Submitted URL: http://0dayfans.com/
Effective URL: https://0dayfans.com/
Submission: On November 25 via manual from RU — Scanned from DE

Summary

This website contacted 17 IPs in 3 countries across 19 domains to perform 33 HTTP transactions. The main IP is 173.236.166.1, located in United States and belongs to DREAMHOST-AS, US. The main domain is 0dayfans.com.
TLS certificate: Issued by R3 on November 15th 2022. Valid for: 3 months.
This is the only time 0dayfans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 173.236.166.1 26347 (DREAMHOST-AS)
1 2a00:1450:400... 15169 (GOOGLE)
8 2600:9000:205... 16509 (AMAZON-02)
3 151.101.128.238 54113 (FASTLY)
2 2 151.101.64.238 54113 (FASTLY)
1 2607:f1c0:100... 8560 (IONOS-AS ...)
1 163.172.4.236 12876 (Online SAS)
2 104.26.2.136 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.196.191.243 15169 (GOOGLE)
1 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.173 2635 (AUTOMATTIC)
2 146.148.61.165 15169 (GOOGLE)
1 34.210.62.107 16509 (AMAZON-02)
1 2606:50c0:800... 54113 (FASTLY)
3 192.0.66.2 2635 (AUTOMATTIC)
33 17
Apex Domain
Subdomains
Transfer
8 hackerone-user-content.com
profile-photos.hackerone-user-content.com
141 KB
3 github.blog
github.blog — Cisco Umbrella Rank: 239020
2 MB
3 squarespace-cdn.com
images.squarespace-cdn.com — Cisco Umbrella Rank: 4865
840 KB
3 0dayfans.com
0dayfans.com
63 KB
2 praetorian.com
www.praetorian.com
48 KB
2 detectify.com
labs.detectify.com
40 KB
2 mdsec.co.uk
www.mdsec.co.uk
125 KB
2 squarespace.com
static1.squarespace.com — Cisco Umbrella Rank: 5762
794 B
1 xdavidhu.me
bugs.xdavidhu.me
222 KB
1 doyensec.com
blog.doyensec.com
2 KB
1 nccgroup.com
research.nccgroup.com
66 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3186
3 KB
1 talosintelligence.com
talosintelligence.com — Cisco Umbrella Rank: 95887
2 KB
1 blogspot.com
googleprojectzero.blogspot.com — Cisco Umbrella Rank: 697318
796 B
1 synacktiv.com
www.synacktiv.com
1 windows-internals.com
windows-internals.com
4 KB
1 chromium.org
bugs.chromium.org — Cisco Umbrella Rank: 309853
854 B
0 portswigger.net Failed
portswigger.net Failed
0 ssd-disclosure.com Failed
ssd-disclosure.com Failed
33 19
Domain Requested by
8 profile-photos.hackerone-user-content.com 0dayfans.com
3 github.blog 0dayfans.com
3 images.squarespace-cdn.com 0dayfans.com
3 0dayfans.com 1 redirects 0dayfans.com
2 www.praetorian.com 0dayfans.com
2 labs.detectify.com 0dayfans.com
2 www.mdsec.co.uk 0dayfans.com
2 static1.squarespace.com 2 redirects
1 bugs.xdavidhu.me 0dayfans.com
1 blog.doyensec.com 0dayfans.com
1 research.nccgroup.com 0dayfans.com
1 i0.wp.com 0dayfans.com
1 talosintelligence.com 0dayfans.com
1 googleprojectzero.blogspot.com 0dayfans.com
1 www.synacktiv.com 0dayfans.com
1 windows-internals.com 0dayfans.com
1 bugs.chromium.org 0dayfans.com
0 portswigger.net Failed 0dayfans.com
0 ssd-disclosure.com Failed 0dayfans.com
33 19
Subject Issuer Validity Valid
www.0dayfans.com
R3
2022-11-15 -
2023-02-13
3 months crt.sh
analysis.chromium.org
GTS CA 1D4
2022-10-09 -
2023-01-07
3 months crt.sh
profile-photos.hackerone-user-content.com
Amazon
2022-05-16 -
2023-06-14
a year crt.sh
*.squarespace-cdn.com
R3
2022-10-08 -
2023-01-06
3 months crt.sh
*.windows-internals.com
Encryption Everywhere DV TLS CA - G1
2022-09-30 -
2023-10-13
a year crt.sh
www.synacktiv.com
Gandi Standard SSL CA 2
2022-07-12 -
2023-08-12
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-18 -
2023-05-18
a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
labs.detectify.com
R3
2022-11-11 -
2023-02-09
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
tls.automattic.com
R3
2022-10-25 -
2023-01-23
3 months crt.sh
www.praetorian.com
R3
2022-10-03 -
2023-01-01
3 months crt.sh
blog.doyensec.com
R3
2022-10-03 -
2023-01-01
3 months crt.sh
bugs.xdavidhu.me
R3
2022-10-23 -
2023-01-21
3 months crt.sh
github.blog
R3
2022-10-02 -
2022-12-31
3 months crt.sh

This page contains 1 frames:

Primary Page: https://0dayfans.com/
Frame ID: 28CEEF2A3279D828662F05CCEC43249B
Requests: 33 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://0dayfans.com/ HTTP 301
    https://0dayfans.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

33
Requests

88 %
HTTPS

35 %
IPv6

19
Domains

19
Subdomains

17
IPs

3
Countries

3919 kB
Transfer

3992 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://0dayfans.com/ HTTP 301
    https://0dayfans.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://static1.squarespace.com/static/5894c269e4fcb5e65a1ed623/58a5b38cb3db2bd67b608658/637d484bbd6d15315428d647/1669219121378/open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg?format=1500w HTTP 301
  • https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1669154896498-14S7352E5X47TG6YT1DA/open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg?content-type=image%2Fjpeg
Request Chain 19
  • https://static1.squarespace.com/static/5894c269e4fcb5e65a1ed623/58a5b38cb3db2bd67b608658/6372bce0c67b98581b79d19f/1668617750841/box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg?format=1500w HTTP 301
  • https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1668463847109-QCH2ZGMU7EIUV2BLY8JR/box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg?format=1500w&content-type=image%2Fjpeg

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
0dayfans.com/
Redirect Chain
  • http://0dayfans.com/
  • https://0dayfans.com/
78 KB
13 KB
Document
General
Full URL
https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.166.1 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-quack.wayne.dreamhost.com
Software
Apache /
Resource Hash
bff1cb1d1daec3f1ab8ba6064305c46856cbfd5fae27ddde765407f0e3d568c6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=600
content-encoding
gzip
content-type
text/html
date
Fri, 25 Nov 2022 08:39:27 GMT
etag
"1395d-5ee3a9f218377-gzip"
expires
Fri, 25 Nov 2022 08:49:27 GMT
last-modified
Thu, 24 Nov 2022 17:20:28 GMT
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Content-Length
229
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 25 Nov 2022 08:39:26 GMT
Keep-Alive
timeout=5, max=100
Location
https://0dayfans.com/
Server
Apache
0dayfans.png
0dayfans.com/
50 KB
50 KB
Image
General
Full URL
https://0dayfans.com/0dayfans.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.166.1 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-quack.wayne.dreamhost.com
Software
Apache /
Resource Hash
06ffa99303d271bb3187ff293354c9cf034c36f22379fbbc340ce30ea834eed6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:27 GMT
last-modified
Thu, 14 Oct 2021 02:16:17 GMT
server
Apache
etag
"c76f-5ce46a9ee052a"
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
51055
expires
Sun, 25 Dec 2022 08:39:27 GMT
monorail.ico
bugs.chromium.org/static/images/
5 KB
854 B
Image
General
Full URL
https://bugs.chromium.org/static/images/monorail.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4a479ba20ba3647d60c6ce046c80c9705946caf1133293f5f60a4f96a83c5803

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 04:21:38 GMT
content-encoding
gzip
server
Google Frontend
age
15469
etag
"LEVzHw"
content-type
image/vnd.microsoft.icon
x-cloud-trace-context
11f82e38f016064973313b9739f58cb0
cache-control
public, max-age=864000
content-length
657
expires
Mon, 05 Dec 2022 04:21:38 GMT
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/000/007/724/bb067434deef370d6a0b16c2cbbc030b57c75e92_original.png/
26 KB
26 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/000/007/724/bb067434deef370d6a0b16c2cbbc030b57c75e92_original.png/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9e00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac6d95f5da44533789a4f4f01a3321ef26c9303c21b446d6ce83b0434b0eefbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
42wBKckjJ1vHWn8BmfevBKezcK05U5nP
date
Fri, 25 Nov 2022 08:38:00 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
223
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
26361
last-modified
Wed, 07 Sep 2022 10:36:11 GMT
server
AmazonS3
etag
"4197714a118a00cf721cb19f1b31cf08"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
I-i8hBJgXxb9GPXY-g3cVIro2oW1POo_4nGW8pOJCG4HARUnNZ8SRw==
favicon.ico
images.squarespace-cdn.com/content/v1/5894c269e4fcb5e65a1ed623/1487670157237-HOXHMI54TA0SZP21OY7C/
604 B
934 B
Image
General
Full URL
https://images.squarespace-cdn.com/content/v1/5894c269e4fcb5e65a1ed623/1487670157237-HOXHMI54TA0SZP21OY7C/favicon.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed3f64e42bd5105f8e2ca81152c9eaf53ce5cdb92405f8ce455d3b2901472725

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
154, 1
date
Fri, 25 Nov 2022 08:39:27 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
241749
x-cache
HIT, HIT
content-length
604
x-served-by
cache-iad-kcgs7200059-IAD, cache-hhn4076-HHN
x-timer
S1669365567.380863,VS0,VE1
etag
CKOwjvzFiusCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg
images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1669154896498-14S7352E5X47TG6YT1DA/
Redirect Chain
  • https://static1.squarespace.com/static/5894c269e4fcb5e65a1ed623/58a5b38cb3db2bd67b608658/637d484bbd6d15315428d647/1669219121378/open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg?format=1500w
  • https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1669154896498-14S7352E5X47TG6YT1DA/open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg?content-type=image%2Fjpeg
559 KB
559 KB
Image
General
Full URL
https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1669154896498-14S7352E5X47TG6YT1DA/open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg?content-type=image%2Fjpeg
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Server
151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3d893694a1014649b173c43e04387439566f6f477fa3040e0b103ff18283bba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
1, 1
date
Fri, 25 Nov 2022 08:39:27 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
146361
x-cache
HIT, HIT
content-length
572020
x-served-by
cache-iad-kiad7000074-IAD, cache-hhn4076-HHN
x-timer
S1669365567.424999,VS0,VE1
etag
CL7H0sfmwvsCEAE=
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly

Redirect headers

x-cache-hits
3, 7
date
Fri, 25 Nov 2022 08:39:27 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
146361
x-cache
HIT, HIT
x-contextid
FFIuWHqt/Edw44ScC
content-length
0
x-served-by
cache-dfw-kdfw8210095-DFW, cache-hhn4072-HHN
pragma
cache
server
Squarespace
x-timer
S1669365567.399816,VS0,VE0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
location
https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1669154896498-14S7352E5X47TG6YT1DA/open-wood-floor-wall-tool-shine-1015078-pxhere.com.jpg?content-type=image%2Fjpeg
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*, *
tracepoint
Fastly
w-logo-blue-white-bg.png
windows-internals.com/wp-includes/images/
4 KB
4 KB
Image
General
Full URL
https://windows-internals.com/wp-includes/images/w-logo-blue-white-bg.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2a4 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:27 GMT
last-modified
Thu, 11 Jun 2020 00:30:08 GMT
server
Apache
accept-ranges
bytes
etag
"1017-5a7c41014e5cd"
content-length
4119
content-type
image/png
favicon.ico
www.synacktiv.com/en/publications/sites/default/files/
0
0
Image
General
Full URL
https://www.synacktiv.com/en/publications/sites/default/files/favicon.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.4.236 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-4-236.rev.poneytelecom.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

favicon-16x16.png
www.mdsec.co.uk/wp-content/themes/mdsec/img/favicons/
540 B
1 KB
Image
General
Full URL
https://www.mdsec.co.uk/wp-content/themes/mdsec/img/favicons/favicon-16x16.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9254db01e89612f04becdc148d1688da8c8ac3bd21ce6193b9d72e88ffd99352

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2429
cf-polished
origSize=1058
content-length
540
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Jul 2020 08:39:01 GMT
server
cloudflare
etag
"422-5a9c1ce7c6317"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDnC2StUOv4gE6kteN0GPXpZiozzKe5WnDWy7SRHsQbbchFgNFX%2FXvWxM2hEITq2dVAyKoIkjH2cvJ3Dh8m13dFdEjarkogBgijZdJgeDrtn%2FdARsAc7bQ9M44QtGhLABg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76f912ec0b0f8ffe-FRA
tim-van-der-kuip-CPs2X8JYmS8-unsplash.jpg
www.mdsec.co.uk/wp-content/uploads/2019/11/
123 KB
124 KB
Image
General
Full URL
https://www.mdsec.co.uk/wp-content/uploads/2019/11/tim-van-der-kuip-CPs2X8JYmS8-unsplash.jpg
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d26a90e6a0f0bca579c50d8a55423f6ccb64cfe9a1777342f1abc05371dc2a04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2384
cf-polished
degrade=85, origSize=145768
content-length
126260
cf-bgj
imgq:85,h2pri
last-modified
Sat, 27 Jun 2020 19:10:21 GMT
server
cloudflare
etag
"23968-5a91593bc2063"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jzmgq67u43JrGOHZRgIjx4kABDzKdu9vnQgVHGtYS8WzCZga96xs7tjeZ4O2VECyLiCp%2BV1LTSWTPESDCzgg9f%2BaUdj56BcTi%2BLCwa1Ujjc2qxhw7lLPaoX1gbfk4IAEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76f912ec0b108ffe-FRA
favicon.ico
googleprojectzero.blogspot.com/
4 KB
796 B
Image
General
Full URL
https://googleprojectzero.blogspot.com/favicon.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Nov 2022 08:08:26 GMT
server
GSE
etag
W/"60acf2e5a2209019667a48446923caae32aa8e6d61b3f5c2b3c3d02b47236198"
content-type
image/x-icon
cache-control
private, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
412
x-xss-protection
1; mode=block
expires
Fri, 25 Nov 2022 08:39:27 GMT
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/gbogkyyks4yd3ljs0znnj8j5uj4z/
1 KB
2 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/gbogkyyks4yd3ljs0znnj8j5uj4z/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9e00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
563b4ae747fb654828723bae95da3166853853ddfa3e3c87c31c2bc395d5dcd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
6C2gTaAomJHHEanIybbKR3Uzj9CV4qyk
date
Fri, 25 Nov 2022 08:38:00 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
223
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
1403
last-modified
Wed, 14 Sep 2022 06:07:35 GMT
server
AmazonS3
etag
"81333b1a7e6274e5304e37c29effbd23"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
7rOCv0K2_aly9LKCMkWZ-lOZ-IXFSvqtvmxmxlxXnmGMNdZsJyU9CQ==
OnlytheD-icon.png
ssd-disclosure.com/wp-content/uploads/2020/01/
0
0

favicon-01f90f6b94ec4cceb73079603f6ae4329ac68a00d055125fd7e998b2ce4d5556.ico
talosintelligence.com/assets/favicons/
15 KB
2 KB
Image
General
Full URL
https://talosintelligence.com/assets/favicons/favicon-01f90f6b94ec4cceb73079603f6ae4329ac68a00d055125fd7e998b2ce4d5556.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c73a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c9b25776778ff43873cf5ebde2e1ffcd0747ad1042ac5a5306cdde3ffca8cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:27 GMT
via
1.1 spaces-router (1ee3716bf5eb)
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 11 Apr 2022 16:21:31 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
3540
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
content-encoding
br
cache-control
public, max-age=7200
cf-ray
76f912ece8709b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 25 Nov 2022 10:39:27 GMT
favicon.ico
labs.detectify.com/wp-content/themes/detectify2.0.5/
1 KB
926 B
Image
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/favicon.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b3e83faeaebc9034cd9a31b47bf067a364d543f12ae387e07e541361d2e0d30a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:27 GMT
content-encoding
br
last-modified
Fri, 06 May 2022 12:55:28 GMT
server
nginx
etag
W/"62751ac0-47e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=31536000
docker-automation.png
labs.detectify.com/wp-content/uploads/2022/11/
38 KB
39 KB
Image
General
Full URL
https://labs.detectify.com/wp-content/uploads/2022/11/docker-automation.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4a39554cff17ec3237e6ab6b1f5c31a5ffc6f7e3e7575bf63072b362017b5068

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:27 GMT
last-modified
Mon, 21 Nov 2022 15:30:15 GMT
server
nginx
etag
"637b9987-99b3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
39347
cropped-Gwl5Lrim_400x400-1.jpg
i0.wp.com/research.nccgroup.com/wp-content/uploads/2020/07/
2 KB
3 KB
Image
General
Full URL
https://i0.wp.com/research.nccgroup.com/wp-content/uploads/2020/07/cropped-Gwl5Lrim_400x400-1.jpg?fit=192%2C192&ssl=1
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
505437de08596140f1ad6c3e0a3ac7bd19e0b887396541fce1810d7d3f9b12d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 25 Nov 2022 08:39:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 06 Nov 2022 04:51:05 GMT
server
nginx
etag
"856b3f3e2234b139"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://research.nccgroup.com/wp-content/uploads/2020/07/cropped-Gwl5Lrim_400x400-1.jpg>; rel="canonical"
content-length
2320
expires
Tue, 05 Nov 2024 16:51:05 GMT
DCD_WRITE_seq.png
research.nccgroup.com/wp-content/uploads/2022/11/
66 KB
66 KB
Image
General
Full URL
https://research.nccgroup.com/wp-content/uploads/2022/11/DCD_WRITE_seq.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.173 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
67ee77f8efc0ddea41e621b7cc5814dafe61ba830ccf7316a63074060e814e4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:27 GMT
strict-transport-security
max-age=31536000
x-ac
2.hhn _atomic_ams BYPASS
last-modified
Mon, 07 Nov 2022 17:19:20 GMT
server
nginx
etag
"63693e18-106fe"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
67326
expires
Fri, 02 Dec 2022 08:39:27 GMT
cropped-Praetorian-Favicon-192x192.png
www.praetorian.com/wp-content/uploads/2021/01/
17 KB
17 KB
Image
General
Full URL
https://www.praetorian.com/wp-content/uploads/2021/01/cropped-Praetorian-Favicon-192x192.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.61.165 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
165.61.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
77760f63b467020b2e8c3cf855b21939850b7515c1060a75251de84f98b71ed4
Security Headers
Name Value
Content-Security-Policy frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:28 GMT
content-security-policy
frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
last-modified
Mon, 22 Mar 2021 21:57:06 GMT
server
nginx
etag
"605912b2-4265"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16997
Praetorian_OG.jpg
www.praetorian.com/wp-content/uploads/2021/01/
31 KB
31 KB
Image
General
Full URL
https://www.praetorian.com/wp-content/uploads/2021/01/Praetorian_OG.jpg
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.61.165 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
165.61.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
38041addf6bbaa7665d467f7279f3b2c63de23b3b8a946f07cd015b830c71d75
Security Headers
Name Value
Content-Security-Policy frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:28 GMT
content-security-policy
frame-src 'self' *.praetorian.com *.google.com *.youtube.com *.greenhouse.io *.doubleclick.net *.twitter.com *.hsforms.com *.hsforms.net disqus.com vars.hotjar.com; frame-ancestors 'none';
last-modified
Wed, 01 Jun 2022 22:44:03 GMT
server
nginx
etag
"6297ebb3-7a70"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
31344
box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg
images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1668463847109-QCH2ZGMU7EIUV2BLY8JR/
Redirect Chain
  • https://static1.squarespace.com/static/5894c269e4fcb5e65a1ed623/58a5b38cb3db2bd67b608658/6372bce0c67b98581b79d19f/1668617750841/box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg...
  • https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1668463847109-QCH2ZGMU7EIUV2BLY8JR/box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg?format=1500w&content-typ...
280 KB
280 KB
Image
General
Full URL
https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1668463847109-QCH2ZGMU7EIUV2BLY8JR/box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg?format=1500w&content-type=image%2Fjpeg
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Server
151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95962718cdbe012aa14ede782b5821b8534f10df16982c71e367e71728d1e41d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
134, 1
date
Fri, 25 Nov 2022 08:39:27 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
142847
x-cache
HIT, HIT
content-length
286925
x-served-by
cache-iad-kcgs7200141-IAD, cache-hhn4076-HHN
x-timer
S1669365568.588719,VS0,VE1
etag
CKiK+5fYrvsCEAE=
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly

Redirect headers

x-cache-hits
21, 7
date
Fri, 25 Nov 2022 08:39:27 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
142934
x-cache
HIT, HIT
x-contextid
fbFyKyFL/YBGwDcFF
content-length
0
x-served-by
cache-dfw-kdfw8210121-DFW, cache-hhn4072-HHN
pragma
cache
server
Squarespace
x-timer
S1669365568.557343,VS0,VE0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
location
https://images.squarespace-cdn.com/content/5894c269e4fcb5e65a1ed623/1668463847109-QCH2ZGMU7EIUV2BLY8JR/box-luggage-chest-picture-frame-closure-go-away-497875-pxhere.com.jpg?format=1500w&content-type=image%2Fjpeg
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*, *
tracepoint
Fastly
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/000/000/041/a819f0d518a4854df667be26210167805f38a6a4_original.png/
10 KB
10 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/000/000/041/a819f0d518a4854df667be26210167805f38a6a4_original.png/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9e00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5c273801890ac84e2bd94f6abb1d159b21a01f2277de29280c2fc5d50115d10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
EPOe7KA.MAZEdQ8XBrF_dwHK0a2wqNye
date
Fri, 25 Nov 2022 08:38:00 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
223
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
9852
last-modified
Wed, 07 Sep 2022 11:46:52 GMT
server
AmazonS3
etag
"52b04e71bc03d6fb9c883f68b293e821"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
iFwSIGjybbsEPVgM0w66dDRyl0AyGH-4q2OQ27OQOhRKUWzigyKHxA==
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/f0hovtq73f9ap815a0r1w42bocp4/
7 KB
7 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/f0hovtq73f9ap815a0r1w42bocp4/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9e00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
933e00aca47ad3993c20b274cee9437ca33e74bba568114ded7413e905505195

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
kABJcqr431GOekMAularGXy._fMGEP1y
date
Fri, 25 Nov 2022 08:38:00 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
223
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
7112
last-modified
Wed, 07 Sep 2022 10:34:56 GMT
server
AmazonS3
etag
"a30396e70145b423e66d22dceb171bdb"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
ah2ozd51Fa0WdmxBywP6In5DWkKTs4ceaMWARHnOvpT7lnP6VVL4uQ==
favicon.ico
portswigger.net/content/images/logos/
0
0

favicon.ico
blog.doyensec.com/public/images/
766 B
2 KB
Image
General
Full URL
https://blog.doyensec.com/public/images/favicon.ico
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.210.62.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-62-107.us-west-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
506d0182002b5c2a4dd6c3306626b9134c73e10af4397e240a85c0f7d09cf167
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' https://asciinema.org https://www.youtube.com/; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://asciinema.org 'sha256-IfTJ3ylkYUuY050EeYWUukzHhA37rONax4Ajn5RyP9I=' 'sha256-fIbiUf9HBlAZgfz8XWmHCoX4UgpEfkQVgGtS09Khius=' 'sha256-a7aRVd+qYgVU1q/J7IyDSrCB0KYf+gV33uIGU6yfQEk=' 'sha256-mX+MLc5l9PzGBhV5+2N/YtEoycW+8cOqOFxi4hokniw=' 'sha256-y2eEyInA7iERp4AmBy+u4UeISPK8pzHlmlhq+bbiYJk=' 'sha256-y2eEyInA7iERp4AmBy+u4UeISPK8pzHlmlhq+bbiYJk=' 'sha256-4jfMrdVKephIxGBOU0wkku3t/DsIQkkRWyscH84Z5TE=' 'sha256-aRqJzrLIa2GUqGRmKaeQVoClbhbg+q4N+RihxsYC3oM='; connect-src 'self' https://www.google-analytics.com; img-src 'self' https://www.google-analytics.com https://imgs.xkcd.com/; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; form-action 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:39:27 GMT
Content-Security-Policy
default-src 'self'; frame-src 'self' https://asciinema.org https://www.youtube.com/; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://asciinema.org 'sha256-IfTJ3ylkYUuY050EeYWUukzHhA37rONax4Ajn5RyP9I=' 'sha256-fIbiUf9HBlAZgfz8XWmHCoX4UgpEfkQVgGtS09Khius=' 'sha256-a7aRVd+qYgVU1q/J7IyDSrCB0KYf+gV33uIGU6yfQEk=' 'sha256-mX+MLc5l9PzGBhV5+2N/YtEoycW+8cOqOFxi4hokniw=' 'sha256-y2eEyInA7iERp4AmBy+u4UeISPK8pzHlmlhq+bbiYJk=' 'sha256-y2eEyInA7iERp4AmBy+u4UeISPK8pzHlmlhq+bbiYJk=' 'sha256-4jfMrdVKephIxGBOU0wkku3t/DsIQkkRWyscH84Z5TE=' 'sha256-aRqJzrLIa2GUqGRmKaeQVoClbhbg+q4N+RihxsYC3oM='; connect-src 'self' https://www.google-analytics.com; img-src 'self' https://www.google-analytics.com https://imgs.xkcd.com/; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; form-action 'self'; frame-ancestors 'self'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Wed, 19 Oct 2022 08:54:00 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2fe-5eb5f598ba1fb"
X-Frame-Options
SAMEORIGIN
Content-Type
image/vnd.microsoft.icon
Connection
close
Accept-Ranges
bytes
Content-Length
766
X-XSS-Protection
1; mode=block
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/000/035/710/c1ae53147a025b33b7c8383200432c8b4a9b839a_original./
41 KB
41 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/000/035/710/c1ae53147a025b33b7c8383200432c8b4a9b839a_original./86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9e00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3a20c201413f111c80db3557b390c53647440cb08e77f11bb6dc7b4da46d232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
tYHlM0BCwb89pekNuDHvTz6x0qVYWUlv
date
Fri, 25 Nov 2022 08:38:00 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
223
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
41726
last-modified
Wed, 07 Sep 2022 10:48:27 GMT
server
AmazonS3
etag
"b15946ddf6552f3e0d7728770c4c8d59"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
-8otAnsSF8ju5K9qZZ-Z34KDE2-HLBNV2007hQRdNSbCP9hxeydrRQ==
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/000/005/044/ba20ca159dad308d753710d2b8ae8dd665a60b80_original.png/
8 KB
8 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/000/005/044/ba20ca159dad308d753710d2b8ae8dd665a60b80_original.png/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9e00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47bcb7a4d0be49ce96455854bea56dd5210afdce191fe39ec34d336ba123c848

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
mRyKOm8jFWaUnt8DZz3BXRYy0NYWFHg_
date
Fri, 25 Nov 2022 08:38:00 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
223
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
8096
last-modified
Wed, 07 Sep 2022 10:52:58 GMT
server
AmazonS3
etag
"ce2bba43b42e4ec36342432518598aef"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
KO-XrILZ9TePEzRML9m88ASrJg7fWV9dMyYp4wwQNWsmeE-Io0zyDA==
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/roYPkZznCDFmy4VGkFPnbDrc/
11 KB
11 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/roYPkZznCDFmy4VGkFPnbDrc/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9e00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffdfc37a81a587b41d74cefc90d4e6dbbf91a58c4f25354aeefffbfa706ea7d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
VKg.kJnwjN0woY8bO1dhNZ_jqWGRLJP2
date
Fri, 25 Nov 2022 08:19:06 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1534
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
10986
last-modified
Wed, 07 Sep 2022 10:08:49 GMT
server
AmazonS3
etag
"e720d3d75015eb1d8b115e57ea51f22b"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
Ts4FyPpeMqy06jAh5qoD-ei6IocvQQs-wS7bx-YUCkge1HhaN03qEA==
twitter-card.png
bugs.xdavidhu.me/assets/posts/2022-11-10-accidental-70k-google-pixel-lock-screen-bypass/
222 KB
222 KB
Image
General
Full URL
https://bugs.xdavidhu.me/assets/posts/2022-11-10-accidental-70k-google-pixel-lock-screen-bypass/twitter-card.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
f43a114b7e6b28c023618c866621c6919785bddd802aa9170d2b5f2df66da6e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-fastly-request-id
970f8c72d46d27f07eec0b6737fda930c47b958c
date
Fri, 25 Nov 2022 08:39:27 GMT
via
1.1 varnish
expires
Thu, 24 Nov 2022 23:10:04 GMT
age
276
x-cache
HIT
x-proxy-cache
MISS
content-length
227142
x-served-by
cache-ams21058-AMS
last-modified
Thu, 10 Nov 2022 18:44:02 GMT
server
GitHub.com
x-github-request-id
5268:B89D:22DBE22:23C57CA:637FF774
x-timer
S1669365567.485180,VS0,VE1
etag
"636d4672-37746"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
1
cropped-github-favicon-512.png
github.blog/wp-content/uploads/2019/01/
3 KB
4 KB
Image
General
Full URL
https://github.blog/wp-content/uploads/2019/01/cropped-github-favicon-512.png?fit=192%2C192
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
03d28202901a9e1c6f27223be022ad31abe40f31a7d75f92cd36895ec9d1b60f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains;preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:27 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-rq
hhn1 109 28 443
last-modified
Wed, 08 Dec 2021 17:00:34 GMT
server
nginx
etag
"4752fc4407bcd057"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3488
expires
Thu, 08 Dec 2022 17:00:34 GMT
universeheader3.png
github.blog/wp-content/uploads/2022/10/
1 MB
1 MB
Image
General
Full URL
https://github.blog/wp-content/uploads/2022/10/universeheader3.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ecec6215d897ff15df010bc611851cac22229eef36114299d6b9274ebff49099
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains;preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:27 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-rq
hhn1 109 28 443
last-modified
Wed, 09 Nov 2022 20:07:30 GMT
server
nginx
etag
"66abd4d1e6ecb28f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1245130
expires
Thu, 09 Nov 2023 20:07:30 GMT
universeheader4.png
github.blog/wp-content/uploads/2022/10/
1 MB
1 MB
Image
General
Full URL
https://github.blog/wp-content/uploads/2022/10/universeheader4.png
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
de156162d0cc6c5fd78d157aa1368bfc810770d00175c6f47f0b5cf640f2bd96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains;preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:39:27 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-rq
hhn1 109 139 443
last-modified
Wed, 09 Nov 2022 19:14:18 GMT
server
nginx
etag
"8f6fd65288329dc7"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1165858
expires
Thu, 09 Nov 2023 19:14:18 GMT
86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
profile-photos.hackerone-user-content.com/variants/4dvu0xq9iacojs2s7fgkd3pbu87f/
35 KB
35 KB
Image
General
Full URL
https://profile-photos.hackerone-user-content.com/variants/4dvu0xq9iacojs2s7fgkd3pbu87f/86bca9490b71a481329efc85de3a82a98f6c29475f4926fd2b5fc844b96899c0
Requested by
Host: 0dayfans.com
URL: https://0dayfans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9e00:4:4c7d:87c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2a8876047284ad49502caa5014e8d95470d8481230a0e3701ae04e2e73a37d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dayfans.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
6EjQ3tmJtuKns_ysXaTuszaqjdR7kj5e
date
Fri, 25 Nov 2022 08:38:00 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
223
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
35468
last-modified
Wed, 07 Sep 2022 11:04:43 GMT
server
AmazonS3
etag
"f037139350ae9a5f75c8849fdef01ee4"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
tw0YzrUzJ8VBPrXduUhpyBtQtu_r1bB5HY0NZWGdVqZShELMVnvRgA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssd-disclosure.com
URL
https://ssd-disclosure.com/wp-content/uploads/2020/01/OnlytheD-icon.png
Domain
portswigger.net
URL
https://portswigger.net/content/images/logos/favicon.ico

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
portswigger.net/ Name: AWSALBTGCORS
Value: AvNhO9Csj1APZ+v3LcG48tewOMNUrQMj2ZAHS2dlbf62IRm8EuD1EEHDUt4h4tVp9FRXTUFvWO8uZrBW1EOlWGX99q9PI0GJbzX3z5jqUzFndJZ+Lt0J7tqdzcE2pmSlMUE1ANw/oc2UV3m+IKSP01+1p1B5jnqieTPcqRz3DHQ1
portswigger.net/ Name: AWSALBAPP-0
Value: _remove_
portswigger.net/ Name: AWSALBAPP-1
Value: _remove_
portswigger.net/ Name: AWSALBAPP-2
Value: _remove_
portswigger.net/ Name: AWSALBAPP-3
Value: _remove_

2 Console Messages

Source Level URL
Text
network error URL: https://www.synacktiv.com/en/publications/sites/default/files/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://portswigger.net/content/images/logos/favicon.ico
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameSite

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0dayfans.com
blog.doyensec.com
bugs.chromium.org
bugs.xdavidhu.me
github.blog
googleprojectzero.blogspot.com
i0.wp.com
images.squarespace-cdn.com
labs.detectify.com
portswigger.net
profile-photos.hackerone-user-content.com
research.nccgroup.com
ssd-disclosure.com
static1.squarespace.com
talosintelligence.com
windows-internals.com
www.mdsec.co.uk
www.praetorian.com
www.synacktiv.com
portswigger.net
ssd-disclosure.com
104.196.191.243
104.26.2.136
146.148.61.165
151.101.128.238
151.101.64.238
163.172.4.236
173.236.166.1
192.0.66.2
192.0.77.2
192.0.78.173
2600:9000:2057:9e00:4:4c7d:87c0:93a1
2606:4700::6812:c73a
2606:50c0:8000::153
2607:f1c0:100f:f000::2a4
2a00:1450:4001:810::2001
2a00:1450:4001:812::2013
34.210.62.107
03d28202901a9e1c6f27223be022ad31abe40f31a7d75f92cd36895ec9d1b60f
06ffa99303d271bb3187ff293354c9cf034c36f22379fbbc340ce30ea834eed6
38041addf6bbaa7665d467f7279f3b2c63de23b3b8a946f07cd015b830c71d75
47bcb7a4d0be49ce96455854bea56dd5210afdce191fe39ec34d336ba123c848
49c9b25776778ff43873cf5ebde2e1ffcd0747ad1042ac5a5306cdde3ffca8cd
4a39554cff17ec3237e6ab6b1f5c31a5ffc6f7e3e7575bf63072b362017b5068
4a479ba20ba3647d60c6ce046c80c9705946caf1133293f5f60a4f96a83c5803
505437de08596140f1ad6c3e0a3ac7bd19e0b887396541fce1810d7d3f9b12d8
506d0182002b5c2a4dd6c3306626b9134c73e10af4397e240a85c0f7d09cf167
563b4ae747fb654828723bae95da3166853853ddfa3e3c87c31c2bc395d5dcd6
67ee77f8efc0ddea41e621b7cc5814dafe61ba830ccf7316a63074060e814e4d
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
77760f63b467020b2e8c3cf855b21939850b7515c1060a75251de84f98b71ed4
9254db01e89612f04becdc148d1688da8c8ac3bd21ce6193b9d72e88ffd99352
933e00aca47ad3993c20b274cee9437ca33e74bba568114ded7413e905505195
95962718cdbe012aa14ede782b5821b8534f10df16982c71e367e71728d1e41d
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
ac6d95f5da44533789a4f4f01a3321ef26c9303c21b446d6ce83b0434b0eefbe
b2a8876047284ad49502caa5014e8d95470d8481230a0e3701ae04e2e73a37d3
b3a20c201413f111c80db3557b390c53647440cb08e77f11bb6dc7b4da46d232
b3e83faeaebc9034cd9a31b47bf067a364d543f12ae387e07e541361d2e0d30a
bff1cb1d1daec3f1ab8ba6064305c46856cbfd5fae27ddde765407f0e3d568c6
d26a90e6a0f0bca579c50d8a55423f6ccb64cfe9a1777342f1abc05371dc2a04
d5c273801890ac84e2bd94f6abb1d159b21a01f2277de29280c2fc5d50115d10
de156162d0cc6c5fd78d157aa1368bfc810770d00175c6f47f0b5cf640f2bd96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d893694a1014649b173c43e04387439566f6f477fa3040e0b103ff18283bba
ecec6215d897ff15df010bc611851cac22229eef36114299d6b9274ebff49099
ed3f64e42bd5105f8e2ca81152c9eaf53ce5cdb92405f8ce455d3b2901472725
f43a114b7e6b28c023618c866621c6919785bddd802aa9170d2b5f2df66da6e0
ffdfc37a81a587b41d74cefc90d4e6dbbf91a58c4f25354aeefffbfa706ea7d1