27448f86d
ffb05d842097704d80ae4cbabc01da78700a238784dced37722a07c30236840a