gbhackers.com Open in urlscan Pro
172.67.165.236 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
Submission: On April 05 via manual (April 5th 2024, 9:32:44 am UTC) from IT — Scanned from IT

Summary HTTP 159 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 8 domains to perform 159 HTTP transactions. The main IP is 172.67.165.236, located in United States and belongs to CLOUDFLARENET, US. The main domain is gbhackers.com. The Cisco Umbrella rank of the primary domain is 454332.
TLS certificate: Issued by E1 on March 2nd 2024. Valid for: 3 months.

This is the only time gbhackers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3030::6815:22df	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 45	172.67.165.236 172.67.165.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
37	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
7	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
42	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
1	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
159	15

1 2606:4700:3030::6815:22df (United States)

ASN13335 (CLOUDFLARENET, US)

gbhackers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 172.67.165.236 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

gbhackers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 11322	16 MB
46	gbhackers.com 3 redirects gbhackers.com — Cisco Umbrella Rank: 454332 staging.gbhackers.com Failed	873 KB
17	gstatic.com fonts.gstatic.com	470 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	11 KB
3	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 664	121 KB
3	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3579 www.linkedin.com — Cisco Umbrella Rank: 581	163 KB
3	wp.com stats.wp.com — Cisco Umbrella Rank: 2852 pixel.wp.com — Cisco Umbrella Rank: 2813	6 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115	189 KB
159	8

	Domain	Requested by
79	blogger.googleusercontent.com	gbhackers.com
46	gbhackers.com	3 redirects gbhackers.com
17	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	client gbhackers.com
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
2	www.linkedin.com	platform.linkedin.com
2	pagead2.googlesyndication.com	gbhackers.com pagead2.googlesyndication.com
2	stats.wp.com	gbhackers.com
1	pixel.wp.com
1	platform.linkedin.com	gbhackers.com
0	staging.gbhackers.com Failed	gbhackers.com
159	11

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.indusface.com
news.google.com
cybersecuritynews.com
trustifi.com
asec.ahnlab.com
go.cynet.com

Subject Issuer	Validity	Valid
gbhackers.com E1	`2024-03-02` - `2024-05-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2023-07-11` - `2024-07-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
Frame ID: 95EB69956A88034F0156B0EBC8E54B38
Requests: 168 HTTP requests in this frame

Frame: https://gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 85D8A4CBBA534F11A27B9D5A4EE0781C
Requests: 3 HTTP requests in this frame

Frame: https://gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 02DFEC033ECC2C81CBC8A044465C969A
Requests: 4 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=26628263&counter=bottom&xdOrigin=https%3A%2F%2Fgbhackers.com&xdChannel=440626ea-5476-426c-8ee8-b2a60280b1a7&xd_origin_host=https%3A%2F%2Fgbhackers.com
Frame ID: 8190B70B470E87B06A87A1D65ACC9EBC
Requests: 1 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=26628263&counter=bottom&xdOrigin=https%3A%2F%2Fgbhackers.com&xdChannel=440626ea-5476-426c-8ee8-b2a60280b1a7&xd_origin_host=https%3A%2F%2Fgbhackers.com
Frame ID: 4AC1033217E3DB3A22B52D09D3C2F5AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Urgent Security Alert! Hackers Hijacked Notepad++ Plugin

Page URL History Show full URLs

https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Page URL
https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

159
Requests

96 %
HTTPS

50 %
IPv6

8
Domains

11
Subdomains

15
IPs

2
Countries

18095 kB
Transfer

23207 kB
Size

8
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/gbhackers/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/gbhackers_news
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.indusface.com/web-application-firewall.php?utm_source=gbhackers-top-banner&utm_medium=ppc&utm_campaign=managed-waf-usd-99
Title: <img width="728" height="90" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz4CD0Q4OzZn9OQtPUWOL5oAOyAPjFJuf_7OAdaq_SucoQ23W6lBaEC3598TNQKcf4kTuaR9jowkE1EQnnDuxwQ9KqvLEZc2u185ER9y9F_SuFiKTNHsA-A4l-w8pTXMGEckxmYgdKMyaqPTvOHbRbO7Kk2F5O6bQNv8FqTDXZyTrIU6h1JJc-7f48NVOL/s16000/Managed%20WAF%20-%20728x90.png">

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqKAgKIiJDQklTRXdnTWFnOEtEV2RpYUdGamEyVnljeTVqYjIwb0FBUAE?hl=en-IN&gl=IN&ceid=IN%3Aen
Title: <img width="100" height="50" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig8zaHB0FTKlmRZVt0d5XaaccsF_jbtXdlbA5eo4Zti-zsRfW-3tpEeHVNnKh7TYK4jMNNUQ-dQgOpQYc4uKme2BwCAGN8yIYKpiafBaLILOZevcg3U2jxj4A6zUfRU4unv2GmfgqVbUYfR7ejrmWkn6q999akECnuVZ5dt81r-y8ZTLwd9io5zH3koNTA/s1600/Google%20news%20%20blue.png">

Search URL Search Domain Scan URL

URL: https://cybersecuritynews.com/multiple-notepad-flaw/
Title: Notepad++

Search URL Search Domain Scan URL

URL: https://trustifi.com/request-a-demo/?utm_source=cybersecuritynews&utm_medium=Banner&utm_campaign=CyberSecuritynews&utm_id=cybersecuritynewshttps://trustifi.com/request-a-demo/?utm_source=cybersecuritynews&utm_medium=Banner&utm_campaign=CyberSecuritynews&utm_id=cybersecuritynews
Title: Run Free Threat Scan

Search URL Search Domain Scan URL

URL: https://asec.ahnlab.com/ko/63738/
Title: revealed

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cybersecurity-news/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/The_Cyber_News
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.indusface.com/web-application-firewall.php?utm_source=gbhackers-banner&utm_medium=ppc&utm_campaign=managed-waf-usd-99
Title: Managed WAF Protection

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/gurubaran-cyberwrites/

Search URL Search Domain Scan URL

URL: https://go.cynet.com/top-3-sme-attack-vectors
Title: Book Your Spot

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Page URL
https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Request Chain 84

https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Request Chain 89

https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

159 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ 534 KB
65 KB 355ms
300ms Document
text/html 2606:4700:3030::6815:22df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:22df , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

044b9004e46220784d44a6895d065bbb35c6d2670f78864028f5772d36a435d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: it-IT,it;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86f888274fd2ba83-MXP
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Fri, 05 Apr 2024 09:32:36 GMT
link: <https://gbhackers.com/wp-json/>; rel="https://api.w.org/" <https://gbhackers.com/wp-json/wp/v2/posts/86968>; rel="alternate"; type="application/json" <https://gbhackers.com/?p=86968>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XzpCRtOgye%2Bzg%2FnAfLa7tj2BIzz%2B7rDFacrPs6FWdqv5Z9hwcyzndO2TEngI77Yj7WVXMNnR9SjR%2FoELqRODstsCiDZjhKUif2OmgGZZfTVr1Vt1CNkEhWgn%2FU%2Bkrh%2B2IsVDWhBrSMnfqGr%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-pingback: https://gbhackers.com/xmlrpc.php
x-turbo-charged-by: LiteSpeed

GET
H3 200 06a84a3aa84af4816e2e1651093f1846.css
gbhackers.com/wp-content/litespeed/css/ 1 MB
142 KB 65ms
64ms Stylesheet
text/css 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/06a84a3aa84af4816e2e1651093f1846.css?ver=43da6

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

475e323ad43e724edb8dc1e858f32be570f2d5a512258c946b1e77cb3e229bca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:36 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6714
cf-polished: origSize=1121157
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 05 Apr 2024 07:40:04 GMT
server: cloudflare
etag: W/"111b85-660faad4-375df5554d363101;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ArbJUjKFZnyUqf0iV%2FwZ4W7E6R00jZD1JpdHbzdtaKAa42rym8xD%2F8AmZ8e6Fq3S23Vj6u0zXxcF4fE1fMNIuElLC2ebr6D0JtpXGLQLXY6SK%2FMReu3sqOLWGFLNEEa"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f88829499e2a63-CDG
expires: Sat, 05 Apr 2025 13:40:42 GMT

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98a9871b1d3a0a44ad7e7de96d6af7a365c9c86f7524358189169ba2724ed6a4

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d49a8f03d0407fedabe49d6db487ad62e4d387c595bcf2a88b623de11fa0e1

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adb65669c9ada12a5c7a102979d8bf26cb39baeb296e836bc06ea6f0c8ed4f4f

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css2
fonts.googleapis.com/ 781 B
459 B 99ms
34ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 09:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 08:20:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 09:32:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 97ms
33ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fdafe9fde8079e642543015edef9f6d7280f857b2e85a1d44c70814e9dc4239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 09:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 09:32:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 09:32:36 GMT

GET
H3 200 rocket-loader.min.js Show response
gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 76ms
75ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fd6d96-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnAOXMp5UsRhpgN7WpVuq1NBiqqB6NxnYO3rskOTVTknhSsomum4eU%2BUYU%2FX%2FWu%2Bu258qecj0pKPrM%2BuHqVfRCNuEmrryFwdaoT9DWl4hMQLcHb%2FZoX8imaIL%2FaEn3d9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86f8882a1b4b2a63-CDG
expires: Sun, 07 Apr 2024 09:32:36 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5542c4510ca401b310518148c408ba1c52a97e35ac3a0dde456230b6894a6ed

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f5051a07adfe84961a249a56d110337dc4eb55ea2658717428ce56568040ef4

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 email-decode.min.js Show response
gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 73ms
73ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fd6d96-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxF6sn9T2qaNFkiUMngewXB%2FD6cbzWQyy%2BDC12T%2Fld31Buva2Vs6MQbTDb0BsOfthdpAooUTuUe8M98hms82EtzsqPzLTAdt8Bq35gRFomGmbzeJc7NEsvgmELRyadJ9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86f8882a2b5a2a63-CDG
expires: Sun, 07 Apr 2024 09:32:36 GMT

GET 2020072771408f81-31a7-403e-59dd-d687f193fc7d.jpg
staging.gbhackers.com/wp-content/uploads/2023/08/ 0
0

GET
H3 200 newspaper.woff
gbhackers.com/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 57ms
57ms Font
font/woff 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?221

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-content/litespeed/css/06a84a3aa84af4816e2e1651093f1846.css?ver=43da6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/wp-content/litespeed/css/06a84a3aa84af4816e2e1651093f1846.css?ver=43da6
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:36 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2127244
alt-svc: h3=":443"; ma=86400
content-length: 33488
last-modified: Fri, 11 Aug 2023 11:01:29 GMT
server: cloudflare
etag: "82d0-64d61509-93ce23cc59205ee5;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sbhOOTlzGnxyKJAjxVXeLQ2BvfqlQQqjETsC7xzJCyGHLbdZd9Apl2OsInjYTyE0232EUPYyWrV48ztkEmS8PifHhHxwIIerjtiuyj5AiB%2FsPwPK6PuJd%2BkN%2B3GNKSBY"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86f8882adc382a63-CDG
expires: Wed, 12 Mar 2025 00:38:31 GMT

GET
H3 200 fontawesome-webfont.woff2
gbhackers.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 75 KB
76 KB 55ms
55ms Font
font/woff2 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-content/litespeed/css/06a84a3aa84af4816e2e1651093f1846.css?ver=43da6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/wp-content/litespeed/css/06a84a3aa84af4816e2e1651093f1846.css?ver=43da6
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:36 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2124829
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Fri, 11 Aug 2023 11:01:47 GMT
server: cloudflare
etag: "12d68-64d6151b-8994aa5bb479bd34;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GM6q8pW5QI%2FvIoSHyQs%2FldfXLL5DuonTZu0lO2eUhhjuVbNYjggQpnZiCs%2FdzTvaBSUMdMbvfYG897ZWUy6yR5Qx26kDJC70QhqabZ71o%2BH829hig8RXMmjGhD9LRe7"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86f8882adc3a2a63-CDG
expires: Wed, 12 Mar 2025 01:18:47 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 98ms
28ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 07:42:03 GMT
x-content-type-options: nosniff
age: 525034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Mar 2025 07:42:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 88ms
31ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 04:10:19 GMT
x-content-type-options: nosniff
age: 278538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Apr 2025 04:10:19 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b737bbcb918222a6ed12201a36fb3770107c3b7f24e939ecced9088d12709e31

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b1748d8cea8b7f3eeace07cef59dfb618e116d46b2a1bd8cdab1bdbcf716590

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37552f69514fecd835ff9c729be34b76f064fd722ce5bdeea316015fde5ac027

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 e-202414.js Show response
stats.wp.com/ 7 KB
3 KB 54ms
15ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202414.js
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-minify-cache: hit
x-nc: HIT mxp
date: Fri, 05 Apr 2024 09:32:37 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356565.5398
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Mar 2025 08:42:57 GMT

GET
H3 200 instant_click.min.js Show response
gbhackers.com/wp-content/plugins/litespeed-cache/assets/js/ 4 KB
2 KB 59ms
59ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=6.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 1670841
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 17 Mar 2024 01:20:47 GMT
server: cloudflare
etag: W/"e63-65f6456f-f9e733c39fd6855e;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FhIYHuugpjk9Vjp4%2F7U4aKmXlNs1RhK1cwaJf5smEqyDtHGoGJYmr1x7dA4q9LWCcGcBCa4f1C6TQ1iDv2ZjmitXAh7DnIigzvE0nWPACwW3D%2BZEx9EvGcgN4IG1dhmQ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f8882c5e032a63-CDG
expires: Mon, 17 Mar 2025 07:25:16 GMT

GET
H3

200

main.js Show response
gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 85D8
Redirect Chain

https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

8 KB
4 KB

58ms
58ms

Script
application/javascript

172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Protocol

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56ace8c687c483fb59812152c9e50034deb2d1ecf740a3c9c0382755602db0b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JrOZsBDgxJ3sN%2FRPZ%2F21%2FQsIurvZto4LUeeAJj2m4OfI8xBGQlptOSB1KRC2Sn2iD6DUO3MP25LXmNeufW%2FhxOknQmuuBwfLb%2Bn357ZrjBwwXVJrNBztUrjqu%2FNKv7TH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86f8882cbe762a63-CDG
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 05 Apr 2024 09:32:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kVj2mJfJFr4V8wYRMp6w8DjOhaPd9aJoGAqtZLstX%2BO30MLp%2FBG8xgX42YKMB7SDniRcoPf7O2lw4IXxGdOG8v2LB6gnzu3vtIpWC7i5mCG80OikLss5so1AIL4jmwzx"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 86f8882c5e062a63-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 guest.vary.php
gbhackers.com/wp-content/plugins/litespeed-cache/ 16 B
669 B 202ms
202ms Fetch
text/html 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/litespeed-cache/guest.vary.php

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-litespeed-cache-control: no-cache
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SlaqWEaLeaTfJbdU11WWuIqmfmv08f3RR%2BAykO2oWgJhJY0SZ3Yzi19YfznZqISh7Qaj9zEzx%2B102Ao7PBsMQAvXKmVGxvPqs5K9cVgeFXURqPdrovDOiTLO5CA43p5i"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 86f8882c6e0d2a63-CDG

GET
H3 200 GBH-Logok.jpeg
gbhackers.com/wp-content/uploads/2023/10/ 2 KB
3 KB 57ms
57ms Other
image/jpeg 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/uploads/2023/10/GBH-Logok.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcbde902aeee47576a8c295bd6fe410dbf7d0c528c811d5d45cb681ce4948620

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2135571
alt-svc: h3=":443"; ma=86400
content-length: 2470
last-modified: Sun, 15 Oct 2023 04:31:09 GMT
server: cloudflare
etag: "9a6-652b6b0d-9da0749efacedf20;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBa8LDk9TJ1xyB7YMX9njKUrxHA4M1AOC%2B%2FYWa4zuAGivDT7optXMYToryepS7Al4D7qY8s3r33KKMSiAevvzMHG2kFSkI3VgikifB6NjxEd1ZhVExe9dKeMtGvNvR0n"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86f8882c8e2c2a63-CDG
expires: Tue, 11 Mar 2025 22:19:46 GMT

GET
H3 200 GBHackers-On-Security-272-x-90-px-322-x-50-px-422-x-50-px.png
gbhackers.com/wp-content/uploads/2023/08/ 10 KB
11 KB 69ms
68ms Image
image/png 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbhackers.com/wp-content/uploads/2023/08/GBHackers-On-Security-272-x-90-px-322-x-50-px-422-x-50-px.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc4360c0a29af7e975e2ad9dc76f951e49628535a6de8003b5675d428e353c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2126946
alt-svc: h3=":443"; ma=86400
content-length: 10504
last-modified: Sat, 16 Sep 2023 05:39:29 GMT
server: cloudflare
etag: "2908-65053f91-b289ce6b35e4e18e;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mFWnUKIsPlaR0CkTqfCSZ8LUAddwheNCJzMdz7Wxvi%2BnKFDO3qL6GH5h2IlGmdRyuOdmr3r19wZfChbE8N9WvPiuCDEa6CO%2BhOTFTX%2BMcPxYbFMjGOt9p%2BM5LKwl1bUR"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86f8882ceea02a63-CDG
expires: Wed, 12 Mar 2025 00:43:31 GMT

GET
H2 200 Managed%20WAF%20-%20728x90.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz4CD0Q4OzZn9OQtPUWOL5oAOyAPjFJuf_7OAdaq_SucoQ23W6lBaEC3598TNQKcf4kTuaR9jowkE1EQnnDuxwQ9KqvLEZc2u185ER9y9F_SuFiKTNHsA-A4l-w8pTXMGEckxmYgdKMyaqPTvO... 21 KB
22 KB 282ms
174ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz4CD0Q4OzZn9OQtPUWOL5oAOyAPjFJuf_7OAdaq_SucoQ23W6lBaEC3598TNQKcf4kTuaR9jowkE1EQnnDuxwQ9KqvLEZc2u185ER9y9F_SuFiKTNHsA-A4l-w8pTXMGEckxmYgdKMyaqPTvOHbRbO7Kk2F5O6bQNv8FqTDXZyTrIU6h1JJc-7f48NVOL/s16000/Managed%20WAF%20-%20728x90.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v5de7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Managed WAF - 728x90.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21973
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:37 GMT

GET
H2 200 Google%20news%20%20blue.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig8zaHB0FTKlmRZVt0d5XaaccsF_jbtXdlbA5eo4Zti-zsRfW-3tpEeHVNnKh7TYK4jMNNUQ-dQgOpQYc4uKme2BwCAGN8yIYKpiafBaLILOZevcg3U2jxj4A6zUfRU4unv2GmfgqVbUYfR7ej... 4 KB
4 KB 299ms
192ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig8zaHB0FTKlmRZVt0d5XaaccsF_jbtXdlbA5eo4Zti-zsRfW-3tpEeHVNnKh7TYK4jMNNUQ-dQgOpQYc4uKme2BwCAGN8yIYKpiafBaLILOZevcg3U2jxj4A6zUfRU4unv2GmfgqVbUYfR7ejrmWkn6q999akECnuVZ5dt81r-y8ZTLwd9io5zH3koNTA/s1600/Google%20news%20%20blue.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v5abc"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Google news blue.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3620
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:37 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEho_gsNlijzqZxwRKEc5IHKMZa9WruDNsmZCrFJQd3lKsJ_f2P2t1eJh2rAlOziFvl0iaBPjj0kZTqo2Dtqi8Fgsh7sfRaCjM_DXimCK57JPLREzksyUZy_JX9pJr6LytdOG_9VEN52eYIqZ4UK... 211 KB
0 372ms
265ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEho_gsNlijzqZxwRKEc5IHKMZa9WruDNsmZCrFJQd3lKsJ_f2P2t1eJh2rAlOziFvl0iaBPjj0kZTqo2Dtqi8Fgsh7sfRaCjM_DXimCK57JPLREzksyUZy_JX9pJr6LytdOG_9VEN52eYIqZ4UKQWCK_WIBxNwAIEyNcbqsMuUIiZuirfl4_GrkxT3DDx5A/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v6136"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers Hijacked Notepad++ Plugin.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580553
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:37 GMT

GET
H2 200 notepad++%20comparison.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNTnLIvU1afvogqugB1LOO24xDgIUGZtx1rVe3U-BIUxsdRlDHIPrcP2-TyAULIXywHgy_-D5Jwt40Rj7A8Yaw3he3iu4xH86EVwY4ldPnGo6p_21Fq8NrFA6d2-wj9idO08TBum3mB7Z3004r... 255 KB
0 332ms
226ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNTnLIvU1afvogqugB1LOO24xDgIUGZtx1rVe3U-BIUxsdRlDHIPrcP2-TyAULIXywHgy_-D5Jwt40Rj7A8Yaw3he3iu4xH86EVwY4ldPnGo6p_21Fq8NrFA6d2-wj9idO08TBum3mB7Z3004rZAOKMRJEjlS4lXF1wfxrzBd2K3AoHpQUo6prC-zosT12/s16000/notepad++%20comparison.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v612e"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="notepad++ comparison.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 607790
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:37 GMT

GET
H2 200 gbhackers-waf-banner-300x600.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggxrET8rL53qWvxNg0ojgbDwhKZUmlLqGRzzfXePO67o4NYLh0rAXrh94aQcN0k8EB1cge5SlSrZ42GgQgjwsxqYAEkfzyYPTOtaQzOjdx4grNJfxFnnp7ei-h6DN35p1Jx3I6LKIO33fXMa31... 173 KB
173 KB 304ms
198ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggxrET8rL53qWvxNg0ojgbDwhKZUmlLqGRzzfXePO67o4NYLh0rAXrh94aQcN0k8EB1cge5SlSrZ42GgQgjwsxqYAEkfzyYPTOtaQzOjdx4grNJfxFnnp7ei-h6DN35p1Jx3I6LKIO33fXMa31b1WDSmqshyN3cEpkEprhl3kNt-zagtkffvumEVFf4tkD/s16000/gbhackers-waf-banner-300x600.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v58cb"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gbhackers-waf-banner-300x600.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176872
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:37 GMT

POST
H3 200 86f888274fd2ba83
gbhackers.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 85D8 0
582 B 69ms
66ms XHR
text/plain 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/cdn-cgi/challenge-platform/h/b/jsd/r/86f888274fd2ba83
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=blR1t8IPJzgm6jRw0mioAq4uf9ofHLy%2FnfWbKK3zLZpRSQwgYMNkCLI%2Bl98o7Of%2B1%2BN849OYDFhbXp9SYbBmUAFpklGvj8OlGT2d5EwmRTkgd2mHJk36KR3DZzEgUF5d"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86f8882d7f062a63-CDG
alt-svc: h3=":443"; ma=86400

POST
H3 200 86f888274fd2ba83
gbhackers.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 85D8 0
579 B 64ms
61ms XHR
text/plain 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/cdn-cgi/challenge-platform/h/b/jsd/r/86f888274fd2ba83
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nhr39BFG1B8Tp5ixrBmfMl0C2Kc8GtboUGnqQ%2BsQM5xWntZbQW%2FYHwcP0%2B5Wn3lPEX18YqwUPNpOuReypj3REnbAIPTWPnXpOWvOG3KM7fTbrEfKt5ibN95rtMqoh9lt"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86f8882dcf7a2a63-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request / Show response
gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ 541 KB
66 KB 295ms
294ms Document
text/html 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6a516cf3cb5a08c5e453a990e1b850b1973935e6cf161643c51fb0a16a68fc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: it-IT,it;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86f8882ddf802a63-CDG
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Fri, 05 Apr 2024 09:32:37 GMT
link: <https://gbhackers.com/wp-json/>; rel="https://api.w.org/" <https://gbhackers.com/wp-json/wp/v2/posts/86968>; rel="alternate"; type="application/json" <https://gbhackers.com/?p=86968>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dMgww64Jv%2FaodWa6LTYpHm1zQlkgTfoj09J80zxfQINx08rlplb4O8LreUxXpgNIUgM%2BdJgi7NYA61ZNtEO7aNT5H9wIXOPWFXprg7POYCMpbOUtKP0Gsvh8m7Gsk4hc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-pingback: https://gbhackers.com/xmlrpc.php
x-turbo-charged-by: LiteSpeed

GET
H3 200 b07551821deafed18860688967539e97.css
gbhackers.com/wp-content/litespeed/css/ 111 KB
15 KB 67ms
66ms Stylesheet
text/css 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/b07551821deafed18860688967539e97.css?ver=d9820

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68b050b8c4f4888f7d333857203194247a00771e29743c2754397f8f40453303

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189565
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 03 Apr 2024 04:53:10 GMT
server: cloudflare
etag: W/"1b9de-660ce0b6-386f6b93a09c5fd4;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UdGWHKRCFYUx57fV%2B0P36OpqCBr%2BAk2ilonKADWFD9pRAR3Jzhj1eeZtyxfdN1DMOR8bgTur3YSyeLBfl5JoRKobhOJnx0z9u46vjw%2BqkaUaInoILE6DH33md3BdoH97"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f8882fb9892a63-CDG
expires: Thu, 03 Apr 2025 10:53:12 GMT

GET
H3 200 7a094d7f8e2c386f14fee69e7794002b.css
gbhackers.com/wp-content/litespeed/css/ 11 KB
3 KB 62ms
61ms Stylesheet
text/css 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/7a094d7f8e2c386f14fee69e7794002b.css?ver=6a393

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2129951
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 17:52:03 GMT
server: cloudflare
etag: W/"2c47-65ef44c3-3ccbc9909ffa9aec;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YLJKG5QCSjdpBGNlPmrRdfxR949gb1RX1CMX0Dx5VD95AV4vMrKeEcrAVgERl1DdI3WgZdVE6vWP8m8aW6RLM8C%2FfprlY0w7QJgN8TPmxaQkiQeO3caVZE21XltVD7Te"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f8882fb98d2a63-CDG
expires: Tue, 11 Mar 2025 23:53:26 GMT

GET
H3 200 3bf9892e971db026ebc7f0a5a5050d05.css
gbhackers.com/wp-content/litespeed/css/ 4 KB
2 KB 62ms
61ms Stylesheet
text/css 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/3bf9892e971db026ebc7f0a5a5050d05.css?ver=119c6

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189565
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 03 Apr 2024 04:53:10 GMT
server: cloudflare
etag: W/"105a-660ce0b6-dd84b3439ce4b428;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oVoWWBPRbnierEV43mWV%2FpOc90PeJ8dEZyzQid0WhC0oKESB5GWIWnxZFVZodbhqChGU532WF%2FiagKnqJ3MSKS9yIX125ZFAW5IPASWfjO0vNGpn%2F3V3GfygoQGMh%2BRy"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f8882fb98f2a63-CDG
expires: Thu, 03 Apr 2025 10:53:12 GMT

GET
H3 200 b76acefd1f0a6b0d32407291bad2eeac.css
gbhackers.com/wp-content/litespeed/css/ 5 KB
2 KB 64ms
62ms Stylesheet
text/css 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/b76acefd1f0a6b0d32407291bad2eeac.css?ver=82142

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fda5ff8910b86411087b7c4c614e66b41eea77a892c9e816840f46c5fb8e9d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2129951
cf-polished: origSize=5456
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 17:52:03 GMT
server: cloudflare
etag: W/"1550-65ef44c3-b488e93676b412f9;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MT%2BvYi2%2B7o%2F0mQbM2Bo0fxwYYJt95xyPbKvgoxXcvfUctAd3cP23Cpr6esuv2nkPOtgKbP7GsguloQMwk%2FTBhjGm4nP1SrcHMWMsI%2BOpAcreDhHUbZtb7hpTHTr2bi3h"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f8882fb9932a63-CDG
expires: Tue, 11 Mar 2025 23:53:26 GMT

GET
H3 200 c31f820e1c0ed5aeebb8bb3728e10ace.css
gbhackers.com/wp-content/litespeed/css/ 34 KB
5 KB 64ms
63ms Stylesheet
text/css 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/c31f820e1c0ed5aeebb8bb3728e10ace.css?ver=3b17e

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73f5ed5132b2f16e83906cdafeb4b12d5d047e7474527c9020df0312df6ba816

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2135571
cf-polished: origSize=35311
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 16:19:35 GMT
server: cloudflare
etag: W/"89ef-65ef2f17-46de7bce81708307;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lNnw5vTaxfX4jd%2F173uskKV29mJsc%2Fioe2P91GQMiAsem1isBEWStvuDN5T0iamaKDEi%2BrgGAqgzrmKjb%2FfA2NLgYX7QjxGIkwKmM8t86jXU5HfMjIoBkStI20m94w2%2F"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f8882fb9942a63-CDG
expires: Tue, 11 Mar 2025 22:19:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 41 KB
3 KB 37ms
35ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPoppins%3A500%2C600%2C700%2C400%7CNiramit%3A500%2C400%7CRubik%3A500%2C400%7CRed+Hat+Display%3A400%7CSpace+Grotesk%3A700%2C400%7CMontserrat%3A700%2C400&display=swap&ver=12.5.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e31bf40318fce87f5b8a8999365af943e10bc5bd4be28a822fc5bc35df475c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 09:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 09:32:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 09:32:37 GMT

GET
H3 200 c6a1c558f9599505e674dc121522b8d2.css
gbhackers.com/wp-content/litespeed/css/ 35 KB
7 KB 74ms
73ms Stylesheet
text/css 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/c6a1c558f9599505e674dc121522b8d2.css?ver=a567c

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb978b753755834b23783cb48a512f099cee571a35418efdac64ed162049617d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 765988
cf-polished: origSize=35637
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Mar 2024 12:46:07 GMT
server: cloudflare
etag: W/"8b35-6604150f-63f22a6a782e8e8b;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K7%2Fpi1wr95dpKTXOqFdkd8KkeECcuTB7lzPmmB6W2Jk6ZxdVdbPwa02XBSLlfT4vsrwCDthqsVSDtRCRgBQoTnt1sBtsid3z21eMdi%2BVKqCTW2SIBfkc3Hr8kWpWKk9Q"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f8882fb9962a63-CDG
expires: Thu, 27 Mar 2025 18:46:09 GMT

GET
H3 200 3634cf0217589f9ac478a28ad0aa8ec4.css
gbhackers.com/wp-content/litespeed/css/ 107 KB
21 KB 67ms
66ms Stylesheet
text/css 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/3634cf0217589f9ac478a28ad0aa8ec4.css?ver=c045b

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4a37cd111f96d393d31dcba0f281b16903bf1a7b7c916aab33a5bdd198ae890

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2127242
cf-polished: origSize=109713
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 18:38:22 GMT
server: cloudflare
etag: W/"1ac91-65ef4f9e-c6b7dddf43e1e421;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oR3a0rtWARM%2BAa9RmQ%2F0%2FfyDOTJjx1foexqLzCQQy%2F9jA9c9i4WxKOH8JU0vTFCDzvWfXWpa3LW%2FLKegq1K9y6FX28U56GXQ2bf8kE3TeWDYfjI%2FcK1jLi%2FKqFZcr6Kw"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f8882fb9982a63-CDG
expires: Wed, 12 Mar 2025 00:38:34 GMT

GET
H3 200 568c797d9a70722a4d648f956f12702e.css
gbhackers.com/wp-content/litespeed/css/ 133 KB
22 KB 66ms
65ms Stylesheet
text/css 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/568c797d9a70722a4d648f956f12702e.css?ver=d3a0a

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

046717d70366ca33bb3789d121ca3e84583e66c783b6dd879da77994cc77a16d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2135571
cf-polished: origSize=136923
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 16:19:35 GMT
server: cloudflare
etag: W/"216db-65ef2f17-3a62af7c2954106f;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cOZR%2FUFCDOs4D3Y253GNk6vdswliugbD4PkC%2F0%2Bx%2B%2FOZCxU%2Be5rfvqwo0ZGItx%2BwJ%2BE6Uk8enGH4vVp3dhZSo18b9aOz0LDybIbnYB8Tf8eO7tDffuFy6QOk1ObtakoO"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f8882fb9992a63-CDG
expires: Tue, 11 Mar 2025 22:19:46 GMT

GET
H3 200 2e97590493d4e9d98dbf42dad3a70813.css
gbhackers.com/wp-content/litespeed/css/ 514 KB
50 KB 75ms
75ms Stylesheet
text/css 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/2e97590493d4e9d98dbf42dad3a70813.css?ver=fcb5c

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fcf6fe53e66f96bcb2ea0880cd46f587d94cb50ce0eeae6782c27a406ad18b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2129951
cf-polished: origSize=527968
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 17:52:04 GMT
server: cloudflare
etag: W/"80e60-65ef44c4-748585707a0998e5;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cS9XCLPVfUuoisIA5tNhFTV1SdUmh4HHEo1CH5ptGkinRPjUiE%2FcgcOgIY9%2BgnFNtdtwoxvYKY51QTH5GbuLgc26HhsnPrGfin6U0jIZ68TbmVYxPILDUinK2i2My5nJ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f8882fb99a2a63-CDG
expires: Tue, 11 Mar 2025 23:53:26 GMT

GET
H3 200 d70781104619c8043391f015873e7343.css
gbhackers.com/wp-content/litespeed/css/ 41 KB
8 KB 68ms
67ms Stylesheet
text/css 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/d70781104619c8043391f015873e7343.css?ver=a7f45

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5a19169357b9ffe3b21c07af6a32d873741ae7b3f9755657d9b5cde2c3b145c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 765988
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Mar 2024 12:46:08 GMT
server: cloudflare
etag: W/"9fc9-66041510-45d18116543acaa0;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o5ttxIDW8FaPriX59mAyhVrVuMkDv44lDpaHAOExdwOAM%2FdfkNxiAqDWkOsZcYN56CdZLbB%2F34cfJUdTnuFadTXwNUG%2BLIs8bgdKPveRlQ%2BbcJxdVeSxadT84oMzphK%2B"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f8882fb99c2a63-CDG
expires: Thu, 27 Mar 2025 18:46:09 GMT

GET
H3 200 424c40e3a95ada4a10614e2f5bae8fbd.css
gbhackers.com/wp-content/litespeed/css/ 98 KB
19 KB 68ms
68ms Stylesheet
text/css 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/424c40e3a95ada4a10614e2f5bae8fbd.css?ver=ba3a6

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebeb638f6380a3fa66e608729ebc1c3465ca44015908222c0722e81502261cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2135571
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 16:19:35 GMT
server: cloudflare
etag: W/"188fd-65ef2f17-627ad9ec0dca6e5e;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Cz4lWunNqVnUCFiOvuiKa6uK72EPcbhXxZwjGHgUE1St6sCac3KXRiwtSdHvuA1%2FB%2FiO6wU6tXI3lWjrnZK8gIxSZxS6Y0Z9ix%2BVH6L9UQS4fMqw5Nn1fBiibf3XVEX"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f8882fb99f2a63-CDG
expires: Tue, 11 Mar 2025 22:19:46 GMT

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98a9871b1d3a0a44ad7e7de96d6af7a365c9c86f7524358189169ba2724ed6a4

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d49a8f03d0407fedabe49d6db487ad62e4d387c595bcf2a88b623de11fa0e1

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adb65669c9ada12a5c7a102979d8bf26cb39baeb296e836bc06ea6f0c8ed4f4f

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5542c4510ca401b310518148c408ba1c52a97e35ac3a0dde456230b6894a6ed

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css2
fonts.googleapis.com/ 781 B
386 B 36ms
36ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 09:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 07:36:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 09:32:37 GMT

GET
H3 200 css2
fonts.googleapis.com/ 3 KB
665 B 35ms
34ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

5fdafe9fde8079e642543015edef9f6d7280f857b2e85a1d44c70814e9dc4239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 09:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 09:32:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 09:32:37 GMT

GET
H3 200 rocket-loader.min.js Show response
gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 50ms
49ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fd6d96-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2BOSLb4Fpa3VQEq%2F0ndkIXgycKADLYbjPQO80cs5SYFeHztbmbkigFDgRlkXkFnNdswL%2F2fcUU5WKUJwGJldyuZeFgsCTbf%2BVgsqOkFyc4szv96PnnGiJZlF23OF9UI7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86f888308a6f2a63-CDG
expires: Sun, 07 Apr 2024 09:32:37 GMT

GET
H3 200 email-decode.min.js Show response
gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 51ms
50ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fd6d96-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64ll0R8i0J3TxvkE7pB%2Fc%2FqBRX5WhqpnhY2GqTZYLgOobo5%2FO0H94YM3A5mgc19iy53Sqwiy8c%2F2Ysv3wtJZJ2vG4fS8RPThtJLxS%2BHVpELFEPHvUGOSUzfcfUFU09Cp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86f888308a722a63-CDG
expires: Sun, 07 Apr 2024 09:32:37 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f5051a07adfe84961a249a56d110337dc4eb55ea2658717428ce56568040ef4

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET 2020072771408f81-31a7-403e-59dd-d687f193fc7d.jpg
staging.gbhackers.com/wp-content/uploads/2023/08/ 0
0

GET
H3 200 newspaper.woff
gbhackers.com/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 58ms
57ms Font
font/woff 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?221

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-content/litespeed/css/3634cf0217589f9ac478a28ad0aa8ec4.css?ver=c045b

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/wp-content/litespeed/css/3634cf0217589f9ac478a28ad0aa8ec4.css?ver=c045b
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2127245
alt-svc: h3=":443"; ma=86400
content-length: 33488
last-modified: Fri, 11 Aug 2023 11:01:29 GMT
server: cloudflare
etag: "82d0-64d61509-93ce23cc59205ee5;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1CXhmUFg4hKSYNDOuQACc4fdxG5fqe%2BRpOtAAs%2BqkX9YRbldj2SIWDY82M1AC%2BAOzT5VGOGFkI0jzRfHXYUnsGc3nzo6LlVBC4Pjxoae4n83yNF0I1yWfop1k7VsxJqG"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86f88830ba9e2a63-CDG
expires: Wed, 12 Mar 2025 00:38:31 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 66ms
64ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPoppins%3A500%2C600%2C700%2C400%7CNiramit%3A500%2C400%7CRubik%3A500%2C400%7CRed+Hat+Display%3A400%7CSpace+Grotesk%3A700%2C400%7CMontserrat%3A700%2C400&display=swap&ver=12.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 01:53:25 GMT
x-content-type-options: nosniff
age: 545952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Mar 2025 01:53:25 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 61ms
60ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 04:02:19 GMT
x-content-type-options: nosniff
age: 538218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Mar 2025 04:02:19 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 290504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Apr 2025 00:50:53 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 68ms
67ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 04:48:30 GMT
x-content-type-options: nosniff
age: 276247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Apr 2025 04:48:30 GMT

GET
H3 200 fontawesome-webfont.woff2
gbhackers.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 75 KB
76 KB 58ms
57ms Font
font/woff2 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-content/litespeed/css/c6a1c558f9599505e674dc121522b8d2.css?ver=a567c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/wp-content/litespeed/css/c6a1c558f9599505e674dc121522b8d2.css?ver=a567c
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:37 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2124830
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Fri, 11 Aug 2023 11:01:47 GMT
server: cloudflare
etag: "12d68-64d6151b-8994aa5bb479bd34;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66nM6TjwRewYVG7YezBYHHQYqLE1wgck0T5huGs3rXpFX8tPqlV0%2Fcvm6QNBiotHDjIONguuSXqGBn6Sc25ELBoChmkssY2yGy5P8CydhsEUJw%2B%2F8r%2BbDDLVHFg2pj%2F8"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86f88830baa22a63-CDG
expires: Wed, 12 Mar 2025 01:18:47 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:56:42 GMT
x-content-type-options: nosniff
age: 513355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Mar 2025 10:56:42 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 45ms
44ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 07:42:03 GMT
x-content-type-options: nosniff
age: 525034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Mar 2025 07:42:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 72ms
72ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 04:10:19 GMT
x-content-type-options: nosniff
age: 278538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Apr 2025 04:10:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 77ms
76ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 07:26:17 GMT
x-content-type-options: nosniff
age: 525980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Mar 2025 07:26:17 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b737bbcb918222a6ed12201a36fb3770107c3b7f24e939ecced9088d12709e31

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b1748d8cea8b7f3eeace07cef59dfb618e116d46b2a1bd8cdab1bdbcf716590

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37552f69514fecd835ff9c729be34b76f064fd722ce5bdeea316015fde5ac027

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 37ms
36ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 01:17:56 GMT
x-content-type-options: nosniff
age: 288882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Apr 2025 01:17:56 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 40ms
40ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 06:41:12 GMT
x-content-type-options: nosniff
age: 269486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Apr 2025 06:41:12 GMT

GET
H3 200 8vIf7wUr0m80wwYf0QCXZzYzUoTK8RZQvRd-D1NYbmyWQk8z-A.woff2
fonts.gstatic.com/s/redhatdisplay/v19/ 13 KB
13 KB 41ms
41ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redhatdisplay/v19/8vIf7wUr0m80wwYf0QCXZzYzUoTK8RZQvRd-D1NYbmyWQk8z-A.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

d32442891dcae36d8ca84ef307be3534ec1bb25f0b72a290446e50560a877692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 21:36:10 GMT
x-content-type-options: nosniff
age: 302188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12908
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:53:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Apr 2025 21:36:10 GMT

GET
H3 200 V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
fonts.gstatic.com/s/spacegrotesk/v16/ 22 KB
22 KB 30ms
29ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spacegrotesk/v16/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

7d707172ce856c4ce5413ba9adb35483106a2f1ad9b4fdd285f3b1540cb4f7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 16:11:32 GMT
x-content-type-options: nosniff
age: 494466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22284
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:44:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Mar 2025 16:11:32 GMT

GET
H3 200 948ee26f370f8f0ca7d5290060ea7d42.js Show response
gbhackers.com/wp-content/litespeed/js/ 201 KB
48 KB 69ms
68ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/js/948ee26f370f8f0ca7d5290060ea7d42.js?ver=09a31

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ea33bb1565c64b033be9f6e65ebeff13d03459f6d8d3fe0568cf14913b74bcd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2127243
cf-polished: origSize=206104
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 18:38:23 GMT
server: cloudflare
etag: W/"32518-65ef4f9f-d69f4e490c7eed84;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WVhfx4b35ZAe26PLAtKovTpmokY1OtMeMw8nOvEJcj4Oo3hF%2BTSA%2BxI2%2BQbjRcGqXyuJ39I1RrePq7UrCrgZfx5G0e5HcDuyM4spP8kGUd%2F%2BtnLXYFmsbYab8rDRxYdU"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f88831fbd42a63-CDG
expires: Wed, 12 Mar 2025 00:38:35 GMT

GET
H2 200 e-202414.js Show response
stats.wp.com/ 7 KB
3 KB 16ms
16ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202414.js
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-minify-cache: hit
x-nc: HIT mxp
date: Fri, 05 Apr 2024 09:32:38 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356565.5398
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Mar 2025 08:42:57 GMT

GET
H3 200 instant_click.min.js Show response
gbhackers.com/wp-content/plugins/litespeed-cache/assets/js/ 4 KB
2 KB 61ms
61ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=6.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 1670842
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 17 Mar 2024 01:20:47 GMT
server: cloudflare
etag: W/"e63-65f6456f-f9e733c39fd6855e;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sxxmo37qqzpceJ6yyxo1Lpl4g6O88Tb3m1TTfvU%2B%2FyEB%2FOrWtF4BPfRvwMyIoOgUKq1zRoIhemGiBmY8lpLjgwLWcmtYtFuAO%2FFahzh%2BY4zZYy5Ppjayn40lhpx6GA%2B%2B"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f888320bda2a63-CDG
expires: Mon, 17 Mar 2025 07:25:16 GMT

GET
H3 200 20fe1466ec961d6814f53fba3f79a3e2.js Show response
gbhackers.com/wp-content/litespeed/js/ 3 KB
2 KB 58ms
57ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/js/20fe1466ec961d6814f53fba3f79a3e2.js?ver=d646c

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84c0fa68ee2db40f022744b0df40c9642364978814babe80631ee14649c57a3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189565
cf-polished: origSize=2982
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 03 Apr 2024 04:53:11 GMT
server: cloudflare
etag: W/"ba6-660ce0b7-63f22a6a782e8e8b;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QzPeLE%2F4dBAxPpOHjY8xPgaaFs02GjcL%2BKC5a665rui7gPK9JPz9wZsGrfUhw02ppa%2FEHH66kyq3UW7CLoSCd69kZ47CSnduUKv7WhRyd1wUIbrlVt1Jk8kgjbCbj5IW"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f888320bdd2a63-CDG
expires: Thu, 03 Apr 2025 10:53:13 GMT

GET
H3 200 88abcef607d2b87dee895ff8396d0658.js Show response
gbhackers.com/wp-content/litespeed/js/ 304 KB
72 KB 67ms
65ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/js/88abcef607d2b87dee895ff8396d0658.js?ver=0cf60

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2defb9660abeee3ab31471e8ef505caeedae433761e78398015fff073073ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2122691
cf-polished: origSize=311606
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 19:54:26 GMT
server: cloudflare
etag: W/"4c136-65ef6172-375df5554d363101;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AEuIR1n%2BX1xmg9Gkf2HG%2ByM4LZ0WMpTGYYLXOnUn5EktGFwMIsn%2BrBKWQbGYBFgtQT7Hr18WMa%2F1IjlaPZ1XI5uaLsqjdl5MPZrs9OE%2ByAdgSAWSHuQKxl8FqBiotV%2Fx"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f888320bde2a63-CDG
expires: Wed, 12 Mar 2025 01:54:27 GMT

GET
H3 200 c69540ea4875bada46c79fef485c0d63.js Show response
gbhackers.com/wp-content/litespeed/js/ 5 KB
3 KB 62ms
60ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/js/c69540ea4875bada46c79fef485c0d63.js?ver=53ab5

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36fa7ec483adc206a0b0ec5e6aa360d6889efffaa0655729b36513ca6aa28dec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2122691
cf-polished: origSize=5433
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 19:54:26 GMT
server: cloudflare
etag: W/"1539-65ef6172-59096fd81c9b2d51;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nw7th6%2FnVsbG8jp1LUBhmlv5yMrdtxMhEFjuFXTq5FRGeBEQ7nyOVrkdtykO1dXxB95UuQN3NSMHAjK2QZFXPY2kGsZDp3RPGH5Jmhw%2FZuASV7m8379HMUJsMBG3F03y"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f888320be02a63-CDG
expires: Wed, 12 Mar 2025 01:54:27 GMT

GET
H3 200 686ee657c2c36e1c7c77a1805f3b498d.js Show response
gbhackers.com/wp-content/litespeed/js/ 18 KB
8 KB 59ms
58ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/js/686ee657c2c36e1c7c77a1805f3b498d.js?ver=b57fe

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22c46011b6b9a23b7219e2ed6a78aa06e0d6fb0c274166ecc7ba412f020b12c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2122691
cf-polished: origSize=18834
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 19:54:26 GMT
server: cloudflare
etag: W/"4992-65ef6172-63f22a6a782e8e8b;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9gW4wcafGvSJMm9LmX%2BLs7uAAHwcS8fobmDzlLXVG9uxGPhPMoWhi0ghaq5X3whdBLyFQDvXAjh5EjuiiDFXyG7xZJJJIIIXLBbOj5ERu6STvZsw5UQs2NgDvcxRO39B"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f888320be12a63-CDG
expires: Wed, 12 Mar 2025 01:54:27 GMT

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 100ms
16ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C7A) /

Resource Hash

03deb4ed102a3ca69f102ed6730c2f6b9319153d194d5ec9a99542d74827a7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 3523
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163638
x-li-uuid: AAYVVVD3c3dng3Hfj4+JVw==
last-modified: Fri, 05 Apr 2024 08:33:55 GMT
server: ECAcc (mil/6C7A)
x-li-pop: prod-lva1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Fri, 5 Apr 2024 09:33:55 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
51 KB 162ms
76ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5372786174760228&host=ca-host-pub-2644536267352236

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7a446d93bc6bc19aa9138ca782bb451cb79b8879cf319e06beaf41a8dbc95f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52314
x-xss-protection: 0
server: cafe
etag: 9434069395092630929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 05 Apr 2024 09:32:38 GMT

GET
H3 200 44a8438280a25fc2bef30c67fe80af6b.js Show response
gbhackers.com/wp-content/litespeed/js/ 13 KB
6 KB 60ms
59ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/js/44a8438280a25fc2bef30c67fe80af6b.js?ver=2e1f4

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a31a33fc31ae7a9514ac25ccd3288f9ee2fbfbbd33b07f58f694e207876bdf1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2129951
cf-polished: origSize=13577
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 17:52:04 GMT
server: cloudflare
etag: W/"3509-65ef44c4-4b88fc9a16cfcac7;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LpydLGRjVVSXT9FIY51ewfMZQHTOIy04Mn39l2oG2nAQ2Ip0RziGvAPGlQkcLKF7C4%2BwPvEF0BFX5Q9JsfSMExAl3rA764OimBJMkucfgeWKLsHFdGHMogRw%2B6bWM7%2Fz"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f888320be22a63-CDG
expires: Tue, 11 Mar 2025 23:53:27 GMT

GET
H3 200 jquery.min.js Show response
gbhackers.com/wp-includes/js/jquery/ 86 KB
31 KB 64ms
63ms Script
application/javascript 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 2127243
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 03:59:08 GMT
server: cloudflare
etag: W/"15601-654b078c-f2627e7a294a91aa;br"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WavuUnLE1yvJrMxBWT%2BdYuFGz5gPQK1ciW8kHWYg6vB4GWMagJJ5y6Stm%2BrtBSpbbcSsNeMT35EdTm5kyzFQPSdqaSMYLcCoY6PxE7iR7Lcc7chluRMnZ5JmeZonCUFe"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 86f888320be42a63-CDG
expires: Wed, 12 Mar 2025 00:38:34 GMT

GET
H3

200

main.js Show response
gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 02DF
Redirect Chain

https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

8 KB
4 KB

60ms
57ms

Script
application/javascript

172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Protocol

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f19c000fe1b1715012ac71db0577184e5a11cc076eb9cc982d50fc85da514e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcUuecwu7gbHJ0iDf6OSM2Elis27t5aTGEnXiUii08WwM7hPE5YkXATZMRDO8fNsTFOL7sFty7Lgsr%2B1EWhuZoHyS5Xw5D1i7B9jhG4ohw97QGoOm9wdJI9MtwICOFmI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86f888327c652a63-CDG
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 05 Apr 2024 09:32:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OiYNASNbnq%2F2XEK%2BDPzeb1Jcbvabnrr5nd%2FfMb3UeMkLhNmGmUbBrabicnaKHVas%2FuU%2Bcygu2c%2B4Y%2Fi1ClmLKBYmS%2FDynchCAh1pzHEYedoGnJjyYNt3OIIrni4vJtHx"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 86f888320be62a63-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 GBH-Logok.jpeg
gbhackers.com/wp-content/uploads/2023/10/ 2 KB
3 KB 58ms
56ms Other
image/jpeg 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/uploads/2023/10/GBH-Logok.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcbde902aeee47576a8c295bd6fe410dbf7d0c528c811d5d45cb681ce4948620

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2135572
alt-svc: h3=":443"; ma=86400
content-length: 2470
last-modified: Sun, 15 Oct 2023 04:31:09 GMT
server: cloudflare
etag: "9a6-652b6b0d-9da0749efacedf20;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4bvzBJq02A8i6e9znL7%2FW9WWCsMZzZ7pT7kDmoU%2B7BKnKMGRWg4AG7Ik1btUagkt3xEmgLrP7OOkhQe8cdEeNm9tTPOtXR7PNpFHSMuwz%2BRyF3tQs4YxmbgnBVnnMjCL"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86f888326c5c2a63-CDG
expires: Tue, 11 Mar 2025 22:19:46 GMT

POST
H3 200 86f8882ddf802a63 Show response
gbhackers.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 02DF 0
576 B 69ms
66ms XHR
text/plain 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/cdn-cgi/challenge-platform/h/b/jsd/r/86f8882ddf802a63
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQW1sblegWove74lgqpPyJM3YTKBoioEs3oq4QnlBCBvGYT44GIiNfrG7KWl3oIVJmPKf9fEeDStSwoLMTNsll6DPu1rjoEkP5rdMcWu6jWTllHo9tRMYRA4NiOVr8sc"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86f888338da42a63-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404010101/ 407 KB
138 KB 130ms
77ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5372786174760228&plah=gbhackers.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5372786174760228&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

77354ca62527481a286e45fd43fadc4efcf0400e6f5d10b5432a6a44c29f7352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141193
x-xss-protection: 0
server: cafe
etag: 16449556553558800802
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 09:32:38 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 21ms
15ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=116523949&post=86968&tz=0&srv=gbhackers.com&j=1%3A12.7&host=gbhackers.com&ref=https%3A%2F%2Fgbhackers.com%2Fhackers-hijacked-notepad-plugin-to-execute-malicious-code%2F&fcp=494&rand=0.44670996843444244
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 05 Apr 2024 09:32:38 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3

200

main.js Show response
gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 02DF
Redirect Chain

https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

8 KB
4 KB

55ms
54ms

Script
application/javascript

172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Protocol

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e777db5e9a7d5fbefcd517543d8fdff46eed7e9d8fd7f9aeb4d5c3b23ae5f62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGKP27AyiERN%2BI6YZWSd%2B%2B0yfKnicGEuQxkD6Ua3bAJdfEv4Icw%2B%2BXzOXMSZk%2F8LqeYdMB3L4Aym2vLwID9vuMwja0NAKLDuQjZ%2BHCWJlUvHWJkh2n8m%2BjyFm%2BqXyJhl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86f888348e942a63-CDG
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 05 Apr 2024 09:32:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fAXRSMiL2LLGDRaFni1965ZutaE0ELuMRfNgbrF7eiTk1nU%2BWMpyCBcFRajbUcZW7qdxM5qwb4%2BaD751pa4dlMe6exE8gJxJVClMi1VMjoy3%2Bf655wF2fegHJiLpm0HA"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control: max-age=300, public
cf-ray: 86f888341e242a63-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNX5xOWq2Fp17Au-t1vhBBCmRfLUjA1tCvrRVRFU5P0TRODrxe455ESVOYhIqzuRWP0Zb-mHEN-bW6Ddp_8OWeCIQHD2uRo18ai7cFDP1cSJbxgTQb2cZNNIjJ5IzCxngHLGCXAv0Go8SFbcR9... 208 KB
209 KB 339ms
331ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNX5xOWq2Fp17Au-t1vhBBCmRfLUjA1tCvrRVRFU5P0TRODrxe455ESVOYhIqzuRWP0Zb-mHEN-bW6Ddp_8OWeCIQHD2uRo18ai7cFDP1cSJbxgTQb2cZNNIjJ5IzCxngHLGCXAv0Go8SFbcR9ROmxd4oLvN-tSl2BxKexsptAGM91C8uqKNRe2lEAOrKk/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e72d32cd3a40b21844496f0a26a11e65c29b314155efb0a32bc0df1374aeacec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v60a1"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="What is Global Threat Intelligence.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 213335
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvAVl9eqaMrvJ6QCaTBEQGOsOI9BWs5353UTBmCRA6WeIcKExtz406bTVFwSf2rA49-NjBkuiP36ysFJQH5BMMrqgr-xAYwb95gdVoMnlQUYUw-i0u2_DCffpkwW8XqiM5rqj6NJrCiG5H5X4f... 372 KB
373 KB 195ms
188ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvAVl9eqaMrvJ6QCaTBEQGOsOI9BWs5353UTBmCRA6WeIcKExtz406bTVFwSf2rA49-NjBkuiP36ysFJQH5BMMrqgr-xAYwb95gdVoMnlQUYUw-i0u2_DCffpkwW8XqiM5rqj6NJrCiG5H5X4f1UBvHFz5POjW-YM4IiP4EMXCieuZf1SQjr6fLjsFRKg_/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

58c9036182f1abf8206d66e8d47e137b5d7f16f2b1b622a26cf0158c3c92ec13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vaea"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="New Acoustic Keyboard Side Channel Attack Let Attackers Steal Sensitive Data.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 381197
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEWXDweGJAUtSCnGdr55tXksl5y5D5npTyv2ryurBuFmM0uHmatTQzMiYRS-oynlQXr9vtwn7XE-0I8kqpqGQfIxfhOD_mlOcjHJQZ5kZvKucf7er7DLM6pnBols7kcwKnLQTCaG5WwCUDyCTD... 134 KB
135 KB 184ms
177ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEWXDweGJAUtSCnGdr55tXksl5y5D5npTyv2ryurBuFmM0uHmatTQzMiYRS-oynlQXr9vtwn7XE-0I8kqpqGQfIxfhOD_mlOcjHJQZ5kZvKucf7er7DLM6pnBols7kcwKnLQTCaG5WwCUDyCTDJMqgB9H3cniJt64qfo0IF_8YjmQIGuAt5f70DRkaL0jy/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fa8df60509099c7d521094fd56da4d97fda88293fd80228dfcf1b4e45e425221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v964"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="RA World Ransomware Attack Windows Using Hacked Domain Control & Anti-AV Tactics.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137687
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhKjnWYU9sHUnzEWwCaD9qcsm333_03oYuZDTaNi3QAfEkmrKX9uFGL_ZNze9s1mD-Vk-xl0XM6N55P83LSVA_C5S6FnlzobpRAS3jaQ9ttZa_RCgGv0SoQmfqHZ1CJ6ogzi8OEvVolj7Rs10n... 238 KB
238 KB 204ms
197ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhKjnWYU9sHUnzEWwCaD9qcsm333_03oYuZDTaNi3QAfEkmrKX9uFGL_ZNze9s1mD-Vk-xl0XM6N55P83LSVA_C5S6FnlzobpRAS3jaQ9ttZa_RCgGv0SoQmfqHZ1CJ6ogzi8OEvVolj7Rs10nQuEoZOm19neEPr1dWon6cIWEIGDWX2oo1fNepjWC495B/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f01bde1680dadef452c21e70737b5e2ba5d2135da93dc5188905597365f90b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vcf5"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="AMOS macOS Stealer-1-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 243724
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSo8BAKUqzuTyWzjH43TNPDPMD-xTg3HlggBTiKrvDtx8oz-5JLKIhUfPrUWKZrtvlQOktXWdl3XcPrKPvdGQi1FR8ESR_0952JJmpJOyesqZnt_N-eEgEIGFfuyqZHp643PfponTahnjW7Wt2... 325 KB
325 KB 191ms
185ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSo8BAKUqzuTyWzjH43TNPDPMD-xTg3HlggBTiKrvDtx8oz-5JLKIhUfPrUWKZrtvlQOktXWdl3XcPrKPvdGQi1FR8ESR_0952JJmpJOyesqZnt_N-eEgEIGFfuyqZHp643PfponTahnjW7Wt2T9KCEIUuUk3aoVpQk4sYt_sYRKzB__5GpzFnrlUuZETu/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ab69fe117a6f3ae759c1227cef6772ee7a57fbce680919e1747961da5c79c559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v7b9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Beware of Malicious PyPI Packages.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332709
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNFsRXX9E_3wJq15hN36p1igF1RSM4c5SJ3dO00ziZ6IIC25VlGmsmW90VU1og32LkVO6u9QZ7uzk-Q8WEc-q8SYU8w_lkgSK8_TgXhWz7pTr2i9YcBcKpE91v6KqTsJirfeUWdy-GJ5MxgU_d... 115 KB
116 KB 189ms
182ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNFsRXX9E_3wJq15hN36p1igF1RSM4c5SJ3dO00ziZ6IIC25VlGmsmW90VU1og32LkVO6u9QZ7uzk-Q8WEc-q8SYU8w_lkgSK8_TgXhWz7pTr2i9YcBcKpE91v6KqTsJirfeUWdy-GJ5MxgU_drIFvBJdy6z69blTcNlelB-PyT2amUNqS3eBM67y3Q_ei/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2f58f5d342a41abc139d42631fd369e9a97897d9200285c6b10a1ad9a0c5984f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v6128"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Gesture Jacking.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118215
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3gwOOYEHT_qevcNZrQq8yoMnBeJxXdzbK2zDQ5jqwam9i8VvF1COaMBSGYRe2ZY9cKyp5VBpWT3VJOtZeoXgbjTZW3iClMeKkntg3cImYEx5lWUDo8z57YYP-RzpvGsHdzkPiR-xsE245X2mD... 172 KB
172 KB 209ms
202ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3gwOOYEHT_qevcNZrQq8yoMnBeJxXdzbK2zDQ5jqwam9i8VvF1COaMBSGYRe2ZY9cKyp5VBpWT3VJOtZeoXgbjTZW3iClMeKkntg3cImYEx5lWUDo8z57YYP-RzpvGsHdzkPiR-xsE245X2mD0PW8ljwxigj6eJoeNyuoW8qRIx1CM8ujuJiGqKaUor4/s1600/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7a78bf60ab0300f1e16015882cf8d7bdd67d54fc2ef6dc9f527326f856bfc3e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v2323"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ZENHAMMER - First Rowhammer Attack Impacting Zen-based AMD platforms.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175901
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdqCfrg2WkxQq7mQxj6nmNgOk_JF6uMEwpa98r7GGVTRYUOlrjG-xr2kcZo0PeFa1rRIpbYFLUYOYRcVjeeOM_2N60POkbV48NkSPvEwdnzD4j3uPTepYP2pTw9Y_8yU7Uu-b90dk1CF1WuAz6... 268 KB
268 KB 326ms
320ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdqCfrg2WkxQq7mQxj6nmNgOk_JF6uMEwpa98r7GGVTRYUOlrjG-xr2kcZo0PeFa1rRIpbYFLUYOYRcVjeeOM_2N60POkbV48NkSPvEwdnzD4j3uPTepYP2pTw9Y_8yU7Uu-b90dk1CF1WuAz6ao3o63enoo8lr6yBkQ-kFPVWhqHEDIjy6YPNKbKwUGs/s1600/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0fc932db7b3583cbf6cf410320533f1425065b01461f0c27df00620d4bd90b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v231e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="17,000+ Microsoft Exchange Servers Vulnerable.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274010
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEizwvDEou7pzKyRYdQhihjTLnJInYHo_uUJxo19IJGbPf7dQjIYOHMbk-5v1PYnWrOwqwVoMzAmlZp4_wE7drOR7HvnrFPODBL-4eHfdvenNb3-C1qCBsAtS-qH_2LdadFTRwLrPVf_eoA0D-xN... 211 KB
211 KB 405ms
398ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEizwvDEou7pzKyRYdQhihjTLnJInYHo_uUJxo19IJGbPf7dQjIYOHMbk-5v1PYnWrOwqwVoMzAmlZp4_wE7drOR7HvnrFPODBL-4eHfdvenNb3-C1qCBsAtS-qH_2LdadFTRwLrPVf_eoA0D-xN2OK6YDDbd3TvcUmAp587Jhr82qc3aSQMzBhNKKF1kEo/s1600/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d0586a5d038863d70aa30cafc9b0aa9f125052f6fa0bd9ec09e926be52363852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v2306"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="CISA & FBISQL Injection Attacks (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215876
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8vIbuPs4w6n7Bv-7_7UWke1lofCJc2cbcG-LW3100xd9QZBioK5PSdmfn4oxLSfDPVwqzIpRJqHzDVni-D8A9ejXhfosl7ABilRJJRhxg9XiRwf02z-W65JekIoontQsnPbN7JKe6x3jBGgBR... 382 KB
383 KB 191ms
184ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8vIbuPs4w6n7Bv-7_7UWke1lofCJc2cbcG-LW3100xd9QZBioK5PSdmfn4oxLSfDPVwqzIpRJqHzDVni-D8A9ejXhfosl7ABilRJJRhxg9XiRwf02z-W65JekIoontQsnPbN7JKe6x3jBGgBRRPCStCfIjgDmpdGGRnnScUom5kxZCuY1XL0MKMrXbUAJ/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

55bb04602ae986447ad2ad326f7f488f19774fb25d5bb7dd2b8b4c2cf3b1d8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vd3d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="One-click AWS Vulnerability-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 391530
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_eRD2xqjpuC4o3DTgzCwDjzNM4-RPVWCLDWheY4YQAID3aiCShmtBe5mM0OmKEnzbyUBqZPtRSRkkLf9tz8kPvWebk_mW-WbjoTacjB1V-1s6N5wEREsP3s8tPCBIRZRHRV9sxDPi4-TizwRw... 170 KB
170 KB 325ms
319ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_eRD2xqjpuC4o3DTgzCwDjzNM4-RPVWCLDWheY4YQAID3aiCShmtBe5mM0OmKEnzbyUBqZPtRSRkkLf9tz8kPvWebk_mW-WbjoTacjB1V-1s6N5wEREsP3s8tPCBIRZRHRV9sxDPi4-TizwRw-oKChy_6bNTfliLDG2bCbyPtsdA9CBOo3BIMaudZMCE/s1600/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

365a7c759d3a271b6264f90c6d17a3e8e267fe7a2d2957a3c2c0a3fdc1f3a392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v234b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Zoom (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173657
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDPf8n8Qwv4Lw6TJBsiJiS8gcHm-ELf-XxnONKU6u8GSIYndCpJsyMN6bgRAZHsF-BYTPVRsZtif4ufCXblp6Kb1QKjGUZQipcRPDyAc7hX-2WZfUOIj5rItuJOmfM0JMBurq-4rfI4QXqPTdr... 288 KB
288 KB 366ms
360ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDPf8n8Qwv4Lw6TJBsiJiS8gcHm-ELf-XxnONKU6u8GSIYndCpJsyMN6bgRAZHsF-BYTPVRsZtif4ufCXblp6Kb1QKjGUZQipcRPDyAc7hX-2WZfUOIj5rItuJOmfM0JMBurq-4rfI4QXqPTdr_4J3RhI3PoD_jL-XPaI9i8TVHGe8yTK8x_G0LKZlhuM/s1600/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5dd72d8b5bf9f8c3258b1f03ada2d91803962e4b53f262b13ebd590af9e72411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v233b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers Actively Exploiting Ray AI Framework Flaw (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 294976
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinNoNuuXrikfU5wbnUzENKJ61C0OcNSfx-k-bXAH_X5VATqa-MW2kEWbo9REV0x2K1wnZVA95KOqgT9usq7JLDfeLtwy7AL3C_JfZPdBAxoTiVCoARRC6HjigSg3oTEOEUcOOE96rFt2dmpNXg... 139 KB
139 KB 340ms
335ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinNoNuuXrikfU5wbnUzENKJ61C0OcNSfx-k-bXAH_X5VATqa-MW2kEWbo9REV0x2K1wnZVA95KOqgT9usq7JLDfeLtwy7AL3C_JfZPdBAxoTiVCoARRC6HjigSg3oTEOEUcOOE96rFt2dmpNXgZG3tzoTymCQC4jyxTCTIXXhU4cfP9_dJ8MhyZtgpuVw/s1600/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

813a9da88cc84e44179793350fbb6a6b40abf18d22f2f76e36c66cc0fd94127a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v11aa7"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers Selling GlorySprout Malware with Anti-VM Features in underground Fourm for -300.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142443
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhB736YNK0MvQ-PTcDJ3R3SmtlyX674WBUt9s5BExQ8ZKDVcwfRGdLeKeTGhlIOcgkGSa8ajm0xkBPc58AUcAS_bS_FfDwA_11tUyTPknTg9bEB8MlZGtMMW9JuQx1ePt9Vcmci-NHWIZSP3fXX... 147 KB
147 KB 340ms
334ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhB736YNK0MvQ-PTcDJ3R3SmtlyX674WBUt9s5BExQ8ZKDVcwfRGdLeKeTGhlIOcgkGSa8ajm0xkBPc58AUcAS_bS_FfDwA_11tUyTPknTg9bEB8MlZGtMMW9JuQx1ePt9Vcmci-NHWIZSP3fXXVbqpNWhaMquXL_zxMK6PU2wUMVHyOhnSdWKZD2bQwuhx/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

011a8c8b1b3d5722b6aa2d187760ccd9ac7ff9462752e82ee751f4bd9f98062e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v5fe1"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DarkGPT.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150456
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg17A_oALoLP0gwSdRl8Hl26a70ZPsuZ5W7SiXHfMbiD_wol_DuoG2kIwznxM-BbFrPqCd4asUwaj9-PvCK0CnstMFVIK2CzVlYvAQ1GSSYUxGsjWFBG44FTk-0M0ofpcKklayXZU36bpL1BxFI... 215 KB
215 KB 337ms
332ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg17A_oALoLP0gwSdRl8Hl26a70ZPsuZ5W7SiXHfMbiD_wol_DuoG2kIwznxM-BbFrPqCd4asUwaj9-PvCK0CnstMFVIK2CzVlYvAQ1GSSYUxGsjWFBG44FTk-0M0ofpcKklayXZU36bpL1BxFIMNACgqtjf8nKIhGto5b4Q5IGP06tbfZdCH2oIrzvnNPN/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e5fd4135b9fed3117cc72d513de44282552e74827feaee066db3eaebdfababff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v5fd9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="OPENCTI.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 220279
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2CwlqH3XdZZcVywmZMmzWHwkHwiqyxtlVV_Y5K-Ur9hN9VbPbvDUhVvq4mtC2H2a2eAARprUZZSI-N89TfpuuItjPdHLKxxvUxW00bP8VT4LF-pOZ_VdU7VfANn3eYx-0znhs1Y8B4ZGqFLK3... 225 KB
226 KB 304ms
299ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2CwlqH3XdZZcVywmZMmzWHwkHwiqyxtlVV_Y5K-Ur9hN9VbPbvDUhVvq4mtC2H2a2eAARprUZZSI-N89TfpuuItjPdHLKxxvUxW00bP8VT4LF-pOZ_VdU7VfANn3eYx-0znhs1Y8B4ZGqFLK3mbE8SjSyM4VASbV76Q2M0AbmrcWFdP9L26_rJKcVp-No/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ecba522e21f028876f1fc704be1e556219bf10441cfeb62ec6c8cff8c95a0a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v613e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="AT&T To Face Lawsuit Following Breach Impacting 73 Million Customers.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 230633
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrehTLCKP_CQ-56pZFfsYxByfJmusLJTmc_g3N-gnP74oUelRLL3y4-8qHZIbOtsyxSitSvVg6hmWQ1RGdvVZTLQtlbeIHHYrG_fDdwT3RX5KdobCDSVLhBPb1-PV1Dd_A5NbU72tdQS96zjmJ... 234 KB
234 KB 325ms
320ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrehTLCKP_CQ-56pZFfsYxByfJmusLJTmc_g3N-gnP74oUelRLL3y4-8qHZIbOtsyxSitSvVg6hmWQ1RGdvVZTLQtlbeIHHYrG_fDdwT3RX5KdobCDSVLhBPb1-PV1Dd_A5NbU72tdQS96zjmJ_lMslS1PvvjzhZk3Xlydu-Kw9yS_ChI2aoS59x3wQr8/s1600/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e1daed7585bc293820acb57e74a3287914d528b0e7498e0c84c3937aa9d8337b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v23ca"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FVYI (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239173
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz5C78F5CfLGFskf2qYopY6q8G-jIc3A7gN6JpGOQrx33V_Die7JmcGoeSsvQGIXVkr9HiQLSOQ4xGh9pvfT3Ey05eK-rAgwChfZ80zG9TWsA2v7hkVZ3mWyAc8vugqm0V5sDtftgG40HiDQT9... 455 KB
455 KB 357ms
352ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz5C78F5CfLGFskf2qYopY6q8G-jIc3A7gN6JpGOQrx33V_Die7JmcGoeSsvQGIXVkr9HiQLSOQ4xGh9pvfT3Ey05eK-rAgwChfZ80zG9TWsA2v7hkVZ3mWyAc8vugqm0V5sDtftgG40HiDQT90napb7zfe3Wvm2d0E5Ok6px7dO9AQuCEbRvJkFmw3vM/s1600/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

37f091b9aaae8861e01cc9909dd8272407570813598bdfe331478310330dea68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b4"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PandaBuy Data Breach (1) (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 465956
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGI-zU2Q7Uy17MO_wFCjYxOm-pa_t2srSVPYE_UagIEKq0NCSRD93msPZxYHmZjHLaViavCCXaiE8-CTAv-sT_ooCXNAX3VQiMBHOc5Z8FVwziGwnnVVP7ocfK5naQcmLqkQ8IcaslbCCxRNe1... 379 KB
380 KB 311ms
307ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGI-zU2Q7Uy17MO_wFCjYxOm-pa_t2srSVPYE_UagIEKq0NCSRD93msPZxYHmZjHLaViavCCXaiE8-CTAv-sT_ooCXNAX3VQiMBHOc5Z8FVwziGwnnVVP7ocfK5naQcmLqkQ8IcaslbCCxRNe11evOlfn4i5rpADVgrZuYcFpwAnK0WieXZ7b-tiaQNyZo/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f707ceadbd61beb3bfc61ead64285db6b406973452de1bb554cfbdd24186d198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vc94"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Weaponized PDF Operation FlightNight.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 388308
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjexb1f3SoHJAF-FwQJBDj84XPUODKJNsv2BNrN6Ww6PCfv_AUvcHAIyQUwDKm4qj9_0RHO7iLXsP7dZ45Q3ODLunEJ7cCJJ9VyQMzWjcC_zTw3QMcgsqb6RcrRfH1DtvoouFqHmzuz05cuIX03... 161 KB
161 KB 445ms
440ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjexb1f3SoHJAF-FwQJBDj84XPUODKJNsv2BNrN6Ww6PCfv_AUvcHAIyQUwDKm4qj9_0RHO7iLXsP7dZ45Q3ODLunEJ7cCJJ9VyQMzWjcC_zTw3QMcgsqb6RcrRfH1DtvoouFqHmzuz05cuIX0300X2-XnY44hsSxBHsQNtvErU8UtjTseqqzGHFi88PPU/s1600/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f673a75425ee830fcc673d78d84c447f683225a8296f4eb6f61895593cc9b3a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v2308"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="giant tiger (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164575
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKJVqO9XiKvAuSWuAYv1piF5WPlqeUKjJlT90vnDx951xYsiPotC8-YSqqR2CzgcarD8juQY63WnoWBcnXGqYGewCUQLneEmlFPZyLrkUpm2Jg3j5IMUuRBqbRJ1s60SM2VcnhTHVJ_D2xVcKO... 154 KB
155 KB 311ms
307ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKJVqO9XiKvAuSWuAYv1piF5WPlqeUKjJlT90vnDx951xYsiPotC8-YSqqR2CzgcarD8juQY63WnoWBcnXGqYGewCUQLneEmlFPZyLrkUpm2Jg3j5IMUuRBqbRJ1s60SM2VcnhTHVJ_D2xVcKOcfCi8lTjzJNP3-dB7UUV-f7Mbe4PYNgvgM9sfImQ-CIo/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

340924ac682298d8171157183f263c3d23c29b099cb7a6b30569dcd86e75bf6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v7bd"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Web Server Penetration Testing Checklist-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158178
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz3VRAQkQalTlP8oaUmFbSRwpZbr4JCOY5UEf6rT99yR7fWN6gfeQvmym3y2xSdgGOWaApoYdvIW5pg2qj3_Nh2qTTArdqoAdS5lqTGt_oKRQK7rE8POv9stPEN6qkVmK6ZZ5rfA2gKA8EqlEr... 141 KB
141 KB 309ms
305ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz3VRAQkQalTlP8oaUmFbSRwpZbr4JCOY5UEf6rT99yR7fWN6gfeQvmym3y2xSdgGOWaApoYdvIW5pg2qj3_Nh2qTTArdqoAdS5lqTGt_oKRQK7rE8POv9stPEN6qkVmK6ZZ5rfA2gKA8EqlEr_WAxmZTvUuG8rsApvUlUHSIYTub-62TukyWsJxey95_Q/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bbd85d9238e9e46bc45da79f2814000dd43b574f2cbcd4533bf005899b214bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v7e3"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Network Penetration Testing Tools for Security Professionals-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143896
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmhq6YIBFu2Or9XoQo-FztnBTNXN2xOkgUmROCAdAhuizWDs7_W-lVXi160bGxzVP-d_aq890VDqbV08AGta2anIuqotXXMx6Dsmjh57N5dBcLRYBWzY2_N-42JCWR-fwt9v3Ik8iCRlebzs34... 122 KB
122 KB 314ms
310ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmhq6YIBFu2Or9XoQo-FztnBTNXN2xOkgUmROCAdAhuizWDs7_W-lVXi160bGxzVP-d_aq890VDqbV08AGta2anIuqotXXMx6Dsmjh57N5dBcLRYBWzY2_N-42JCWR-fwt9v3Ik8iCRlebzs342ayxPPvyZtJpg4lGpBhbgT6kuQB15ZDwHLDUuV7jW5GV/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

029933e9acffa3d306253574c7f69ca044b74f625bac6392b06e2dc84a0358bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "va6d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10 Prominent Cybersecurity Acquisitions of 2023.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124641
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhI7OD-bBymYKPAUxUpOdedPFIVBecpqEhMpPdH3COHjlPQurCLwyW4MjQsdvcsFRktoN6MnHpN6ktScJH9crhoQZLASwihLElcQPHrxIjLo7HMvahsxudXIMj9KXD9A-pae62r6Znie9naXYM... 155 KB
155 KB 318ms
315ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhI7OD-bBymYKPAUxUpOdedPFIVBecpqEhMpPdH3COHjlPQurCLwyW4MjQsdvcsFRktoN6MnHpN6ktScJH9crhoQZLASwihLElcQPHrxIjLo7HMvahsxudXIMj9KXD9A-pae62r6Znie9naXYMsZ4U5tMERJ5uf5qNEpMj56sA2SqsssOpUExS0blHsq3i/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b9bec247813fe14c962c6478d9c1e4d521be73d4261aa6e63adca81f873a5564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v83e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Top 10 Unified Endpoint Management Tools for 2024-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158555
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj16B1FEzM1BQjMZGSOGuEsfc0XT5XXs4tLKxKHkcyjgKfvX6J4pP_2mwPWNQStCuz8-zDl3vCnzd57Wfr96xQKpWFFp4i9V1cJI1eAh-JYL-QeUZ3LJOwDo6OIAXgGC3B4aLYu6KBxxC7Ol18J... 107 KB
107 KB 320ms
317ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj16B1FEzM1BQjMZGSOGuEsfc0XT5XXs4tLKxKHkcyjgKfvX6J4pP_2mwPWNQStCuz8-zDl3vCnzd57Wfr96xQKpWFFp4i9V1cJI1eAh-JYL-QeUZ3LJOwDo6OIAXgGC3B4aLYu6KBxxC7Ol18J5Edb0eFVS1ydGftxgp9erQl5RGnNmkn5UyBhFZb_YXmb/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

307e1a72eca0e7c2e8a53eccc42fc2d5e7216f4be4885be44f5e7be00e628d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v5bdb"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Kubernetes Vulnerabilities.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109533
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxjn4Kid4F1XX-zcUaFly8TXga73CqAiAnzPr5xMRTgsXU9hQQ5lBN5Rd1uoMDUuTlByrLOj1IJWFv1-H8RSabmL5UB9ry53gwiKGksCQxRbseGKduR_IGhx-g7jVQ2QvM6QKwZk4a67i_k_xw... 178 KB
178 KB 412ms
409ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxjn4Kid4F1XX-zcUaFly8TXga73CqAiAnzPr5xMRTgsXU9hQQ5lBN5Rd1uoMDUuTlByrLOj1IJWFv1-H8RSabmL5UB9ry53gwiKGksCQxRbseGKduR_IGhx-g7jVQ2QvM6QKwZk4a67i_k_xwJOSB_4obbqwn4ZII9QADfWOAoWeE_YN008LFwzYyiMII/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

377c6ff40baa6809e53141e4acc95ed81bd3ad9cc6da10902b8210dc4fd0dd82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v6105"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="5 Major Phishing Campaigns.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182420
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0ZJWAjATKvSLE0uC665RkHCQVYpxx74ve8UVYlPeWzblmJq_ks1dXWDQfyjmL7nVuKNM57Pz2yFbE8dMTgnqLDQfNv-o69vuoQy8gGyRz167BMwL6BndxwZcLH_k-_rs4Zz1-Svdb34FHaefZ... 177 KB
177 KB 334ms
331ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0ZJWAjATKvSLE0uC665RkHCQVYpxx74ve8UVYlPeWzblmJq_ks1dXWDQfyjmL7nVuKNM57Pz2yFbE8dMTgnqLDQfNv-o69vuoQy8gGyRz167BMwL6BndxwZcLH_k-_rs4Zz1-Svdb34FHaefZEmWSdpSQOkgOrx08SAPED4-y-0AbJ3ttMC8aKppAA99v/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

45cc19afb491320b6ec73d6834a48bedc1c5c20248b0fb54f1eff00a87e9b487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v60bf"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="How to Analyse .NET Malware.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181016
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhddrh0Iv2hdkQfvph9SAjIHmrg9dVxWAHB6us1-CigImgCswSH63UmiqVsGIhQRcAtK0fzLEJ2hA1FQ8ZdhLB1HH6TNwgju-7Q6E1AMQlFuYOgBbww2Npef9JT2JLZkWUdkD3FzYCvoxZo_ikB... 166 KB
166 KB 321ms
318ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhddrh0Iv2hdkQfvph9SAjIHmrg9dVxWAHB6us1-CigImgCswSH63UmiqVsGIhQRcAtK0fzLEJ2hA1FQ8ZdhLB1HH6TNwgju-7Q6E1AMQlFuYOgBbww2Npef9JT2JLZkWUdkD3FzYCvoxZo_ikBcF-S-vT03hk2K6yEVs735r0eVUJseXJzuk3uKmIi7osG/s1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

02f67d9f8a87c9036501019ad82cf0a92d0e96cff6f53b50472e03cb63a1e4b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v6022"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Process IOCs for Threat Intelligence Lookup (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170147
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H3 200 GBHackers-On-Security-272-x-90-px-322-x-50-px-422-x-50-px.png
gbhackers.com/wp-content/uploads/2023/08/ 10 KB
11 KB 62ms
61ms Image
image/png 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbhackers.com/wp-content/uploads/2023/08/GBHackers-On-Security-272-x-90-px-322-x-50-px-422-x-50-px.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc4360c0a29af7e975e2ad9dc76f951e49628535a6de8003b5675d428e353c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2126947
alt-svc: h3=":443"; ma=86400
content-length: 10504
last-modified: Sat, 16 Sep 2023 05:39:29 GMT
server: cloudflare
etag: "2908-65053f91-b289ce6b35e4e18e;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xitmqKADUlbHo2IDrvqXpU7MLEH76vJPHIvNqDDuqMws2NspfuiNqo29wTrooJt6D7WRQvwfNU%2BxZkNPfjIX9fDaIVEnodl4WybVuBnA1hNj0Vh3xxok2qYyB51KmF2x"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86f888348e992a63-CDG
expires: Wed, 12 Mar 2025 00:43:31 GMT

GET
H2 200 Managed%20WAF%20-%20728x90.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz4CD0Q4OzZn9OQtPUWOL5oAOyAPjFJuf_7OAdaq_SucoQ23W6lBaEC3598TNQKcf4kTuaR9jowkE1EQnnDuxwQ9KqvLEZc2u185ER9y9F_SuFiKTNHsA-A4l-w8pTXMGEckxmYgdKMyaqPTvO... 21 KB
22 KB 295ms
293ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9cb148fbeef424f88bde406f8ed5af4f0156ebb3c7373a1fe3edb34cf06396a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v5de7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Managed WAF - 728x90.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21973
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 Google%20news%20%20blue.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig8zaHB0FTKlmRZVt0d5XaaccsF_jbtXdlbA5eo4Zti-zsRfW-3tpEeHVNnKh7TYK4jMNNUQ-dQgOpQYc4uKme2BwCAGN8yIYKpiafBaLILOZevcg3U2jxj4A6zUfRU4unv2GmfgqVbUYfR7ej... 4 KB
4 KB 292ms
290ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2917d90e5e1d1ce32a0753b48bcadb8c98c4a2a7e0f060f3bee0d45d51373b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v5abc"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Google news blue.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3620
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEho_gsNlijzqZxwRKEc5IHKMZa9WruDNsmZCrFJQd3lKsJ_f2P2t1eJh2rAlOziFvl0iaBPjj0kZTqo2Dtqi8Fgsh7sfRaCjM_DXimCK57JPLREzksyUZy_JX9pJr6LytdOG_9VEN52eYIqZ4UK... 567 KB
567 KB 300ms
299ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

28906b80ce4b76dcbfe1556ae56425fbed27ffe33a12e231d3666999b31fbed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v6136"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers Hijacked Notepad++ Plugin.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580553
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H2 200 gbhackers-waf-banner-300x600.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggxrET8rL53qWvxNg0ojgbDwhKZUmlLqGRzzfXePO67o4NYLh0rAXrh94aQcN0k8EB1cge5SlSrZ42GgQgjwsxqYAEkfzyYPTOtaQzOjdx4grNJfxFnnp7ei-h6DN35p1Jx3I6LKIO33fXMa31... 173 KB
173 KB 295ms
294ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8cec0568b8c5294b0ae8b686b0803c9ded43d2c8bef916e8e72def00d89af188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v58cb"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gbhackers-waf-banner-300x600.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176872
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

POST
H3 200 86f8882ddf802a63 Show response
gbhackers.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 02DF 0
581 B 76ms
74ms XHR
text/plain 172.67.165.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/cdn-cgi/challenge-platform/h/b/jsd/r/86f8882ddf802a63
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gd%2FJhjA5xQLTZmisZLslnJCl%2FGJFXzzzoo1zSdxTPmAbpSeyYHAm0FiQyJoj8mtR2jWcsj9QZR88dvPe0ev4yFtjGQUcfLzUdSygd3jQf6jWyRtnyQVVuSCQ2fwMljSI"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86f8883598072a63-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 FollowCompany.js Show response
www.linkedin.com/pages-extensions/ 1 KB
3 KB 322ms
215ms Script
application/javascript 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/pages-extensions/FollowCompany.js?version=0.1.176

Requested by

Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' .licdn.com .linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ .microsoft.com; script-src 'report-sample' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-RFqsjmAF1N5LnfpaHFvPqFlVkeIS/DtTAFor+JjJJVc=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q='; img-src data: blob: android-webview-video-poster: ; font-src data: ; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src .licdn.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' .licdn.com lnkd.demdex.net www.youtube-nocookie.com player.vimeo.com; frame-ancestors ; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gnf
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com; script-src 'report-sample' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-RFqsjmAF1N5LnfpaHFvPqFlVkeIS/DtTAFor+JjJJVc=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q='; img-src data: blob: android-webview-video-poster: *; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src *.licdn.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' *.licdn.com lnkd.demdex.net www.youtube-nocookie.com player.vimeo.com; frame-ancestors *; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gnf
date: Fri, 05 Apr 2024 09:32:38 GMT
x-cache: CONFIG_NOCACHE
content-length: 487
x-li-uuid: AAYVViMAOUU0oe/XGKR4TQ==
pragma: no-cache
last-modified: Fri, 01 Feb 1980 00:00:00 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1357ED32978346AE99A5224F011B3AB6 Ref B: MIL30EDGE0917 Ref C: 2024-04-05T09:32:38Z
etag: "d0d7b9746ff9b0fb6e780f937a643b9dbda07a1e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-li-fabric: prod-ltx1
cache-control: no-cache, no-store
x-li-proto: http/2
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ca-pub-5372786174760228 Show response
fundingchoicesmessages.google.com/i/ 180 KB
60 KB 220ms
77ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5372786174760228?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5372786174760228&plah=gbhackers.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63a25c20c064693a13d2aef621ffb2f0f88c3f43659a7d061d909dc5889217f5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ad5Xi6o1i0LLlzdkL-5IYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ad5Xi6o1i0LLlzdkL-5IYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEAvxcGzr2r-BTWBF09G1zACVvjWC"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNFsRXX9E_3wJq15hN36p1igF1RSM4c5SJ3dO00ziZ6IIC25VlGmsmW90VU1og32LkVO6u9QZ7uzk-Q8WEc-q8SYU8w_lkgSK8_TgXhWz7pTr2i9YcBcKpE91v6KqTsJirfeUWdy-GJ5MxgU_d... 115 KB
115 KB 225ms
222ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

2f58f5d342a41abc139d42631fd369e9a97897d9200285c6b10a1ad9a0c5984f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v6128"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Gesture Jacking.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118215
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8vIbuPs4w6n7Bv-7_7UWke1lofCJc2cbcG-LW3100xd9QZBioK5PSdmfn4oxLSfDPVwqzIpRJqHzDVni-D8A9ejXhfosl7ABilRJJRhxg9XiRwf02z-W65JekIoontQsnPbN7JKe6x3jBGgBR... 382 KB
382 KB 220ms
219ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

55bb04602ae986447ad2ad326f7f488f19774fb25d5bb7dd2b8b4c2cf3b1d8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:38 GMT
x-content-type-options: nosniff
server: fife
etag: "vd3d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="One-click AWS Vulnerability-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 391530
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:38 GMT

GET
H3 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3gwOOYEHT_qevcNZrQq8yoMnBeJxXdzbK2zDQ5jqwam9i8VvF1COaMBSGYRe2ZY9cKyp5VBpWT3VJOtZeoXgbjTZW3iClMeKkntg3cImYEx5lWUDo8z57YYP-RzpvGsHdzkPiR-xsE245X2mD... 172 KB
172 KB 247ms
247ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

7a78bf60ab0300f1e16015882cf8d7bdd67d54fc2ef6dc9f527326f856bfc3e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v2323"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ZENHAMMER - First Rowhammer Attack Impacting Zen-based AMD platforms.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175901
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdqCfrg2WkxQq7mQxj6nmNgOk_JF6uMEwpa98r7GGVTRYUOlrjG-xr2kcZo0PeFa1rRIpbYFLUYOYRcVjeeOM_2N60POkbV48NkSPvEwdnzD4j3uPTepYP2pTw9Y_8yU7Uu-b90dk1CF1WuAz6... 268 KB
268 KB 219ms
219ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

0fc932db7b3583cbf6cf410320533f1425065b01461f0c27df00620d4bd90b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v231e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="17,000+ Microsoft Exchange Servers Vulnerable.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274010
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_eRD2xqjpuC4o3DTgzCwDjzNM4-RPVWCLDWheY4YQAID3aiCShmtBe5mM0OmKEnzbyUBqZPtRSRkkLf9tz8kPvWebk_mW-WbjoTacjB1V-1s6N5wEREsP3s8tPCBIRZRHRV9sxDPi4-TizwRw... 170 KB
170 KB 261ms
261ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

365a7c759d3a271b6264f90c6d17a3e8e267fe7a2d2957a3c2c0a3fdc1f3a392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v234b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Zoom (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173657
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2CwlqH3XdZZcVywmZMmzWHwkHwiqyxtlVV_Y5K-Ur9hN9VbPbvDUhVvq4mtC2H2a2eAARprUZZSI-N89TfpuuItjPdHLKxxvUxW00bP8VT4LF-pOZ_VdU7VfANn3eYx-0znhs1Y8B4ZGqFLK3... 225 KB
225 KB 203ms
203ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

ecba522e21f028876f1fc704be1e556219bf10441cfeb62ec6c8cff8c95a0a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v613e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="AT&T To Face Lawsuit Following Breach Impacting 73 Million Customers.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 230633
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGI-zU2Q7Uy17MO_wFCjYxOm-pa_t2srSVPYE_UagIEKq0NCSRD93msPZxYHmZjHLaViavCCXaiE8-CTAv-sT_ooCXNAX3VQiMBHOc5Z8FVwziGwnnVVP7ocfK5naQcmLqkQ8IcaslbCCxRNe1... 379 KB
379 KB 210ms
210ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

f707ceadbd61beb3bfc61ead64285db6b406973452de1bb554cfbdd24186d198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "vc94"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Weaponized PDF Operation FlightNight.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 388308
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKJVqO9XiKvAuSWuAYv1piF5WPlqeUKjJlT90vnDx951xYsiPotC8-YSqqR2CzgcarD8juQY63WnoWBcnXGqYGewCUQLneEmlFPZyLrkUpm2Jg3j5IMUuRBqbRJ1s60SM2VcnhTHVJ_D2xVcKO... 154 KB
155 KB 262ms
262ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

340924ac682298d8171157183f263c3d23c29b099cb7a6b30569dcd86e75bf6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v7bd"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Web Server Penetration Testing Checklist-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158178
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz3VRAQkQalTlP8oaUmFbSRwpZbr4JCOY5UEf6rT99yR7fWN6gfeQvmym3y2xSdgGOWaApoYdvIW5pg2qj3_Nh2qTTArdqoAdS5lqTGt_oKRQK7rE8POv9stPEN6qkVmK6ZZ5rfA2gKA8EqlEr... 141 KB
141 KB 288ms
287ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

bbd85d9238e9e46bc45da79f2814000dd43b574f2cbcd4533bf005899b214bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v7e3"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Network Penetration Testing Tools for Security Professionals-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143896
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmhq6YIBFu2Or9XoQo-FztnBTNXN2xOkgUmROCAdAhuizWDs7_W-lVXi160bGxzVP-d_aq890VDqbV08AGta2anIuqotXXMx6Dsmjh57N5dBcLRYBWzY2_N-42JCWR-fwt9v3Ik8iCRlebzs34... 122 KB
122 KB 232ms
232ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

029933e9acffa3d306253574c7f69ca044b74f625bac6392b06e2dc84a0358bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "va6d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10 Prominent Cybersecurity Acquisitions of 2023.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124641
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhI7OD-bBymYKPAUxUpOdedPFIVBecpqEhMpPdH3COHjlPQurCLwyW4MjQsdvcsFRktoN6MnHpN6ktScJH9crhoQZLASwihLElcQPHrxIjLo7HMvahsxudXIMj9KXD9A-pae62r6Znie9naXYM... 155 KB
155 KB 234ms
234ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

b9bec247813fe14c962c6478d9c1e4d521be73d4261aa6e63adca81f873a5564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v83e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Top 10 Unified Endpoint Management Tools for 2024-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158555
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj16B1FEzM1BQjMZGSOGuEsfc0XT5XXs4tLKxKHkcyjgKfvX6J4pP_2mwPWNQStCuz8-zDl3vCnzd57Wfr96xQKpWFFp4i9V1cJI1eAh-JYL-QeUZ3LJOwDo6OIAXgGC3B4aLYu6KBxxC7Ol18J... 107 KB
107 KB 241ms
240ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

307e1a72eca0e7c2e8a53eccc42fc2d5e7216f4be4885be44f5e7be00e628d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v5bdb"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Kubernetes Vulnerabilities.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109533
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhddrh0Iv2hdkQfvph9SAjIHmrg9dVxWAHB6us1-CigImgCswSH63UmiqVsGIhQRcAtK0fzLEJ2hA1FQ8ZdhLB1HH6TNwgju-7Q6E1AMQlFuYOgBbww2Npef9JT2JLZkWUdkD3FzYCvoxZo_ikB... 166 KB
166 KB 236ms
236ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

02f67d9f8a87c9036501019ad82cf0a92d0e96cff6f53b50472e03cb63a1e4b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v6022"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Process IOCs for Threat Intelligence Lookup (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170147
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhB736YNK0MvQ-PTcDJ3R3SmtlyX674WBUt9s5BExQ8ZKDVcwfRGdLeKeTGhlIOcgkGSa8ajm0xkBPc58AUcAS_bS_FfDwA_11tUyTPknTg9bEB8MlZGtMMW9JuQx1ePt9Vcmci-NHWIZSP3fXX... 147 KB
147 KB 247ms
247ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

011a8c8b1b3d5722b6aa2d187760ccd9ac7ff9462752e82ee751f4bd9f98062e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v5fe1"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DarkGPT.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150456
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEizwvDEou7pzKyRYdQhihjTLnJInYHo_uUJxo19IJGbPf7dQjIYOHMbk-5v1PYnWrOwqwVoMzAmlZp4_wE7drOR7HvnrFPODBL-4eHfdvenNb3-C1qCBsAtS-qH_2LdadFTRwLrPVf_eoA0D-xN... 211 KB
211 KB 244ms
243ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

d0586a5d038863d70aa30cafc9b0aa9f125052f6fa0bd9ec09e926be52363852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v2306"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="CISA & FBISQL Injection Attacks (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215876
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinNoNuuXrikfU5wbnUzENKJ61C0OcNSfx-k-bXAH_X5VATqa-MW2kEWbo9REV0x2K1wnZVA95KOqgT9usq7JLDfeLtwy7AL3C_JfZPdBAxoTiVCoARRC6HjigSg3oTEOEUcOOE96rFt2dmpNXg... 139 KB
139 KB 264ms
263ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

813a9da88cc84e44179793350fbb6a6b40abf18d22f2f76e36c66cc0fd94127a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v11aa7"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers Selling GlorySprout Malware with Anti-VM Features in underground Fourm for -300.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142443
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg17A_oALoLP0gwSdRl8Hl26a70ZPsuZ5W7SiXHfMbiD_wol_DuoG2kIwznxM-BbFrPqCd4asUwaj9-PvCK0CnstMFVIK2CzVlYvAQ1GSSYUxGsjWFBG44FTk-0M0ofpcKklayXZU36bpL1BxFI... 215 KB
215 KB 241ms
240ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

e5fd4135b9fed3117cc72d513de44282552e74827feaee066db3eaebdfababff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v5fd9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="OPENCTI.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 220279
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrehTLCKP_CQ-56pZFfsYxByfJmusLJTmc_g3N-gnP74oUelRLL3y4-8qHZIbOtsyxSitSvVg6hmWQ1RGdvVZTLQtlbeIHHYrG_fDdwT3RX5KdobCDSVLhBPb1-PV1Dd_A5NbU72tdQS96zjmJ... 234 KB
234 KB 268ms
267ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

e1daed7585bc293820acb57e74a3287914d528b0e7498e0c84c3937aa9d8337b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v23ca"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FVYI (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239173
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz5C78F5CfLGFskf2qYopY6q8G-jIc3A7gN6JpGOQrx33V_Die7JmcGoeSsvQGIXVkr9HiQLSOQ4xGh9pvfT3Ey05eK-rAgwChfZ80zG9TWsA2v7hkVZ3mWyAc8vugqm0V5sDtftgG40HiDQT9... 455 KB
455 KB 249ms
247ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

37f091b9aaae8861e01cc9909dd8272407570813598bdfe331478310330dea68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b4"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PandaBuy Data Breach (1) (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 465956
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0ZJWAjATKvSLE0uC665RkHCQVYpxx74ve8UVYlPeWzblmJq_ks1dXWDQfyjmL7nVuKNM57Pz2yFbE8dMTgnqLDQfNv-o69vuoQy8gGyRz167BMwL6BndxwZcLH_k-_rs4Zz1-Svdb34FHaefZ... 177 KB
177 KB 237ms
235ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

45cc19afb491320b6ec73d6834a48bedc1c5c20248b0fb54f1eff00a87e9b487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v60bf"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="How to Analyse .NET Malware.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181016
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNX5xOWq2Fp17Au-t1vhBBCmRfLUjA1tCvrRVRFU5P0TRODrxe455ESVOYhIqzuRWP0Zb-mHEN-bW6Ddp_8OWeCIQHD2uRo18ai7cFDP1cSJbxgTQb2cZNNIjJ5IzCxngHLGCXAv0Go8SFbcR9... 208 KB
208 KB 230ms
229ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

e72d32cd3a40b21844496f0a26a11e65c29b314155efb0a32bc0df1374aeacec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v60a1"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="What is Global Threat Intelligence.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 213335
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDPf8n8Qwv4Lw6TJBsiJiS8gcHm-ELf-XxnONKU6u8GSIYndCpJsyMN6bgRAZHsF-BYTPVRsZtif4ufCXblp6Kb1QKjGUZQipcRPDyAc7hX-2WZfUOIj5rItuJOmfM0JMBurq-4rfI4QXqPTdr... 288 KB
288 KB 363ms
362ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

5dd72d8b5bf9f8c3258b1f03ada2d91803962e4b53f262b13ebd590af9e72411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v233b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers Actively Exploiting Ray AI Framework Flaw (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 294976
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjexb1f3SoHJAF-FwQJBDj84XPUODKJNsv2BNrN6Ww6PCfv_AUvcHAIyQUwDKm4qj9_0RHO7iLXsP7dZ45Q3ODLunEJ7cCJJ9VyQMzWjcC_zTw3QMcgsqb6RcrRfH1DtvoouFqHmzuz05cuIX03... 161 KB
161 KB 345ms
344ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

f673a75425ee830fcc673d78d84c447f683225a8296f4eb6f61895593cc9b3a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v2308"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="giant tiger (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164575
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxjn4Kid4F1XX-zcUaFly8TXga73CqAiAnzPr5xMRTgsXU9hQQ5lBN5Rd1uoMDUuTlByrLOj1IJWFv1-H8RSabmL5UB9ry53gwiKGksCQxRbseGKduR_IGhx-g7jVQ2QvM6QKwZk4a67i_k_xw... 178 KB
178 KB 314ms
313ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

377c6ff40baa6809e53141e4acc95ed81bd3ad9cc6da10902b8210dc4fd0dd82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v6105"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="5 Major Phishing Campaigns.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182420
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvAVl9eqaMrvJ6QCaTBEQGOsOI9BWs5353UTBmCRA6WeIcKExtz406bTVFwSf2rA49-NjBkuiP36ysFJQH5BMMrqgr-xAYwb95gdVoMnlQUYUw-i0u2_DCffpkwW8XqiM5rqj6NJrCiG5H5X4f... 372 KB
372 KB 324ms
323ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

58c9036182f1abf8206d66e8d47e137b5d7f16f2b1b622a26cf0158c3c92ec13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "vaea"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="New Acoustic Keyboard Side Channel Attack Let Attackers Steal Sensitive Data.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 381197
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEWXDweGJAUtSCnGdr55tXksl5y5D5npTyv2ryurBuFmM0uHmatTQzMiYRS-oynlQXr9vtwn7XE-0I8kqpqGQfIxfhOD_mlOcjHJQZ5kZvKucf7er7DLM6pnBols7kcwKnLQTCaG5WwCUDyCTD... 134 KB
135 KB 325ms
323ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

fa8df60509099c7d521094fd56da4d97fda88293fd80228dfcf1b4e45e425221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v964"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="RA World Ransomware Attack Windows Using Hacked Domain Control & Anti-AV Tactics.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137687
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhKjnWYU9sHUnzEWwCaD9qcsm333_03oYuZDTaNi3QAfEkmrKX9uFGL_ZNze9s1mD-Vk-xl0XM6N55P83LSVA_C5S6FnlzobpRAS3jaQ9ttZa_RCgGv0SoQmfqHZ1CJ6ogzi8OEvVolj7Rs10n... 238 KB
238 KB 306ms
305ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

f01bde1680dadef452c21e70737b5e2ba5d2135da93dc5188905597365f90b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "vcf5"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="AMOS macOS Stealer-1-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 243724
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSo8BAKUqzuTyWzjH43TNPDPMD-xTg3HlggBTiKrvDtx8oz-5JLKIhUfPrUWKZrtvlQOktXWdl3XcPrKPvdGQi1FR8ESR_0952JJmpJOyesqZnt_N-eEgEIGFfuyqZHp643PfponTahnjW7Wt2... 325 KB
325 KB 316ms
315ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

ab69fe117a6f3ae759c1227cef6772ee7a57fbce680919e1747961da5c79c559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v7b9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Beware of Malicious PyPI Packages.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332709
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H2 200 AGSKWxWKTf15SOREKyCOrXmrJR6KxoAp_6zFRh_aykB2gaD63M_llzqhiP8F41FsOPplabFFDZsS3I92o_NL5nV5f2ardr_afVRsLJtqKSc8K9XRPlyhtmaNuyoequKQjG4BqA73Wqg_Uw== Show response
fundingchoicesmessages.google.com/f/ 404 KB
61 KB 151ms
150ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWKTf15SOREKyCOrXmrJR6KxoAp_6zFRh_aykB2gaD63M_llzqhiP8F41FsOPplabFFDZsS3I92o_NL5nV5f2ardr_afVRsLJtqKSc8K9XRPlyhtmaNuyoequKQjG4BqA73Wqg_Uw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyMzA5NTU5LDY3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2diaGFja2Vycy5jb20vaGFja2Vycy1oaWphY2tlZC1ub3RlcGFkLXBsdWdpbi10by1leGVjdXRlLW1hbGljaW91cy1jb2RlLyIsbnVsbCxbWzgsIjVEMEVpcUlwZXB3Il0sWzksIml0Il0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5D0EiqIpepw.es5.O/am=wA/d=1/rs=AJlcJMwSKGOM5dOKPTqpfMqeXAaCQnOJVQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf954a11c84ec5d605049bf35e35b461a6ec577a5da37a119361479693da96e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DgRuWEdf1KorovXa5Nrf0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-DgRuWEdf1KorovXa5Nrf0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEAtxc2zv2r-BTeDCjJZAAF_FNR8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET FollowCompany
www.linkedin.com/pages-extensions/ Frame 8190 0
0

GET
H2 200 FollowCompany
www.linkedin.com/pages-extensions/ Frame 4AC1 0
0 279ms
217ms Document
text/html 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/pages-extensions/FollowCompany?id=26628263&counter=bottom&xdOrigin=https%3A%2F%2Fgbhackers.com&xdChannel=440626ea-5476-426c-8ee8-b2a60280b1a7&xd_origin_host=https%3A%2F%2Fgbhackers.com

Requested by

Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' .licdn.com .linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ .microsoft.com; script-src 'report-sample' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-RFqsjmAF1N5LnfpaHFvPqFlVkeIS/DtTAFor+JjJJVc=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q='; img-src data: blob: android-webview-video-poster: ; font-src data: ; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src .licdn.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' .licdn.com lnkd.demdex.net www.youtube-nocookie.com player.vimeo.com; frame-ancestors ; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gnf
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: it-IT,it;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 828
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com; script-src 'report-sample' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-RFqsjmAF1N5LnfpaHFvPqFlVkeIS/DtTAFor+JjJJVc=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q='; img-src data: blob: android-webview-video-poster: *; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src *.licdn.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' *.licdn.com lnkd.demdex.net www.youtube-nocookie.com player.vimeo.com; frame-ancestors *; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gnf
content-type: text/html; charset=utf-8
date: Fri, 05 Apr 2024 09:32:38 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAYVViMGEjRHxyDWn08K0g==
x-msedge-ref: Ref A: 92E58F362A62448CB4C3B37E9426FD4D Ref B: MIL30EDGE0714 Ref C: 2024-04-05T09:32:39Z

GET
H3 200 css
fonts.googleapis.com/ 106 KB
5 KB 103ms
103ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5D0EiqIpepw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxgxZ9V2T4xjJ7yl4u61so7yfE-sA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 09:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 09:32:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 09:32:39 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 33ms
33ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 290506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Apr 2025 00:50:53 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
125 KB 39ms
39ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 12:17:00 GMT
x-content-type-options: nosniff
age: 508539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Mar 2025 12:17:00 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 29ms
28ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
Origin: https://gbhackers.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 290506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Apr 2025 00:50:53 GMT

POST
H3 204 AGSKWxUY7L-KgI0y5q0fQ0fWVVsnCF2fragRJXZtGFXJmxT36MKy0FGBN6cd6OsctHwVZ2TanIKessY66uXMucaYeBbJ_2LtLBmWKcXJZ4lpy1824onhadprrOL2xV99scmbdKimKUoIWg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 107ms
45ms XHR
text/html 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUY7L-KgI0y5q0fQ0fWVVsnCF2fragRJXZtGFXJmxT36MKy0FGBN6cd6OsctHwVZ2TanIKessY66uXMucaYeBbJ_2LtLBmWKcXJZ4lpy1824onhadprrOL2xV99scmbdKimKUoIWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-esj7IjV60QH1Y2A4IPRFFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-esj7IjV60QH1Y2A4IPRFFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1gDgFiIh2N71_4NbAIPJn87ywgAxMcMgw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gbhackers.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

813a9da88cc84e44179793350fbb6a6b40abf18d22f2f76e36c66cc0fd94127a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v11aa7"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers Selling GlorySprout Malware with Anti-VM Features in underground Fourm for -300.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142443
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhB736YNK0MvQ-PTcDJ3R3SmtlyX674WBUt9s5BExQ8ZKDVcwfRGdLeKeTGhlIOcgkGSa8ajm0xkBPc58AUcAS_bS_FfDwA_11tUyTPknTg9bEB8MlZGtMMW9JuQx1ePt9Vcmci-NHWIZSP3fXX... 147 KB
147 KB 185ms
185ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

011a8c8b1b3d5722b6aa2d187760ccd9ac7ff9462752e82ee751f4bd9f98062e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v5fe1"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DarkGPT.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150456
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg17A_oALoLP0gwSdRl8Hl26a70ZPsuZ5W7SiXHfMbiD_wol_DuoG2kIwznxM-BbFrPqCd4asUwaj9-PvCK0CnstMFVIK2CzVlYvAQ1GSSYUxGsjWFBG44FTk-0M0ofpcKklayXZU36bpL1BxFI... 215 KB
215 KB 193ms
193ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

e5fd4135b9fed3117cc72d513de44282552e74827feaee066db3eaebdfababff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v5fd9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="OPENCTI.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 220279
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

e1daed7585bc293820acb57e74a3287914d528b0e7498e0c84c3937aa9d8337b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v23ca"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FVYI (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239173
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

37f091b9aaae8861e01cc9909dd8272407570813598bdfe331478310330dea68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b4"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PandaBuy Data Breach (1) (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 465956
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0ZJWAjATKvSLE0uC665RkHCQVYpxx74ve8UVYlPeWzblmJq_ks1dXWDQfyjmL7nVuKNM57Pz2yFbE8dMTgnqLDQfNv-o69vuoQy8gGyRz167BMwL6BndxwZcLH_k-_rs4Zz1-Svdb34FHaefZ... 177 KB
177 KB 177ms
177ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

45cc19afb491320b6ec73d6834a48bedc1c5c20248b0fb54f1eff00a87e9b487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v60bf"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="How to Analyse .NET Malware.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181016
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNX5xOWq2Fp17Au-t1vhBBCmRfLUjA1tCvrRVRFU5P0TRODrxe455ESVOYhIqzuRWP0Zb-mHEN-bW6Ddp_8OWeCIQHD2uRo18ai7cFDP1cSJbxgTQb2cZNNIjJ5IzCxngHLGCXAv0Go8SFbcR9... 208 KB
208 KB 171ms
170ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

e72d32cd3a40b21844496f0a26a11e65c29b314155efb0a32bc0df1374aeacec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v60a1"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="What is Global Threat Intelligence.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 213335
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:39 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNX5xOWq2Fp17Au-t1vhBBCmRfLUjA1tCvrRVRFU5P0TRODrxe455ESVOYhIqzuRWP0Zb-mHEN-bW6Ddp_8OWeCIQHD2uRo18ai7cFDP1cSJbxgTQb2cZNNIjJ5IzCxngHLGCXAv0Go8SFbcR9... 208 KB
208 KB 181ms
181ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

e72d32cd3a40b21844496f0a26a11e65c29b314155efb0a32bc0df1374aeacec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v60a1"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="What is Global Threat Intelligence.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 213335
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:40 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

d0586a5d038863d70aa30cafc9b0aa9f125052f6fa0bd9ec09e926be52363852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v2306"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="CISA & FBISQL Injection Attacks (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215876
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:40 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

813a9da88cc84e44179793350fbb6a6b40abf18d22f2f76e36c66cc0fd94127a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v11aa7"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers Selling GlorySprout Malware with Anti-VM Features in underground Fourm for -300.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142443
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:40 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

e5fd4135b9fed3117cc72d513de44282552e74827feaee066db3eaebdfababff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v5fd9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="OPENCTI.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 220279
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:40 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

e1daed7585bc293820acb57e74a3287914d528b0e7498e0c84c3937aa9d8337b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v23ca"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FVYI (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239173
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:40 GMT

GET
H3 200 s1600
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0ZJWAjATKvSLE0uC665RkHCQVYpxx74ve8UVYlPeWzblmJq_ks1dXWDQfyjmL7nVuKNM57Pz2yFbE8dMTgnqLDQfNv-o69vuoQy8gGyRz167BMwL6BndxwZcLH_k-_rs4Zz1-Svdb34FHaefZ... 177 KB
177 KB 195ms
194ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

45cc19afb491320b6ec73d6834a48bedc1c5c20248b0fb54f1eff00a87e9b487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v60bf"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="How to Analyse .NET Malware.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181016
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:40 GMT

GET
H3 200 /
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz5C78F5CfLGFskf2qYopY6q8G-jIc3A7gN6JpGOQrx33V_Die7JmcGoeSsvQGIXVkr9HiQLSOQ4xGh9pvfT3Ey05eK-rAgwChfZ80zG9TWsA2v7hkVZ3mWyAc8vugqm0V5sDtftgG40HiDQT9... 455 KB
455 KB 193ms
193ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

37f091b9aaae8861e01cc9909dd8272407570813598bdfe331478310330dea68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gbhackers.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 09:32:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b4"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PandaBuy Data Breach (1) (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 465956
x-xss-protection: 0
expires: Sat, 06 Apr 2024 09:32:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: staging.gbhackers.com
URL: https://staging.gbhackers.com/wp-content/uploads/2023/08/2020072771408f81-31a7-403e-59dd-d687f193fc7d.jpg

Domain: staging.gbhackers.com
URL: https://staging.gbhackers.com/wp-content/uploads/2023/08/2020072771408f81-31a7-403e-59dd-d687f193fc7d.jpg

Domain: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=26628263&counter=bottom&xdOrigin=https%3A%2F%2Fgbhackers.com&xdChannel=440626ea-5476-426c-8ee8-b2a60280b1a7&xd_origin_host=https%3A%2F%2Fgbhackers.com

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gbhackers.com/	1970-01-20 19:41:22	Name: _lscache_vary Value: 9e59cab51106babe21d610b1d21d0b3a
.gbhackers.com/	1970-01-21 04:24:05	Name: cf_clearance Value: Mo6EKJAKl8nxf6.vFPAnChQqvgkywp5.R.0BoHDMBgM-1712309558-1.0.1.1-JbDdpaScfOUioSR6bmfvfovyf1CNkZNWoqJkGMEzCKWKDA19HcbfXiDU5Pn_K7VfZN0oQDtgOV4R6hYjv5As5Q
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=it-it
.linkedin.com/	1970-01-21 04:24:05	Name: bcookie Value: "v=2&07af0169-d8f0-416f-8073-8fe9a4f4bc26"
.www.linkedin.com/	1970-01-21 04:24:05	Name: bscookie Value: "v=1&20240405093238d6654246-92f5-418f-86c6-5cb8b392d682AQHR77aSs0zND0lynkouOu8i53OPB1hE"
.linkedin.com/	1970-01-20 23:57:41	Name: li_gc Value: MTswOzE3MTIzMDk1NTg7MjswMjHyeXDWBnIJlWJE4+4cJz7z01ZrSfgOhQYIuWhsB1Bm3g==
.linkedin.com/	1970-01-20 19:39:55	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2988:u=1:x=1:i=1712309558:t=1712395958:v=2:sig=AQGzL5uaHOe_dpaUFriPoEI7P-8WRF7J"
.www.linkedin.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: ajax:0768928621588542726

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://staging.gbhackers.com/wp-content/uploads/2023/08/2020072771408f81-31a7-403e-59dd-d687f193fc7d.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://staging.gbhackers.com/wp-content/uploads/2023/08/2020072771408f81-31a7-403e-59dd-d687f193fc7d.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gbhackers.com
pagead2.googlesyndication.com
pixel.wp.com
platform.linkedin.com
staging.gbhackers.com
stats.wp.com
www.linkedin.com
staging.gbhackers.com
www.linkedin.com
142.250.184.225
142.250.184.227
142.250.185.130
172.217.18.10
172.217.23.110
172.67.165.236
192.0.76.3
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:4700:3030::6815:22df
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2001
2a00:1450:4001:831::2003
011a8c8b1b3d5722b6aa2d187760ccd9ac7ff9462752e82ee751f4bd9f98062e
029933e9acffa3d306253574c7f69ca044b74f625bac6392b06e2dc84a0358bd
02f67d9f8a87c9036501019ad82cf0a92d0e96cff6f53b50472e03cb63a1e4b1
03deb4ed102a3ca69f102ed6730c2f6b9319153d194d5ec9a99542d74827a7b2
044b9004e46220784d44a6895d065bbb35c6d2670f78864028f5772d36a435d4
046717d70366ca33bb3789d121ca3e84583e66c783b6dd879da77994cc77a16d
0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d
0fc4360c0a29af7e975e2ad9dc76f951e49628535a6de8003b5675d428e353c4
0fc932db7b3583cbf6cf410320533f1425065b01461f0c27df00620d4bd90b22
171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d
1f19c000fe1b1715012ac71db0577184e5a11cc076eb9cc982d50fc85da514e7
1fcf6fe53e66f96bcb2ea0880cd46f587d94cb50ce0eeae6782c27a406ad18b1
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37
28906b80ce4b76dcbfe1556ae56425fbed27ffe33a12e231d3666999b31fbed0
2917d90e5e1d1ce32a0753b48bcadb8c98c4a2a7e0f060f3bee0d45d51373b2a
2a31a33fc31ae7a9514ac25ccd3288f9ee2fbfbbd33b07f58f694e207876bdf1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f5051a07adfe84961a249a56d110337dc4eb55ea2658717428ce56568040ef4
2f58f5d342a41abc139d42631fd369e9a97897d9200285c6b10a1ad9a0c5984f
307e1a72eca0e7c2e8a53eccc42fc2d5e7216f4be4885be44f5e7be00e628d10
340924ac682298d8171157183f263c3d23c29b099cb7a6b30569dcd86e75bf6c
365a7c759d3a271b6264f90c6d17a3e8e267fe7a2d2957a3c2c0a3fdc1f3a392
36fa7ec483adc206a0b0ec5e6aa360d6889efffaa0655729b36513ca6aa28dec
37552f69514fecd835ff9c729be34b76f064fd722ce5bdeea316015fde5ac027
377c6ff40baa6809e53141e4acc95ed81bd3ad9cc6da10902b8210dc4fd0dd82
37f091b9aaae8861e01cc9909dd8272407570813598bdfe331478310330dea68
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ea33bb1565c64b033be9f6e65ebeff13d03459f6d8d3fe0568cf14913b74bcd
45cc19afb491320b6ec73d6834a48bedc1c5c20248b0fb54f1eff00a87e9b487
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
475e323ad43e724edb8dc1e858f32be570f2d5a512258c946b1e77cb3e229bca
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
55bb04602ae986447ad2ad326f7f488f19774fb25d5bb7dd2b8b4c2cf3b1d8e3
56ace8c687c483fb59812152c9e50034deb2d1ecf740a3c9c0382755602db0b4
58c9036182f1abf8206d66e8d47e137b5d7f16f2b1b622a26cf0158c3c92ec13
5dd72d8b5bf9f8c3258b1f03ada2d91803962e4b53f262b13ebd590af9e72411
5fdafe9fde8079e642543015edef9f6d7280f857b2e85a1d44c70814e9dc4239
63a25c20c064693a13d2aef621ffb2f0f88c3f43659a7d061d909dc5889217f5
68b050b8c4f4888f7d333857203194247a00771e29743c2754397f8f40453303
73f5ed5132b2f16e83906cdafeb4b12d5d047e7474527c9020df0312df6ba816
77354ca62527481a286e45fd43fadc4efcf0400e6f5d10b5432a6a44c29f7352
7a446d93bc6bc19aa9138ca782bb451cb79b8879cf319e06beaf41a8dbc95f6f
7a78bf60ab0300f1e16015882cf8d7bdd67d54fc2ef6dc9f527326f856bfc3e7
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
7d707172ce856c4ce5413ba9adb35483106a2f1ad9b4fdd285f3b1540cb4f7e4
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
813a9da88cc84e44179793350fbb6a6b40abf18d22f2f76e36c66cc0fd94127a
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84c0fa68ee2db40f022744b0df40c9642364978814babe80631ee14649c57a3c
8cec0568b8c5294b0ae8b686b0803c9ded43d2c8bef916e8e72def00d89af188
8e777db5e9a7d5fbefcd517543d8fdff46eed7e9d8fd7f9aeb4d5c3b23ae5f62
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e
98a9871b1d3a0a44ad7e7de96d6af7a365c9c86f7524358189169ba2724ed6a4
9b1748d8cea8b7f3eeace07cef59dfb618e116d46b2a1bd8cdab1bdbcf716590
9cb148fbeef424f88bde406f8ed5af4f0156ebb3c7373a1fe3edb34cf06396a2
9fda5ff8910b86411087b7c4c614e66b41eea77a892c9e816840f46c5fb8e9d2
ab69fe117a6f3ae759c1227cef6772ee7a57fbce680919e1747961da5c79c559
adb65669c9ada12a5c7a102979d8bf26cb39baeb296e836bc06ea6f0c8ed4f4f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b737bbcb918222a6ed12201a36fb3770107c3b7f24e939ecced9088d12709e31
b9bec247813fe14c962c6478d9c1e4d521be73d4261aa6e63adca81f873a5564
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbd85d9238e9e46bc45da79f2814000dd43b574f2cbcd4533bf005899b214bdd
bcbde902aeee47576a8c295bd6fe410dbf7d0c528c811d5d45cb681ce4948620
bf2defb9660abeee3ab31471e8ef505caeedae433761e78398015fff073073ef
bf954a11c84ec5d605049bf35e35b461a6ec577a5da37a119361479693da96e3
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb978b753755834b23783cb48a512f099cee571a35418efdac64ed162049617d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cebeb638f6380a3fa66e608729ebc1c3465ca44015908222c0722e81502261cf
d0586a5d038863d70aa30cafc9b0aa9f125052f6fa0bd9ec09e926be52363852
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d32442891dcae36d8ca84ef307be3534ec1bb25f0b72a290446e50560a877692
d5542c4510ca401b310518148c408ba1c52a97e35ac3a0dde456230b6894a6ed
d6a516cf3cb5a08c5e453a990e1b850b1973935e6cf161643c51fb0a16a68fc2
e0d49a8f03d0407fedabe49d6db487ad62e4d387c595bcf2a88b623de11fa0e1
e1daed7585bc293820acb57e74a3287914d528b0e7498e0c84c3937aa9d8337b
e22c46011b6b9a23b7219e2ed6a78aa06e0d6fb0c274166ecc7ba412f020b12c
e31bf40318fce87f5b8a8999365af943e10bc5bd4be28a822fc5bc35df475c5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a37cd111f96d393d31dcba0f281b16903bf1a7b7c916aab33a5bdd198ae890
e5fd4135b9fed3117cc72d513de44282552e74827feaee066db3eaebdfababff
e72d32cd3a40b21844496f0a26a11e65c29b314155efb0a32bc0df1374aeacec
ecba522e21f028876f1fc704be1e556219bf10441cfeb62ec6c8cff8c95a0a5d
f01bde1680dadef452c21e70737b5e2ba5d2135da93dc5188905597365f90b9c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5a19169357b9ffe3b21c07af6a32d873741ae7b3f9755657d9b5cde2c3b145c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f673a75425ee830fcc673d78d84c447f683225a8296f4eb6f61895593cc9b3a0
f707ceadbd61beb3bfc61ead64285db6b406973452de1bb554cfbdd24186d198
fa8df60509099c7d521094fd56da4d97fda88293fd80228dfcf1b4e45e425221
ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

gbhackers.com Open in urlscan Pro 172.67.165.236 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

96 %HTTPS

50 %IPv6

8 Domains

11 Subdomains

15 IPs

2 Countries

18095 kBTransfer

23207 kBSize

8 Cookies

12 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gbhackers.com Open in urlscan Pro
172.67.165.236 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

96 %
HTTPS

50 %
IPv6

8
Domains

11
Subdomains

15
IPs

2
Countries

18095 kB
Transfer

23207 kB
Size

8
Cookies

159 HTTP transactions
18 data transactions