labs.guard.io Open in urlscan Pro
162.159.153.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8...
Effective URL:
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8...
Submission: On March 27 via manual (March 27th 2023, 10:52:23 am UTC) from RU — Scanned from DE

Summary HTTP 104 Redirects Links 63 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 104 HTTP transactions. The main IP is 162.159.153.4, located in and belongs to CLOUDFLARENET, US. The main domain is labs.guard.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 14th 2022. Valid for: a year.

This is the only time labs.guard.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	162.159.153.4 162.159.153.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 77	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b902:129b:52d8:409e:22a7	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.17.80 108.138.17.80	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:f400:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:249... 2600:9000:2491:dc00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
104	8

18 162.159.153.4 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

labs.guard.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

77 2606:4700:7::a29f:9904 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b902:129b:52d8:409e:22a7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-80.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:f400:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2491:dc00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	medium.com 1 redirects medium.com — Cisco Umbrella Rank: 10702 glyph.medium.com — Cisco Umbrella Rank: 20448 cdn-client.medium.com — Cisco Umbrella Rank: 21158 miro.medium.com — Cisco Umbrella Rank: 15870	1014 KB
18	guard.io 1 redirects labs.guard.io	57 KB
5	branch.io cdn.branch.io — Cisco Umbrella Rank: 985 api2.branch.io — Cisco Umbrella Rank: 661	24 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	datadoghq.com browser-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 5479	229 B
1	app.link app.link — Cisco Umbrella Rank: 2007	594 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	6 KB
104	7

	Domain	Requested by
53	cdn-client.medium.com	labs.guard.io cdn-client.medium.com
18	labs.guard.io	1 redirects cdn-client.medium.com
14	miro.medium.com	labs.guard.io
9	glyph.medium.com	labs.guard.io glyph.medium.com
4	api2.branch.io	cdn-client.medium.com
2	www.google-analytics.com	labs.guard.io cdn-client.medium.com
2	browser-http-intake.logs.datadoghq.com	cdn-client.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	labs.guard.io
1	static.cloudflareinsights.com	labs.guard.io
1	medium.com	1 redirects
104	11

This site contains links to these domains. Also see Links.

Domain
rsci.app.link
medium.com
www.linkedin.com
www.guard.io
www.facebook.com
developers.facebook.com
help.medium.com
policy.medium.com
itunes.apple.com
play.google.com
guard.io
markwschaefer.medium.com
praveenjalasutram.medium.com
infosecwriteups.com
tomsmith585.medium.com
medium.statuspage.io
about.medium.com
blog.medium.com
speechify.com

Subject Issuer	Validity	Valid
labs.guard.io Cloudflare Inc ECC CA-3	`2022-11-14` - `2023-11-13`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.branch.io Amazon RSA 2048 M01	`2023-02-21` - `2023-11-09`	9 months	crt.sh
appipv4.link Amazon RSA 2048 M01	`2023-02-24` - `2023-06-23`	4 months	crt.sh

This page contains 1 frames:

Primary Page: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
Frame ID: E31EDD2E8D7E1C0EE1ACF51BC5611C79
Requests: 103 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

“FakeGPT”: New Variant of Fake-ChatGPT Chrome Extension Stealing Facebook Ad Accounts with Thousands of Daily Installs | by Guardio | Mar, 2023 | Medium

Page URL History Show full URLs

https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-ac... HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-va... HTTP 307
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-ac... Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

104
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

1121 kB
Transfer

3254 kB
Size

11
Cookies

63 Outgoing links

These are links going to different origins than the main page.

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F4c9996a8f282&%7Efeature=LoOpenInAppButton&%7Echannel=ShowPostUnderUser&source=---two_column_layout_nav----------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282&source=post_page---two_column_layout_nav-----------------------global_nav-----------
Title: Sign up

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282&source=post_page---two_column_layout_nav-----------------------global_nav-----------
Title: Sign In

Search URL Search Domain Scan URL

URL: https://medium.com/?source=---two_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---two_column_layout_nav-----------------------new_post_sidenav-----------
Title: Write

Search URL Search Domain Scan URL

URL: https://medium.com/search?source=---two_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F6a038e71ff0f&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282&user=Guardio&userId=6a038e71ff0f&source=post_page-6a038e71ff0f----4c9996a8f282---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F4c9996a8f282&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282&source=--------------------------bookmark_header-----------

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/natital/
Title: Nati Tal

Search URL Search Domain Scan URL

URL: http://www.guard.io/
Title: Guardio Labs

Search URL Search Domain Scan URL

URL: https://www.guard.io/
Title: Guardio

Search URL Search Domain Scan URL

URL: https://www.facebook.com/chatgpt.google/videos/719341863011965/
Title: Facebook-sponsored posts

Search URL Search Domain Scan URL

URL: https://developers.facebook.com/docs/graph-api/
Title: Meta’s Graph API for developers

Search URL Search Domain Scan URL

URL: https://medium.com/tag/chatgpt?source=post_page-----4c9996a8f282---------------chatgpt-----------------
Title: Chatgpt

Search URL Search Domain Scan URL

URL: https://medium.com/tag/browser-security?source=post_page-----4c9996a8f282---------------browser_security-----------------
Title: Browser Security

Search URL Search Domain Scan URL

URL: https://medium.com/tag/facebook?source=post_page-----4c9996a8f282---------------facebook-----------------
Title: Facebook

Search URL Search Domain Scan URL

URL: https://medium.com/tag/chrome-extension?source=post_page-----4c9996a8f282---------------chrome_extension-----------------
Title: Chrome Extension

Search URL Search Domain Scan URL

URL: https://medium.com/tag/cybersecurity?source=post_page-----4c9996a8f282---------------cybersecurity-----------------
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F4c9996a8f282&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282&user=Guardio&userId=6a038e71ff0f&source=-----4c9996a8f282---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F6a038e71ff0f%2F4c9996a8f282&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282&user=Guardio&userId=6a038e71ff0f&source=post_page-6a038e71ff0f----4c9996a8f282---------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Ff776b280f31b&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282&newsletterV3=6a038e71ff0f&newsletterV3Id=f776b280f31b&user=Guardio&userId=6a038e71ff0f&source=-----4c9996a8f282---------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/crypto-scam?source=author_recirc-----4c9996a8f282---------------crypto_scam-----------------
Title: Crypto Scam

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F730944bbbfe6&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fstreamjacking-hijacking-hundreds-of-youtube-channels-per-day-propagating-elon-musk-branded-730944bbbfe6&source=-----4c9996a8f282----0-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/new-story?source=post_page_footer_cta_write-------------------------------------
Title: Write on Medium

Search URL Search Domain Scan URL

URL: https://medium.com/tag/chatgpt?source=author_recirc-----4c9996a8f282---------------chatgpt-----------------
Title: Chatgpt

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fd00ef9883d61&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Ffakegpt-2-open-source-turned-malicious-in-another-variant-of-the-facebook-account-stealer-d00ef9883d61&source=-----4c9996a8f282----1-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/chrome-extension?source=author_recirc-----4c9996a8f282---------------chrome_extension-----------------
Title: Chrome Extension

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F719e3af4f97f&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fcritical-vulnerability-discovered-in-evernotes-chrome-extension-719e3af4f97f&source=-----4c9996a8f282----2-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/malware-analysis?source=author_recirc-----4c9996a8f282---------------malware_analysis-----------------
Title: Malware Analysis

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F2496af43b89a&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fisotonic-2-the-army-of-bots-2496af43b89a&source=-----4c9996a8f282----3-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/tag/malvertising?source=author_recirc-----4c9996a8f282---------------malvertising-----------------
Title: Malvertising

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F42ae73ee8a1e&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Fmasquerads-googles-ad-words-massively-abused-by-threat-actors-targeting-organizations-gpus-42ae73ee8a1e&source=-----4c9996a8f282----4-----------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_page-----4c9996a8f282--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----4c9996a8f282--------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----4c9996a8f282--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----4c9996a8f282--------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=post_page-----4c9996a8f282--------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----4c9996a8f282--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----4c9996a8f282--------------------------------

Search URL Search Domain Scan URL

URL: https://guard.io/
Title: https://guard.io

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F6a038e71ff0f&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282&user=Guardio&userId=6a038e71ff0f&source=post_page-6a038e71ff0f--two_column_layout_sidebar-----------------------follow_profile-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2Ff776b280f31b&operation=register&redirect=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282&newsletterV3=6a038e71ff0f&newsletterV3Id=f776b280f31b&user=Guardio&userId=6a038e71ff0f&source=---two_column_layout_sidebar-----------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://markwschaefer.medium.com/?source=read_next_recirc---two_column_layout_sidebar------0---------------------c7e6a43d_d836_4cb2_b77e_1039a72f50ea-------

Search URL Search Domain Scan URL

URL: https://markwschaefer.medium.com/20-entertaining-uses-of-chatgpt-you-never-knew-were-possible-3bc2644d4507?source=read_next_recirc---two_column_layout_sidebar------0---------------------c7e6a43d_d836_4cb2_b77e_1039a72f50ea-------
Title: 20 Entertaining Uses of ChatGPT You Never Knew Were Possible

Search URL Search Domain Scan URL

URL: https://praveenjalasutram.medium.com/?source=read_next_recirc---two_column_layout_sidebar------1---------------------c7e6a43d_d836_4cb2_b77e_1039a72f50ea-------

Search URL Search Domain Scan URL

URL: https://infosecwriteups.com/?source=read_next_recirc---two_column_layout_sidebar------1---------------------c7e6a43d_d836_4cb2_b77e_1039a72f50ea-------
Title: InfoSec Write-ups

Search URL Search Domain Scan URL

URL: https://praveenjalasutram.medium.com/how-i-earned-my-first-bug-bounty-reward-of-1000-9dc6643977e4?source=read_next_recirc---two_column_layout_sidebar------1---------------------c7e6a43d_d836_4cb2_b77e_1039a72f50ea-------
Title: How I Earned My First Bug Bounty Reward of $1000

Search URL Search Domain Scan URL

URL: https://medium.com/@jcarlos29p?source=read_next_recirc---two_column_layout_sidebar------2---------------------c7e6a43d_d836_4cb2_b77e_1039a72f50ea-------

Search URL Search Domain Scan URL

URL: https://medium.com/@jcarlos29p/how-i-made-5-per-day-in-passive-income-with-an-android-app-717604821888?source=read_next_recirc---two_column_layout_sidebar------2---------------------c7e6a43d_d836_4cb2_b77e_1039a72f50ea-------
Title: How I made ~5$ per day — in Passive Income (with an android app)

Search URL Search Domain Scan URL

URL: https://tomsmith585.medium.com/?source=read_next_recirc---two_column_layout_sidebar------3---------------------c7e6a43d_d836_4cb2_b77e_1039a72f50ea-------

Search URL Search Domain Scan URL

URL: https://medium.com/the-generator?source=read_next_recirc---two_column_layout_sidebar------3---------------------c7e6a43d_d836_4cb2_b77e_1039a72f50ea-------
Title: The Generator

Search URL Search Domain Scan URL

URL: https://tomsmith585.medium.com/google-bard-first-impressions-will-it-kill-chatgpt-59c16ae76e3e?source=read_next_recirc---two_column_layout_sidebar------3---------------------c7e6a43d_d836_4cb2_b77e_1039a72f50ea-------
Title: Google Bard First Impressions — Will It Kill ChatGPT?

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=---two_column_layout_sidebar----------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/?source=---two_column_layout_sidebar----------------------------------
Title: Status

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/?source=---two_column_layout_sidebar----------------------------------
Title: Writers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/?source=---two_column_layout_sidebar----------------------------------
Title: Blog

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e?source=---two_column_layout_sidebar----------------------------------
Title: Careers

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=---two_column_layout_sidebar----------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=---two_column_layout_sidebar----------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=---two_column_layout_sidebar----------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://speechify.com/medium?source=---two_column_layout_sidebar----------------------------------
Title: Text to speech

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282 HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282 HTTP 307
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282 Show response
labs.guard.io/
Redirect Chain

https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

189 KB
44 KB

543ms
543ms

Document
text/html

162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1759305834cedeed5848075000d38fa180ea9461d26b6c2f7d1fe0dc41c37b87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ae715390c3b9265-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
content-type: text/html; charset=utf-8
date: Mon, 27 Mar 2023 10:52:16 GMT
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, lite/main-20230327-071906-014b73d21d, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
medium-missing-time: 264
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 376
x-request-received-at: 1679914336255

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ae7153808e537ea-FRA
content-length: 0
content-type: text/plain;charset=UTF-8
date: Mon, 27 Mar 2023 10:52:16 GMT
location: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 13

GET
H2 200 unbound.css
glyph.medium.com/css/ 18 KB
1 KB 57ms
47ms Stylesheet
text/css 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1073
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=7200
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7ae7153c98e137ea-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Mon, 27 Mar 2023 12:52:16 GMT

GET
H2 200 manifest.476fcf85.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
6 KB 50ms
30ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7798b932189586c10476725680d487c508de89bd1824df1b58d78e84af8430

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: 0OrmtMQvKUaqbmWtrWbFxk.t13JGzU4C
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GK6R4MVGKX8QMZ9M
age: 219332
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xP4qwoN9mHBNGoIxDaUgST+n+leU8fEpq+NUIa9d0IG3NBfSMezi+/h1PWApi+UlkeqgAFepQcc=
last-modified: Fri, 24 Mar 2023 21:17:16 GMT
server: cloudflare
etag: W/"1c6d35d2b000df4685401a90ad245941"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb94d37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 105.9e1f764a.js Show response
cdn-client.medium.com/lite/static/js/ 762 KB
230 KB 66ms
46ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5672352c6067919339803100571f773db22963c9a71b4a3e075f973655169dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: 1_IvNAK.i8OURs1ZHqipkYZXczu3tXI9
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: PYVVQJHMB3N6F8WM
age: 250397
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: s1AgziJRoOBHoUHlqkjFgFht1dcDBmY2aJIrhi7BmqSvDZt0pCUo95gGwPaRNoH29nZLFEaX1fg=
last-modified: Fri, 24 Mar 2023 11:02:27 GMT
server: cloudflare
etag: W/"67aeb98535cc8867073b117116fe3d4e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb96637ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 main.5b51cc7a.js Show response
cdn-client.medium.com/lite/static/js/ 770 KB
189 KB 64ms
45ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.5b51cc7a.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

109305b83312289d5b5026f82598c22c14fc16fa6c973ddbe8e049b59b27ae98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: iUr0ItycaMCfZsL.q78gtGOOE9q07K4b
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: MNK421M673S36VQ3
age: 11340
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: txpV2EuY6nB6AXTN26Rm4KSff2trebmdbm/BEfVADzGnBYG5Efi9MHrOQ5lhqOXqqXrhrraj/WA=
last-modified: Mon, 27 Mar 2023 07:28:46 GMT
server: cloudflare
etag: W/"93d02494959f0be02ecc49a0ed769a75"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb95437ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 instrumentation.c71f0248.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 81ms
62ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.c71f0248.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: 5yZx.RXNRFD2wk5kW8slm2OPTbsuZqQM
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 835SQSN2WCD6BDVB
age: 1062555
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: CIbKMR+t1FwOgWV5FFaSjLXobXH66piRTPGhGH8z/BWltP4A8xUkL0PtGWirKXHw6vOBEepMsnQ=
last-modified: Wed, 07 Sep 2022 22:21:02 GMT
server: cloudflare
etag: W/"1c4019035217766e8fa41b4d396c90c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb96c37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 reporting.bbdcaa9d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
995 B 56ms
37ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.bbdcaa9d.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: hDbV.8OiTMB.Vn8rqDBCJ.dxBb4bMoaR
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 2R4YTKBCDDS6HF3J
age: 1062555
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hpLJFwZLVe3kLMmVyN1xu6SbW8NO3o//weOaZ5BXpjjUY6yHS7cvPj69YBWyN1dhbN/YbQe1UB4=
last-modified: Fri, 01 Jul 2022 00:11:40 GMT
server: cloudflare
etag: W/"72bc359fe3377069bd162b3be6ed3d05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153ca91137ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 5642.36172d8f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 65ms
46ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5642.36172d8f.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32579933fa7409a851f4fed587cb4a19111bf097eb787ba275666500c1dc1596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: N5zfrX_fPDUkHADIaE9IDKP_E9o4ZXJV
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YR1ZGVFT1MNTYCTH
age: 318706
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: jMGCKZpGzM44arO02in2I0BYsPyPlVIFsc5ZXNzHfQBw3KY8qagbEVElI6vDQVHafDsuyPG4Eyg=
last-modified: Wed, 08 Mar 2023 20:47:45 GMT
server: cloudflare
etag: W/"96030f693a075a8ed90e715174adf06f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb95737ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 799.361fd2fb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 30 KB
13 KB 57ms
38ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/799.361fd2fb.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03339318237f203c39972793a5232b2c94f3ea7a2c814641ae62660d8dd6e02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: QMhsOw..2z7t_WH9w.ZD6x4nreWG.vQr
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QG33HRZ7DN7FBY2W
age: 577098
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JKaC1fn4iEDQS+SX7HMP5xGUVhmcDNQ9Cn4YrY0Sl/YORAv8Dp0FrFoMP3GMpoaYgZuLl5TdcGQ=
last-modified: Fri, 03 Mar 2023 20:16:01 GMT
server: cloudflare
etag: W/"3064a40f043f886dcc4f589b5706495b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153ca92337ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 1860.abea291f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 57ms
38ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1860.abea291f.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6173a1b363b6bffdf4ec8d533f260644b17cc6f8a747f2d4f529795a3cdf0c04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: uS1tfjVEi120fx7YYvwb1tmcC69xBC_N
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CKH6YE43QJ55AQA6
age: 575396
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Q2BPbM1yg27+tTLenM0rnN6OFZaeLeGLVxQ+u+6Q13qKVuysDCpWVYYfoGtG4AKACwHCX1oWUp0=
last-modified: Fri, 06 Jan 2023 21:37:55 GMT
server: cloudflare
etag: W/"85d86a66b898bcf1f697adede4c175db"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb95f37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 3838.7ae103cd.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 7 KB
3 KB 62ms
43ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3838.7ae103cd.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0573eb7e1b3f0dbaad578ead6eb03bfbd6280ae5d9a2827ad95b260717410939

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: 2W.hiqflZMS1Uu78pZoO3HKgXmMTqecm
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CKH3FJ3BAV5QG9A3
age: 575396
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZaIhFcLEkMb+8UMOJN8mZZ39MZMo1pkb+NEaDWNgT/xigPBH6WegPId2pY/Uacn7Qn7xh8faisc=
last-modified: Mon, 06 Mar 2023 18:50:07 GMT
server: cloudflare
etag: W/"7be8dacf1eb69da190ae2840037680db"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153ca92b37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 2905.c789e347.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 57ms
39ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2905.c789e347.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6c7af4cf38f7cf7c3f086b94b3c188b80a3cd014d34b6d090cea7ab1bb83013

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: 8tt6f_6G9YsHe4BJj_fx505leBX78r5k
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: VW6RZVTS4NQAZBF8
age: 605776
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ooJ+PO9SoQ+VcpRoQbSXhTSPrV8a5lo1UIax/dCDUUEgX2DCjayB1BigKT72Ska8OO/CHDa3hX0=
last-modified: Fri, 17 Mar 2023 18:09:55 GMT
server: cloudflare
etag: W/"9b3e0c0bbf65a58c2460c99fac05466e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153ca91e37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 8007.e7e42be3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
1 KB 73ms
55ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8007.e7e42be3.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4a152dbc443cb2190ebe669b3604fa97bae75f8012b0364ffb2ff2d4def713

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: GCST7lvuIH0KJ0ZTnx.wLhYNBstOq8pl
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QG36YP10HMAVEYNT
age: 577098
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: tF5q+jafuBhzt+0SKoPKSaq6cCgnwGVA4BcgHoYQA16tBd96pb0AZZKir5g/qPdcj909ZK37kkA=
last-modified: Fri, 03 Mar 2023 20:16:01 GMT
server: cloudflare
etag: W/"70cde53a50943875dc8cdadc6cc02d19"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb94a37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 8695.ac0f83b3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 65ms
47ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8695.ac0f83b3.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50a979f6e8a062abeacd9791b81cbedbe908659d6bc12d73f1102167bfc41937

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: QHLtf7kDTyQGy0BXV0UCGe3J0J3T3OiS
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QG31NKHVD77TXP3A
age: 577098
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: FqYubMp9+/5UC9f6/cfezA9WW3lwATrYE6pbEFHLrK++2E+q+nJaEbWJTsqOteFXOGM5O35IW2o=
last-modified: Fri, 03 Mar 2023 20:16:02 GMT
server: cloudflare
etag: W/"de93ef1b6b3aae9065a3d952e34db489"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb96837ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 8.5980bcd4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 26 KB
7 KB 54ms
36ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8.5980bcd4.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17b661a486215879018ecdf2463102d385f2c4fb74558fd15582e9f4844523d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: pJvmeAlpCD1R.goLN3jYFb7dMtAGD1zw
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CSJ5NY1QV5J2JWQP
age: 924616
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: rFAMOZJmj+HO0YhJ4cJXyBRSKJbo7tCfv1y49srFaSbQakg/7BJ77llXjtWzlAVP84vXnp873Yw=
last-modified: Thu, 16 Mar 2023 13:52:09 GMT
server: cloudflare
etag: W/"90db6c8a443715167c389219177065f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb95e37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 9683.eb71cf3a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 38 KB
9 KB 70ms
52ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9683.eb71cf3a.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b32f55e453df9dafb38e1526d6df303dad3082f9c3af5d02e051d43cc3fb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: wJPPlW7zXhFKkO.Zm5Mb8nkuPPYKcotk
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: J8HKT1258VNQSAQR
age: 406405
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: RmLpAg1fY9GfonyGDZgXgAYm14tbDuv17t4a/X0jmroeuAu8Ydgx3nYhne3K6qIWO87L7vKlIvQ=
last-modified: Mon, 20 Mar 2023 21:31:22 GMT
server: cloudflare
etag: W/"96f15df28268013294d7b40f7eb4d18a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb95137ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 9174.61ecc422.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 98 KB
28 KB 54ms
36ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9174.61ecc422.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c4e5c4fd526522c11301d87d90cd21092dbef86faeb8bc73c2b53331cefdf8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: xihLu7.5PboeJBp.CstIOqPBG6JyBE6u
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YXV1KQ7SYERF4NM5
age: 237328
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: HiRqb7NgnOJbDF5EbwnkTc94KjL/97L02zePQTXSYDowNXkHA5Q39pilho9c9CyzFCjnFeSotzE=
last-modified: Fri, 24 Mar 2023 16:47:40 GMT
server: cloudflare
etag: W/"610abbc261c6ea109677d73bcd7b1b39"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153ca91837ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 6714.db481b20.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
4 KB 64ms
47ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6714.db481b20.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987b520121ba6601b336c4173fd71afba7c979fec402177956f0b6f251e63a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: KldbtPfHtgxB1UEFzGJhV1zWUlOu6OjU
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QG3C8562PMX9BCA9
age: 577097
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 7C5CgdcVCYlVG158jTn1odly5FbMzsl6QcYCKTtBYxl2T4p8PQMZRaHynBNkg5yecqkI2FmXDTo=
last-modified: Fri, 03 Mar 2023 20:16:00 GMT
server: cloudflare
etag: W/"fb9c3f0df154ec7314bbcff0cb8c27b1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153ca92e37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 5203.23a22ad8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
4 KB 97ms
80ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5203.23a22ad8.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d19349e1a7fc17631e75d4434c94ded800f5bcb8cf8e019abe59369b9e574e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: uD1TB8JyXvDbJEXNxavvZswpYfa1t9.8
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GSFGAJCPCBSTEX37
age: 594598
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: KSOdEcL9rQFokNvNoFX4ZsWX2macqyPYpdFQa87GxIXH5h+v22v6M4Y/vfhgw8+HVRbRocAun0g=
last-modified: Fri, 17 Mar 2023 21:03:22 GMT
server: cloudflare
etag: W/"9fefde6e96381be6edeb30aa4a60c1b1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb95837ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 5472.a7dd22a2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
1 KB 56ms
38ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5472.a7dd22a2.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e53ebfbcc9c25748543c93340d2eb361c3fae51ae63261e01e54758703593afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: gSXxPhc0hcRrksmL2PGhPrVOkWw4VC83
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: TYK0PEA01R37Z2AF
age: 1062555
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /HTy1mXHJwPGew/xYMqQ7tFbF5Jg3lNbiP2FCK1QESRXm8fU5OQ78/pj2bTQ3xJ5WF5PwhIz13s=
last-modified: Fri, 21 Oct 2022 21:04:08 GMT
server: cloudflare
etag: W/"bfe1dd364c3e6da6632a1d6c3b6fb9a0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153ca93037ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 3283.a6b85089.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 84ms
66ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3283.a6b85089.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0134174dae124a376b9eda4f9991d1719140f1dd5743f7039ecee84a9a1293d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: I_v.LHtbKYSdtEHYOIUVOQP4oz3f1I9Z
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CS8SMA8THJMSB0GF
age: 1164306
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: UzpV0tLS24dslzmmo7i3j9aeY8bRNATAvYGKK8655fUA/AVGd2OPsDKL3VrWr3yD4zpjQqU/5DU=
last-modified: Thu, 09 Mar 2023 19:34:00 GMT
server: cloudflare
etag: W/"07410328db4630d7647ee936c45e01d0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb96937ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 4129.9a8d63eb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
7 KB 59ms
42ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4129.9a8d63eb.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2911927df6c0a93829e78411112c7814bc7b90ecb78c3656c43d501ce89a0a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: WfRiIovzGKzIBXx4jbOQWkmNpcHVogDv
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KXWK4781GHTPM2HZ
age: 594563
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: RTKe5BLNNRoS16c7G0hzDKiqJ5SbOsF6B/Rt02TBzB0RlDnwMBnbQm4r0DtnARaCP2xF+9mabiY=
last-modified: Fri, 17 Mar 2023 21:03:20 GMT
server: cloudflare
etag: W/"d6fa6c4407818897ed25daf584a5dd7c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb96437ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 8580.e792aa8d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
2 KB 79ms
62ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8580.e792aa8d.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0daa86ae7a8d02fd70a8eed0aef1ab1fd2f012a85ec387c0887a7d943ef6f262

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: kH0gCA1zPklX1p7HdhXRjAzllo0ZuTmA
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 97NP9WTTSPYPJT0K
age: 298728
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: gkZ32VVOUNsWMdhEZkImOsBMa8B01QnwFur9jTFX+FsFBMH51j8vsjHJC4fO5io1o00/6YDhdqOSuHk5Lsy3PA==
last-modified: Thu, 09 Mar 2023 20:25:10 GMT
server: cloudflare
etag: W/"66328de0066e00e767538efbd2cf0121"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb96e37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 1802.1dde9f90.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 42 KB
12 KB 61ms
44ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1802.1dde9f90.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

457c73fda826dc12d4ee8d563ddfbdb3971411032e4d661bd19a4420e6a8bcfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: dCPQw651JTmuRipVQXOrDUxmKAMooi7k
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DT982KTH4KVJTDM9
age: 414960
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: jN+RdL7OuGH80be3g+u4Am9ZS1woDWPBTlUO1UxYQWXTLpVQyx8Zf3D7xWMJl2cIQpoYQVkprME=
last-modified: Tue, 07 Mar 2023 19:10:11 GMT
server: cloudflare
etag: W/"bfdb5e419c234024c996b86650621423"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb95b37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 4078.182beff5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
1 KB 55ms
39ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4078.182beff5.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a9538496fc598aef8185ce64a1416f66dbb480363eacd5466477f888985c161

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: xjtc1w3dA5YeyATt8lkc6IY7tO0v2BCH
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 97NSSTE6BHWPZPWE
age: 298728
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: TKMzwc4qqgLaceiuzfHxqsIMLxkgGp4pzOero8twZKE2GR4jbg+iTIkXOaqcSUVPogPR7hY8FNtQJr47gyVkZA==
last-modified: Thu, 09 Mar 2023 20:25:05 GMT
server: cloudflare
etag: W/"46c9eaa275cbf3108a4c9c63c30a6a5a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb94837ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 6636.bb9c6757.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
3 KB 64ms
48ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6636.bb9c6757.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e908bc0bd99283dd6f61e60a919c277a92763001d3c2d22f2253e4f902b09688

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: BG922tR8apP5JQ1sE5WJmtc2MWHIRJmH
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1J40XQAF95XDM4BM
age: 246174
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: a6KY4Z/VNR212pPHkNDrp7ZGcqet+WYMRnHonNdr72d40mKrKv4Tzx4b6+OblVDoPmlOC8KOt5c=
last-modified: Tue, 21 Mar 2023 13:42:43 GMT
server: cloudflare
etag: W/"60b89ef9e30867adf267926be2e7dc11"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153ca93237ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 5572.8add0420.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
4 KB 47ms
30ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5572.8add0420.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79055c5ced00aaa34cd82639689ff5e0a82479a77deaf5647bd5239839c6d7f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: AlXOku2avR3l3zJZpqZ.L1SaWJb6wgew
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1J451Z28FV6T6104
age: 246174
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9vmDELp86Te4oTcoot2qwbzxbMG2DrY+9KMNcqCMGP1HMlzRHyMJGd0BHXi12Avx4nT+GMdt3iA=
last-modified: Tue, 21 Mar 2023 13:42:41 GMT
server: cloudflare
etag: W/"5132974cc54d61854d4c1070bec3912c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb96037ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 1743.42985c62.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 54ms
38ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1743.42985c62.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7a186a71840944885d3c455f4e3c5b73fcc575b75fcd91f4e111ea512e75b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: lln_mSqQczRjOIEMXIxBEgGqsFD3hyhB
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4MRBKHCZY7DRMFQB
age: 603361
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: KqcGk24OpH7ZWFOxUYIgH34J0m9KAUpMr75iwZBkQ+OBkUzh/p+97sMnOtwWasDQIYIQ+BpiYOI=
last-modified: Mon, 20 Mar 2023 10:25:00 GMT
server: cloudflare
etag: W/"3e107f7798febeec4247918bdd418957"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb95c37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 2455.10b7a1c8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 45 KB
7 KB 63ms
47ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2455.10b7a1c8.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de16b6ad8b62c74f785db80c6cda1da7b480899643c69e482b9c9ca62120aeaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: 3cUTJnmlxB.381ZBLxCamPR_vnOXf37a
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1J408XXDJ7NDHSJE
age: 246174
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: uSfmoxAOEq8/r57gSxXvB7Bm32lm+IkI+SxB2y91Oy/fHxn+l+KWTnJlXLvQu8QiH23hNcmB9e0=
last-modified: Tue, 21 Mar 2023 13:42:36 GMT
server: cloudflare
etag: W/"3db71944554b811509d0cb8fcb3c8d24"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb96b37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 3115.0915c66c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 29 KB
10 KB 51ms
35ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3115.0915c66c.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e0fd5124a43543afad915b027f29bb84fddb17255673cbaaa1f9da33f049ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: w.CfszpRJSjS0Ix1hAt96cjADTSR0jU9
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1J4DAK20GVYE1YVD
age: 246174
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 0qazRS8bXEcdgR7APnw8xfpNmPsD+mzeS2GAqyFtiS9DknkNz43VcDlW0y5vsVla/qbB2N06H38=
last-modified: Fri, 24 Mar 2023 14:06:36 GMT
server: cloudflare
etag: W/"35af4edfa5f1d8defdf955cd0a0ee964"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153ca92737ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 2287.a89f9d21.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
5 KB 59ms
43ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2287.a89f9d21.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ec15dd15d0b36925c06e9cd208be62b2bd75010d9681c067867fc429b29d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: rqICbRIWEFamsXMFg_kW4QvWWY96KbA7
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QG33HSDPZ5HZSASJ
age: 453168
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: yhtm1SybL3c0lowTHiSFTNcc2ZWjKza/zm/yMdsfCwxjRiGYMBXAiPFXl/vTmzKEKIBMe3KpULo=
last-modified: Fri, 03 Mar 2023 20:15:53 GMT
server: cloudflare
etag: W/"a73a2c40d4fc740817809c493ef138ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb96137ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 2920.12aec699.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 16 KB
6 KB 44ms
29ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2920.12aec699.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b75797cf449be117986913ab61b0fe44ab2aba98cd6fed86a319fab3fd3cd1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: DR8gakT9JplT5Vb0YlPa6H3hGjJ2y79M
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QG3648BYC86V9SVY
age: 577098
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YHyC5ixQXytTnvzUewQz1HUhS4bvk3/Gxlz5XeN4o4PkMSvHXLan2bGRD0Km0TnV37V+7aUlufA=
last-modified: Fri, 03 Mar 2023 20:15:54 GMT
server: cloudflare
etag: W/"ec3127d2065aa849be5c5019c87d822f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb94237ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 2223.8e707c7a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
2 KB 64ms
48ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2223.8e707c7a.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

019b9549d1add8514876e9aaabb20c29e90fcbca7c08eb7962168c4a1ad163c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: 5.nIgPWC7IjBL9iWFsyUn3Nw0jWGAq.2
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QG3E24RYR5ZWM0XH
age: 577097
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: OT/MPZ0nn8nMqoI4VFxI93CneHM3Fr3kyLAgUAzpkDicfGigqFkbU9kVfh8n2NFskC8Y5bk72GY=
last-modified: Fri, 03 Mar 2023 20:15:53 GMT
server: cloudflare
etag: W/"ec0d159a986229a6c6b9282fe8bcb8c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb97037ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 319.a1f55686.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 25 KB
9 KB 55ms
39ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/319.a1f55686.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c452648a5259b5db228427477a67b2605e4dea75b45024436e7899c9097f1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: T0Gog.yQricZ5V89ps21G7uure.cZdh.
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S41M6R94C8AH46T5
age: 232208
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 1JjeLiXDs9oAPJ8J8xpY6o2hqCDmbSgJq7F79ZaWJXq6GazzuF3otbxONRzrO3O/93xcRzWJr2Y=
last-modified: Thu, 23 Mar 2023 20:42:30 GMT
server: cloudflare
etag: W/"0ad58c26e41784f95621fee0748d66b0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb94e37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 1911.071e9f80.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
3 KB 62ms
47ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1911.071e9f80.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7922cea637f271d76bc107e7955bbf5b89a4e757e19459c6575a4f11dc06e643

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: 44OFoAuroKS2eF.mqAvp_r6HxtXCleNU
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S41T8F37JH5VKXBV
age: 232208
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: VZPGN8mjsPhjSODktzSYbhsUQUwYJEGE4ZwEkEfpoe+ayawgrz1YvkdGQQHQEFfFtMcR0w54YPs=
last-modified: Thu, 23 Mar 2023 20:42:28 GMT
server: cloudflare
etag: W/"c015f7c82cb6a9d953126c2dc34d59c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb97937ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 8051.1e236389.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 60 KB
14 KB 46ms
31ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8051.1e236389.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1925453f0c7fcc73914d9ff411bbdc787a17639020213ab8e726c0238d6a0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: d4nqnmLPFXcZLNScSaAzpg8rAxHhDrd4
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S41VHBWXSPAEX8QD
age: 232208
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: EFk8XYScZbFpRQCYnYaTbOBzmrUJcNHjd8idLTg1OfHB0Ql2ytuwSfa71DNsUWmjoyN6BoNRKhw=
last-modified: Thu, 23 Mar 2023 20:42:36 GMT
server: cloudflare
etag: W/"f4cec147bed5e89f7ca05101e4c76fef"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153ca92037ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 1069.ec72bd6d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
7 KB 59ms
44ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1069.ec72bd6d.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3931bd7f23bc38d81098698e191881070610cf3fdd333eab9d4a12afa969a31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: DE4l6f4vRwaqfYGITGMVxBBtgHrJV8Nf
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1J49N18SR0RT1M1S
age: 246217
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YjONI46BsANo1PIWMrKHOIv0oZRMHZo5/pA7Dex2e2tv0cNChJ7casiD0KYYCM+Q7+phKBTJlFI=
last-modified: Tue, 21 Mar 2023 13:42:34 GMT
server: cloudflare
etag: W/"6f2c3fb4c687e2005b2f9eec541fb29e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb97f37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 3720.a32d41c5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 23 KB
4 KB 61ms
46ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3720.a32d41c5.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d90d9b25e381a5dc97ed9e96eddb5928686281984682f25e32d6d4934890b15c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: PmhnnOZcb1lTj5y2F4my9bxQ8M1F_8_i
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S41H8B4DYKG1B9KF
age: 232208
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Dm+gXpq6+vcJub/mzjwvbpQ9Xu3rb2XBul/MyH7sfB7QJrZQx1iUwqY5G0Vn+KCg6O6a7k55u9w=
last-modified: Thu, 23 Mar 2023 20:42:31 GMT
server: cloudflare
etag: W/"3bfe61db156d3e880ec5117fea66a955"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb97437ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 6255.1018cd9a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 25 KB
9 KB 76ms
61ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6255.1018cd9a.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15cc2881089acdd5534ce3ce3c3524b1c8fb0f51238e79a7d7c09ed2e300423f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: plkLsBAET9pmqjhRAShz7AIhsxndB82k
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S41S4GNQVJQXNGG4
age: 232208
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: BbCk7zGGzXAASpyGM3ImkxpD2QBCCt9qSL8L1pzKGhaVSYSFcmaN7NJV9eLVHU648/IM3HdzkFE=
last-modified: Fri, 24 Mar 2023 16:43:16 GMT
server: cloudflare
etag: W/"13adea5d8a308bbf31274106ac805231"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb98637ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 3657.c62673a4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
4 KB 62ms
48ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3657.c62673a4.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c90145729c8ac298928c43206ddc0cbf770a05280b94e58b9fe033132927c81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: cX9LI8GtvAj0yPF1fvhj_BTlub6qw2qo
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S41P32BRVJ2R4BCM
age: 232208
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: kXF2/SE2JU8utGne8yjccg/Q5WIkiJJQOfs8sR/6qZQ1BIS0NgqyzpSfBNblVDoDk+iLUFKq3kQ=
last-modified: Fri, 24 Mar 2023 16:43:12 GMT
server: cloudflare
etag: W/"6acb5d7ac0ec41dae70e94776c9f4315"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb97337ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 6974.b94d2340.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 26 KB
7 KB 59ms
45ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6974.b94d2340.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

575be440fd61e4d3666cd1d027a88bca046ce1b2a4be3c49a4c192c6ebb02774

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: eYutijHrL8LVAjkCWfUVcJhzYxgRQ9uS
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7337X6HRHZSFAGTH
age: 833720
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cEN6Pwm//H+ZpZGXUFF0cyV8ENDO32heNPr80CpTI4rHZNLpBRJ6Z3QdEuQB8A6qzQnlR8oytlU=
last-modified: Wed, 15 Feb 2023 17:31:49 GMT
server: cloudflare
etag: W/"d39e78b5af1cb87cfd5dc2e50150e460"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb97d37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 925.2f232a58.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 109 KB
28 KB 69ms
55ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/925.2f232a58.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aabd7237fd06f6a0911f5161f31467fbdff9bdc6270c8400fb02b0e589926290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: lL8ZZliNBwd.iRyWAZsXOxzYS4lUMBMZ
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S41KV83V1G66CN5V
age: 232208
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cePZvaXZJzKbLK6OIUFgZVCwULHb66vMRp4iDGxFaPxCAgPCPYvEeWDWgeQdjPJ+GTzDZvuvHmM=
last-modified: Fri, 24 Mar 2023 16:43:19 GMT
server: cloudflare
etag: W/"d49be2387cc04b5241ea6202fef1e358"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb98237ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 PostPage.MainContent.78621cce.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 26 KB
9 KB 75ms
61ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.78621cce.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

262e375e9795bcba1e73546c02ce7ef5eb30067bce5a8a7c70e0a9e5ce5d6883

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: _wAMR4OnKxpJZ_QSFcyZqNhIiCWfLL6h
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 9FZ6A7A8X5NHBXH6
age: 312162
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: zvAgnajNfUZq/KBK18/gvYGd5/t7wEn/il1yBvOL1soYUXO2em7u99oDDpIANrFaEDRWxkg2FVVQ9y7ERdRWKQ==
last-modified: Thu, 09 Mar 2023 20:00:25 GMT
server: cloudflare
etag: W/"3de5a7ee009c58638fb1dc566052e5f3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb98537ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 2629.e288575a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
2 KB 100ms
86ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2629.e288575a.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec60da686bdb6ecb9649da974c150a9ac39b834b4340f02a25e5ea787ebdeff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: iHslecwMYIqBF1RLUZxzvDE.u3uJbg9M
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: N3X7JRN88MQ3FGTG
age: 337180
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: tUR50VqK+TlFsqjx+0CvFtDouEjw9uHav+XSBZadf/qV2WeYfvCTrpGZdH+lX+IHvA8F/Gt1Byc=
last-modified: Fri, 03 Mar 2023 20:15:54 GMT
server: cloudflare
etag: W/"ab0967f7dcf89ce4b65bf91c607ac765"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb97737ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 5627.182c65f9.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 16 KB
5 KB 69ms
55ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5627.182c65f9.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb77d553412e3911b30897a9a25388cc091cfa9fd87930852bc47dc5cd82757d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: nWZ.CdKsXxRA11Fe4lCb0PMRU_onr92w
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: N3XAA2SK967QFT63
age: 337180
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: KCjdZjtW6u4nNskXiSDAmv/N9b99UnCViri/qX8wNn7zhU5A3+gy2r/W/93DKS+10yctE7Ucsmc=
last-modified: Wed, 22 Mar 2023 20:51:45 GMT
server: cloudflare
etag: W/"3a5f2095cbb8d506fd1bd2ffecc2fe94"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb98337ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 8880.2f261ff4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
7 KB 58ms
45ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8880.2f261ff4.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffb05d842097704d80ae4cbabc01da78700a238784dced37722a07c30236840a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: arGb0sZdVytpnkE_giDg9XkXSEtUXy88
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Q13BCBXG0KJG41WD
age: 326617
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n/0rs3ohBpnBxSd+BmMtYBbYNixWyqKX0BNozEXNzlUEEOLzaQ9svKsdkmjCe39R92eRa8DKNpQ=
last-modified: Thu, 23 Mar 2023 15:47:00 GMT
server: cloudflare
etag: W/"5eb9d54977ad919fb0f4c1fb0e7c23ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb98037ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 PostPage.RightColumnContent.17084ba2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
5 KB 65ms
52ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.RightColumnContent.17084ba2.chunk.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f65625d4e5e602275192a263aa5829346dda4c0e91e269ba2804d9b78e9a961

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
x-amz-version-id: yIU9RIpoflgdUd.Tag4TTvAK3NFF750z
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1J491XV6V2NTES6Y
age: 246174
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 67HNdumiHBhXSTBDRv/UOiWa8P7IEmIs0pnQTyqQVwhVv7ko/1Sm093RRGO2UhVJYGj15940VxI=
last-modified: Tue, 21 Mar 2023 13:43:07 GMT
server: cloudflare
etag: W/"565baf357b51c3cd36949b09713d9e1d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7153cb97b37ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 vb26e4fa9e5134444860be286fd8771851679335129114 Show response
static.cloudflareinsights.com/beacon.min.js/ 16 KB
6 KB 74ms
48ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
Requested by: Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542

Request headers

Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2023 17:58:49 GMT
server: cloudflare
etag: W/2023.3.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7ae7153cc8693a61-FRA

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 43ms
28ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4683836
x-envoy-upstream-service-time: 39
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7ae7153d4cdc35e6-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 19 KB
19 KB 35ms
20ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4683836
x-envoy-upstream-service-time: 51
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7ae7153d4ce035e6-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H3 200 source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
12 KB 50ms
35ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4683836
x-envoy-upstream-service-time: 30
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7ae7153d4ce235e6-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H3 200 source-serif-pro-700-normal.woff
glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 50ms
35ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4683833
x-envoy-upstream-service-time: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7ae7153d4ce435e6-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H3 200 source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 51ms
36ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4683836
x-envoy-upstream-service-time: 32
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7ae7153d4ce635e6-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H3 200 source-code-pro-400-normal.woff
glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 7 KB
7 KB 55ms
40ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-code-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4683833
x-envoy-upstream-service-time: 583
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7ae7153d4ce835e6-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 18 KB
19 KB 55ms
41ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4683836
x-envoy-upstream-service-time: 48
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7ae7153d4cea35e6-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:64:64/ 1 KB
2 KB 31ms
22ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:64:64/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 245863
x-envoy-upstream-service-time: 43
content-disposition: inline; filename="1*dmbNkD5D-u45r44go_cf0g.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1310
x-request-id: b019cc1c-dc12-4f57-a350-e915bc339ed4
sepia-upstream: medium
server: cloudflare
etag: "qUlGJkYhB4LINmyi_TVOvM25Dy409gGbmK5EqrHhPd0/RImNiNjU3ZGRlN2RhNjI0NjU3YTVmNmQ0ZDdhNzEyMDM3Ig"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ae7153daad037ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 1*s7SJaF9dODo7rWqa2rFQ6Q.png
miro.medium.com/v2/resize:fill:96:96/ 5 KB
5 KB 39ms
29ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:96:96/1*s7SJaF9dODo7rWqa2rFQ6Q.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4915cb0960fda9afe3b4d35b4e569e4944be7be81c2f7f30d16f88f4cbbf5eb6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 4051
x-envoy-upstream-service-time: 122
content-disposition: inline; filename="1*s7SJaF9dODo7rWqa2rFQ6Q.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5020
x-request-id: f960d3b7-7919-4012-b00b-cd837c5ee2b4
sepia-upstream: medium
server: cloudflare
etag: "2ClxYkeZkhLd4kUTfpOdRzBNwICgGzimHBVrQIKoB9U/RImIzYjQ4OTY4NWY1ZDM4M2EzYmFkNmE5YWRhYjE1MGU5Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230320-172405-c0b98726a8
accept-ranges: bytes
cf-ray: 7ae7153daad137ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 1*dk6Oz-DYOQPUhODIZTIVAA.png
miro.medium.com/v2/resize:fit:720/format:webp/ 26 KB
26 KB 30ms
21ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/1*dk6Oz-DYOQPUhODIZTIVAA.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160057a9ff13f4259bd4df4bb3dd3e2bc435e49b93f8a451ec818bc7e3c5c87b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 408
x-envoy-upstream-service-time: 779
content-disposition: inline; filename="1*dk6Oz-DYOQPUhODIZTIVAA.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26134
x-request-id: 74028ce4-1c62-452e-a188-0b5ed4080040
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjc2NGU4ZWNmZTBkODM5MDNkNDg0ZTBjODY1MzIxNTAwIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230324-113241-2364650ba0
accept-ranges: bytes
cf-ray: 7ae7153daad637ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 1*N_117h-kpxFLRgfzxPP6MA.png
miro.medium.com/v2/resize:fit:720/format:webp/ 42 KB
43 KB 40ms
31ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/1*N_117h-kpxFLRgfzxPP6MA.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da15a28f3982706969212484d7424b3323813a5b44176f7da9d3bdc1a542fea4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 408
x-envoy-upstream-service-time: 560
content-disposition: inline; filename="1*N_117h-kpxFLRgfzxPP6MA.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43260
x-request-id: 58b03758-daaf-4cea-a5f5-78971b090039
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjM3ZmQ3NWVlMWZhNGE3MTE0YjQ2MDdmM2M0ZjNmYTMwIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230320-172405-c0b98726a8
accept-ranges: bytes
cf-ray: 7ae7153daad237ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 1*DnAEr4bTx8Ywi5jnPO9RIw.png
miro.medium.com/v2/resize:fit:720/format:webp/ 43 KB
44 KB 29ms
20ms Image
image/webp 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:720/format:webp/1*DnAEr4bTx8Ywi5jnPO9RIw.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ed67da0bdabd16ddaca960a2ea253496cf4dd3526d30867a189704b11c6a467

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 408
x-envoy-upstream-service-time: 677
content-disposition: inline; filename="1*DnAEr4bTx8Ywi5jnPO9RIw.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44400
x-request-id: 7dae0db6-7b32-4f8d-bc81-ba5806841a8b
sepia-upstream: medium
server: cloudflare
etag: "YXzh1miX4qndlYVobhq_bxorivcuaUlJ2JfvURNm1xU/RIjBlNzAwNGFmODZkM2M3YzYzMDhiOThlNzNjZWY1MTIzIg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230320-172405-c0b98726a8
accept-ranges: bytes
cf-ray: 7ae7153daad837ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

GET
H2 200 1*s7SJaF9dODo7rWqa2rFQ6Q.png
miro.medium.com/v2/resize:fill:176:176/ 13 KB
14 KB 31ms
22ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:176:176/1*s7SJaF9dODo7rWqa2rFQ6Q.png

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80a252cee9dbd81949fcda2a31ee089bba091c13482d2a2044670c42920b619

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:16 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 13960
x-envoy-upstream-service-time: 145
content-disposition: inline; filename="1*s7SJaF9dODo7rWqa2rFQ6Q.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13744
x-request-id: a36e3ca9-fae9-4869-866d-834ec4f0a3a3
sepia-upstream: medium
server: cloudflare
etag: "cYOHBppU5_IQqNc_J_FqxtylWztmHm-fdmnA7PgkwUg/RImIzYjQ4OTY4NWY1ZDM4M2EzYmFkNmE5YWRhYjE1MGU5Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230323-095621-5e670b79f5
accept-ranges: bytes
cf-ray: 7ae7153daad537ea-FRA
expires: Tue, 26 Mar 2024 10:52:16 GMT

OPTIONS
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/ 0
0 424ms
96ms Preflight 2600:1f18:24e6:b902:129b:52d8:409e:22a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:129b:52d8:409e:22a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://labs.guard.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
access-control-allow-headers: x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
content-length: 0
date: Mon, 27 Mar 2023 10:52:17 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff

GET
H2 200 2230.571ed6c4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
8 KB 18ms
18ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2230.571ed6c4.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

293cb36ca1c002f569bcbce51360a20745ce87b2e515be849d83d5269d7d2174

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:17 GMT
x-amz-version-id: jyYM.ZgM9PE2gJOEnsek2uD4i4PcWdTK
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5B1CYTHMK2616DY7
age: 1062555
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Otu4Bzadtbnet2y7EcEb8o/GGiEGQboxNDtYyXCV5GM+59Q94+pwvBgKKEOrg9xRHn4Y4uwRjlE=
last-modified: Mon, 24 Oct 2022 03:04:44 GMT
server: cloudflare
etag: W/"80138a2fe8e56b8f784a37863eea34c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7154209b437ea-FRA
expires: Tue, 26 Mar 2024 10:52:17 GMT

POST
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed Show response
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
229 B 165ms
164ms Fetch
application/json 2600:1f18:24e6:b902:129b:52d8:409e:22a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5b51cc7a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:129b:52d8:409e:22a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H3 200 PostGiveTipOnExternalPlatform.9d2f1bb0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 30ms
30ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostGiveTipOnExternalPlatform.9d2f1bb0.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4a0cb6328126994438b5a127dc9d3bb890323c339df243cc9f19bc3bde40bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:17 GMT
x-amz-version-id: gfVC0i9ar1hRC7yHzx0kIpM2hym2t6ri
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 2A6P84E28JSP8YA7
age: 607393
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: vA9lirNj43z6QkmTpGbyFmB32LEvivucepjrDE0ZWsI6trIBiNDiFEsb6NNY/jhQK3K7powF82o=
last-modified: Fri, 03 Mar 2023 20:16:19 GMT
server: cloudflare
etag: W/"0c24ccc2ef91aca3121eafe35386f13a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae71542beff9b70-FRA
expires: Tue, 26 Mar 2024 10:52:17 GMT

POST
H3 200 graphql Show response
labs.guard.io/_/ 143 B
566 B 156ms
156ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4b695c8d1f5f0104a278f86b5627f40af5eda69a11e2935afb9cd43ffb95139

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 3042664be9504424
medium-frontend-path: /fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation: VisitorQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app: lite/main-20230327-071906-014b73d21d
apollographql-client-version: main-20230327-071906-014b73d21d
ot-tracer-spanid: 54b51e332520b56c

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"8f-SubudxYhiDJ6Wwd/3jBSfIL70J0"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d
cf-ray: 7ae71543cd480487-FRA
x-request-received-at: 1679914337972

POST
H3 200 graphql Show response
labs.guard.io/_/ 989 B
852 B 378ms
378ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e895fe04d8b395643f30193ddbb235f7778a0e5bf38268950e4dab5b39d74f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 3042664be9504424
medium-frontend-path: /fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation: ClapCountQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app: lite/main-20230327-071906-014b73d21d
apollographql-client-version: main-20230327-071906-014b73d21d
ot-tracer-spanid: 54b51e332520b56c

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 250
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"3dd-RhXyaJtn658kzyeKjtL3AX6Tluw"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-095531-e2d7ff5519
cf-ray: 7ae71543cd4d0487-FRA
x-request-received-at: 1679914337969

POST
H3 200 graphql Show response
labs.guard.io/_/ 478 B
749 B 182ms
182ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

798ac101e9328c4c2c94e3901198733670dfa1a1d09440e94e74b85fb3fb94c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 3042664be9504424
medium-frontend-path: /fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation: FloatingPostActionsQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app: lite/main-20230327-071906-014b73d21d
apollographql-client-version: main-20230327-071906-014b73d21d
ot-tracer-spanid: 54b51e332520b56c

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 46
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"1de-pMeTeXRD1UJxKYXiJxqoxUtcIH8"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
cf-ray: 7ae71543cd4f0487-FRA
x-request-received-at: 1679914337977

POST
H3 200 graphql Show response
labs.guard.io/_/ 210 B
580 B 179ms
179ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a704f2ec882fdbfb9406c850912fc5002ac51f344ab31d0122fe87a0e7dcd6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 3042664be9504424
medium-frontend-path: /fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation: NewsletterV3ViewerEdge
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app: lite/main-20230327-071906-014b73d21d
apollographql-client-version: main-20230327-071906-014b73d21d
ot-tracer-spanid: 54b51e332520b56c

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 55
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"d2-rLIW/3oiRhnfOfXfhyC5ZieiJvY"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-095531-e2d7ff5519
cf-ray: 7ae71543cd510487-FRA
x-request-received-at: 1679914337968

POST
H3 200 graphql Show response
labs.guard.io/_/ 108 B
544 B 202ms
202ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 3042664be9504424
medium-frontend-path: /fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation: usePostPageMeterQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app: lite/main-20230327-071906-014b73d21d
apollographql-client-version: main-20230327-071906-014b73d21d
ot-tracer-spanid: 54b51e332520b56c

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 71
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"6c-I3CG28DxUiEEF9QH3iLEotaTHR8"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
cf-ray: 7ae71543cd520487-FRA
x-request-received-at: 1679914337978

POST
H3 200 graphql Show response
labs.guard.io/_/ 6 KB
3 KB 310ms
310ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac0a9f481658d0c59a9b23ff85188017c0bb8975036725cb094aaacdfcc1226e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 3042664be9504424
medium-frontend-path: /fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation: RecircSidebarQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app: lite/main-20230327-071906-014b73d21d
apollographql-client-version: main-20230327-071906-014b73d21d
ot-tracer-spanid: 54b51e332520b56c

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 161
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"1845-wDEpFZjYX+5LAVziatWcfNa8CkU"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
cf-ray: 7ae71543cd540487-FRA
x-request-received-at: 1679914337982

POST
H3 200 graphql Show response
labs.guard.io/_/ 27 B
419 B 154ms
154ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 3042664be9504424
medium-frontend-path: /fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation: ViewerQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app: lite/main-20230327-071906-014b73d21d
apollographql-client-version: main-20230327-071906-014b73d21d
ot-tracer-spanid: 54b51e332520b56c

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 23
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27
x-xss-protection: 0
server: cloudflare
etag: W/"1b-zcE2qsOE110W+7rHoTa9C+cwT68"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d
cf-ray: 7ae71543cd560487-FRA
x-request-received-at: 1679914337972

POST
H3 200 graphql Show response
labs.guard.io/_/ 96 B
533 B 194ms
194ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e543b82c6cc0cfab55e6bb56334d01ec7b92f0013095c489408297e6d72c515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 3042664be9504424
medium-frontend-path: /fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app: lite/main-20230327-071906-014b73d21d
apollographql-client-version: main-20230327-071906-014b73d21d
ot-tracer-spanid: 54b51e332520b56c

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 55
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"60-2wSuHVA8T5+3pVs7EdFV8t0CkCk"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-095531-e2d7ff5519
cf-ray: 7ae71543cd570487-FRA
x-request-received-at: 1679914337974

POST
H3 200 graphql Show response
labs.guard.io/_/ 103 B
511 B 229ms
229ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe013aaffd40c811e5c329e429d314d95f9a2b4a40efd75e3c2ca8b27448f86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 3042664be9504424
medium-frontend-path: /fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation: MaybeTextToSpeechQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app: lite/main-20230327-071906-014b73d21d
apollographql-client-version: main-20230327-071906-014b73d21d
ot-tracer-spanid: 54b51e332520b56c

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 105
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"67-jvhr4o5elefz0k1Jr7eD1bAd9sM"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d
cf-ray: 7ae71543dd7c0487-FRA
x-request-received-at: 1679914338044

GET
H3 200 9410.207f1d22.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 21ms
21ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9410.207f1d22.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb1ed19249c07f3ad9aa269ca1a0a5a41096960f35bddb839fbdad08767e3017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:17 GMT
x-amz-version-id: b8aj3gwm6vL2ggzrCpcbINd9fTj43ZJu
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GY2FGSRF1VA9017M
age: 885356
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xr1KXaeT3EFtZxqnwafTL5aRp0ioTXXF99Bry62UPS3Sr6GDikSBYs6K6HmagKspVdmSeQEV+8o=
last-modified: Fri, 14 Oct 2022 16:15:50 GMT
server: cloudflare
etag: W/"3597e61f2093f3a02a7f54ef5ab8a2fb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7154429739b70-FRA
expires: Tue, 26 Mar 2024 10:52:17 GMT

GET
H3 200 7749.84f2f188.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 7 KB
3 KB 22ms
21ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7749.84f2f188.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d5c1203e3eb0b39d54d649e3cb5a765a5d7f583f51d913a0e0f7aaa6cf2bc58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:17 GMT
x-amz-version-id: QEFZaWV4sZ7n4PeoZ91lI0iaXoadAvX.
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: XQZWARR1Z5NW300Y
age: 884841
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 7YleklXL1PgKhzO7GQYqzTD/iCp6MCwmi9uStF1IKWb2G9wpFCMqoppACVj2RweoAfg09hsXMps=
last-modified: Fri, 14 Oct 2022 16:15:47 GMT
server: cloudflare
etag: W/"6f6eb7ed01fd5a45ed59b9c9cf9c5967"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7154429769b70-FRA
expires: Tue, 26 Mar 2024 10:52:17 GMT

GET
H3 200 5631.3ff4ebf1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 26ms
25ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5631.3ff4ebf1.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3509c454b102f44e784622f3c20676a48a66b42cd9c674c59bf9f1c8a735f9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:17 GMT
x-amz-version-id: E0fdYBRUgj.w7TCBlHFbZcTkAAcRpROj
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 2HVH4A7FQ32XF19R
age: 276113
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hLVU1aLjMwICT9ym6hW5Eg0k48RbikpIKFJeF0cP5aftajmU9HVMgW4okEeRkuX40LSvI2nKNew=
last-modified: Fri, 14 Oct 2022 16:15:43 GMT
server: cloudflare
etag: W/"29dc281a8e3a362396ae180b39093fe4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae7154429789b70-FRA
expires: Tue, 26 Mar 2024 10:52:17 GMT

GET
H3 200 1878.73a360f3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 24ms
24ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1878.73a360f3.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

265526ce77f97d404aa19bc51556dceafed4c642c3eac315a0633db316b07257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:17 GMT
x-amz-version-id: SMExzDti7TSp_JFGZ8IKCQ32MHq2SPGi
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GY2APQ0XWPXXTDN4
age: 911469
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: I423zOUVPNsB5P59pZP4sgLuUxfwTE2BqFbb2QOihFvWX4Giwx2pqluRo25qDrC13OvaSp100Uc=
last-modified: Fri, 14 Oct 2022 16:15:35 GMT
server: cloudflare
etag: W/"4d19a85e9f379efaa0cc693a608cf96a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae71544297c9b70-FRA
expires: Tue, 26 Mar 2024 10:52:17 GMT

POST
H3 200 graphql Show response
labs.guard.io/_/ 81 B
496 B 142ms
142ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14630d61ff002f2fc564d00a080ba2cef7e0811be983a192549c43335b1d706e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 3042664be9504424
medium-frontend-path: /fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation: PostGiveTipOnExternalPlatformQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app: lite/main-20230327-071906-014b73d21d
apollographql-client-version: main-20230327-071906-014b73d21d
ot-tracer-spanid: 54b51e332520b56c

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 23
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"51-hbfNDSGVO0/XLJV9LgsKsOBLP4E"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d
cf-ray: 7ae715445e140487-FRA
x-request-received-at: 1679914338045

POST
H3 204 rum Show response
labs.guard.io/cdn-cgi/ 0
139 B 12ms
12ms XHR
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/cdn-cgi/rum?

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type: application/json

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://labs.guard.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7ae71544be8e0487-FRA

POST
H3 200 /
labs.guard.io/_/clientele/reports/performance/ 0
0 135ms
135ms Fetch
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5b51cc7a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, clientele/main-20230323-095621-5e670b79f5
x-envoy-upstream-service-time: 10
cf-ray: 7ae71545aff40487-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 200 /
labs.guard.io/_/clientele/reports/performance/ 0
0 141ms
141ms Fetch
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5b51cc7a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, clientele/main-20230323-095621-5e670b79f5
x-envoy-upstream-service-time: 19
cf-ray: 7ae71545aff60487-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 200 /
labs.guard.io/_/clientele/reports/performance/ 0
0 131ms
130ms Fetch
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5b51cc7a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
Medium-Clientele-Client: lite
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, clientele/main-20230323-095621-5e670b79f5
x-envoy-upstream-service-time: 12
cf-ray: 7ae71545affa0487-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2827
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 27 Mar 2023 12:05:11 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 72 KB
22 KB 43ms
8ms Script
text/javascript 108.138.17.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: labs.guard.io
URL: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282?gi=a47b99d2c87f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b435ccf90393f5a5829b1a4baa617535ddd7a79ce6afc18bec910a9850a465e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: BOMt_IsAkSHOHMzi5YYRwnohx2f0fLrn
content-encoding: gzip
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
date: Mon, 27 Mar 2023 10:50:34 GMT
last-modified: Fri, 17 Mar 2023 19:04:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 104
etag: "f2903cb492844599e93b4db0a3f540c1"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 22224
x-amz-cf-id: pTB_qbEZGMllu67m7KJCMgLqj1us2hXm07-gP1oXl1OO0rRqVxY9gA==

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 28 KB
28 KB 21ms
21ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/unbound.css
Origin: https://labs.guard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 4683836
x-envoy-upstream-service-time: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7ae715474bd835e6-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 26 Mar 2024 10:52:18 GMT

GET
H3 200 1*XL5QclUh4RwVmsq8szytzg.png
miro.medium.com/v2/resize:fill:20:20/ 1 KB
2 KB 33ms
32ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:20:20/1*XL5QclUh4RwVmsq8szytzg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8724e03987435c26bcb349f0dae558b524c11210bc93fc6504723524f14d582

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 242853
x-envoy-upstream-service-time: 65
content-disposition: inline; filename="1*XL5QclUh4RwVmsq8szytzg.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1442
x-request-id: ed961be6-bfda-4291-99dc-218f15e35436
sepia-upstream: medium
server: cloudflare
etag: "otqmLAd0vwSg8JnocfiFOlzcufMbpEtiQZGBgUclANM/RIjVjYmU1MDcyNTUyMWUxMWMxNTlhY2FiY2IzM2NhZGNlIg"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230303-101917-2bba7b0c9d
accept-ranges: bytes
cf-ray: 7ae715474ec39b70-FRA
expires: Tue, 26 Mar 2024 10:52:18 GMT

GET
H3 200 1*IPZF1hcDWwpPqOz2vL7NxQ.png
miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/ 8 KB
8 KB 26ms
24ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/1*IPZF1hcDWwpPqOz2vL7NxQ.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ae9114902b2ab33b092fbb3f9082924a72fe93924969932340e9fd54d16089b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 242853
x-envoy-upstream-service-time: 147
content-disposition: inline; filename="1*IPZF1hcDWwpPqOz2vL7NxQ.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7942
x-request-id: 428d4645-9689-44a3-af57-265cbc024176
sepia-upstream: medium
server: cloudflare
etag: "CEJCrFHfG4y6nbf_epJhcTgOn_SkbQA5Li5dB0M7VUE/RIjIwZjY0NWQ2MTcwMzViMGE0ZmE4ZWNmNmJjYmVjZGM1Ig"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230303-101917-2bba7b0c9d
accept-ranges: bytes
cf-ray: 7ae715475ec99b70-FRA
expires: Tue, 26 Mar 2024 10:52:18 GMT

GET
H3 200 1*7Gx_ANpQwUSZ2UfjVyH_lA.png
miro.medium.com/v2/resize:fill:20:20/ 1 KB
2 KB 28ms
26ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:20:20/1*7Gx_ANpQwUSZ2UfjVyH_lA.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2410eea0a29d1bdf77ec70bf2f53b0b77adfac2de33ca829943f758b12fdfb99

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 239879
x-envoy-upstream-service-time: 134
content-disposition: inline; filename="1*7Gx_ANpQwUSZ2UfjVyH_lA.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1314
x-request-id: c5c6ad86-72fd-4767-94cc-19781164cd75
sepia-upstream: medium
server: cloudflare
etag: "otqmLAd0vwSg8JnocfiFOlzcufMbpEtiQZGBgUclANM/RImVjNmM3ZjAwZGE1MGMxNDQ5OWQ5NDdlMzU3MjFmZjk0Ig"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ae715475ecb9b70-FRA
expires: Tue, 26 Mar 2024 10:52:18 GMT

GET
H3 200 0*Cu5IUVl2_TptGg46
miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/ 2 KB
2 KB 30ms
28ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/0*Cu5IUVl2_TptGg46

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7e8addc36fcc7ebabf0199ec910423b7044b25895211d993fb550956c76e9cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'
cf-cache-status: HIT
age: 27519
x-envoy-upstream-service-time: 284
content-disposition: inline; filename="0*Cu5IUVl2_TptGg46.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1854
x-request-id: 1dab6c49-dd2b-4fca-b32f-f8d2fc0dab7c
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "CEJCrFHfG4y6nbf_epJhcTgOn_SkbQA5Li5dB0M7VUE/RIjAwNmJkNzM2NjE5NzFiYTllMDljZDZkMTlhMmFlOTg1LTMi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230308-234401-14525b721d
accept-ranges: bytes
cf-ray: 7ae715475ecc9b70-FRA
expires: Tue, 26 Mar 2024 10:52:18 GMT

GET
H3 200 1*Wox5_BLPmTjbUu6ezWCkeQ.jpeg
miro.medium.com/v2/resize:fill:20:20/ 631 B
1 KB 31ms
29ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:20:20/1*Wox5_BLPmTjbUu6ezWCkeQ.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81f57e6fb25434f5eda588bdddaae55d343b285a28e4df5fdc5eed5646cdc5aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'
cf-cache-status: HIT
age: 229411
x-envoy-upstream-service-time: 140
content-disposition: inline; filename="1*Wox5_BLPmTjbUu6ezWCkeQ.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
x-request-id: 638527fa-136b-4450-b83f-57e995e5e0a6
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "otqmLAd0vwSg8JnocfiFOlzcufMbpEtiQZGBgUclANM/RIjVhOGM3OWZjMTJjZjk5MzhkYjUyZWU5ZWNkNjBhNDc5Ig"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230303-101917-2bba7b0c9d
accept-ranges: bytes
cf-ray: 7ae715475ecf9b70-FRA
expires: Tue, 26 Mar 2024 10:52:18 GMT

GET
H3 200 1*JS87GNJBlEXFq0ouMKzcIg.png
miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/ 2 KB
3 KB 37ms
36ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/1*JS87GNJBlEXFq0ouMKzcIg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10f6863941a69dacb051d913b6a6483a06d5fde434a689d9a0402d7d2abecc65

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 2097
x-envoy-upstream-service-time: 56
content-disposition: inline; filename="1*JS87GNJBlEXFq0ouMKzcIg.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2129
x-request-id: 924871fe-4f1f-4933-92c4-404575db5955
sepia-upstream: medium
server: cloudflare
etag: "CEJCrFHfG4y6nbf_epJhcTgOn_SkbQA5Li5dB0M7VUE/RIjI1MmYzYjE4ZDI0MTk0NDVjNWFiNGEyZTMwYWNkYzIyIg"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230308-234401-14525b721d
accept-ranges: bytes
cf-ray: 7ae715475ed29b70-FRA
expires: Tue, 26 Mar 2024 10:52:18 GMT

GET
H3 200 2*3vJU4sgGd_CmFQFl4wH6-Q.jpeg
miro.medium.com/v2/resize:fill:20:20/ 976 B
1 KB 21ms
20ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:20:20/2*3vJU4sgGd_CmFQFl4wH6-Q.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77bf5c7f91ff6aa8149d4793569cd79cfce03791cfe8632a2a88bc086b4d992

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'
cf-cache-status: HIT
age: 257823
x-envoy-upstream-service-time: 101
content-disposition: inline; filename="2*3vJU4sgGd_CmFQFl4wH6-Q.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 976
x-request-id: 3f566f91-5462-4303-9162-3aa54298ce25
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "otqmLAd0vwSg8JnocfiFOlzcufMbpEtiQZGBgUclANM/RIjJlNDI3Y2JjOTA5ODc3ODVhNzVmYjdlMWY4MDk0YzRiIg"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230308-234401-14525b721d
accept-ranges: bytes
cf-ray: 7ae715475ed39b70-FRA
expires: Tue, 26 Mar 2024 10:52:18 GMT

GET
H3 200 1*0fHUKyg3xtpNWpop35PR4g.png
miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/ 1 KB
2 KB 51ms
50ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:56:56/g:fp:0.5:0.5/1*0fHUKyg3xtpNWpop35PR4g.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a4fbe5c62f180ce9fd4679f55b696f7b6fbcd116bfd6c21a9de36b54266ccb

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
content-security-policy: script-src 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 178048
x-envoy-upstream-service-time: 105
content-disposition: inline; filename="1*0fHUKyg3xtpNWpop35PR4g.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1205
x-request-id: 40c2518f-aa6d-4834-afdb-0f4e44339bb6
sepia-upstream: medium
server: cloudflare
etag: "CEJCrFHfG4y6nbf_epJhcTgOn_SkbQA5Li5dB0M7VUE/RImQxZjFkNDJiMjgzN2M2ZGE0ZDVhOWEyOWRmOTNkMWUyIg"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230324-113241-2364650ba0
accept-ranges: bytes
cf-ray: 7ae715475ed49b70-FRA
expires: Tue, 26 Mar 2024 10:52:18 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2040363845&t=pageview&_s=1&dl=https%3A%2F%2Flabs.guard.io%2Ffakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282&ul=en-us&de=UTF-8&dt=%E2%80%9CFakeGPT%E2%80%9D%3A%20New%20Variant%20of%20Fake-ChatGPT%20Chrome%20Extension%20Stealing%20Facebook%20Ad%20Accounts%20with%20Thousands%20of%20Daily%20Installs%20%7C%20by%20Guardio%20%7C%20Mar%2C%202023%20%7C%20Medium&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=405724737&gjid=1568591481&cid=293863824.1679914338&tid=UA-24232453-2&_gid=1260397168.1679914338&_r=1&_slc=1&z=2008902830

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 10:52:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://labs.guard.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _r Show response
app.link/ 91 B
594 B 197ms
161ms Script
text/javascript 2600:9000:2057:f400:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.72.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:f400:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

78319da9bdcfdcead7c5784d6d5a97c837df7b561edd30f6096eb7a92c17b9ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
etag: W/"5b-apg9a/eCdybmVR60JXgZSmkS4/k"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: hQQPY33jxQaNvwSl54ofE00FIOKa-Gvvsmvfk_NcsTD3VrF4HoVqrQ==

GET
H3 200 4375.74282e94.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 28 KB
9 KB 20ms
20ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4375.74282e94.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fadd67e1ecf12bdd2fa18d6192d411068afd3f3cb4fd93d9a8a528070dd000d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
x-amz-version-id: owR.hxU0rBJTXzzupVwm1VjruWjwgtcc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: AYC83W2QB7WGCK84
age: 298134
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MQMo2SIiiSMUw6SsfMnkzmw6Rb80mzLACsyjLdD8F2ALk5qheUMhPREQDeYjB6SdfG5JQpjH3+U=
last-modified: Thu, 09 Mar 2023 23:38:51 GMT
server: cloudflare
etag: W/"3420452988d3d29e1f104bba04a2b232"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae71548b9019b70-FRA
expires: Tue, 26 Mar 2024 10:52:18 GMT

GET
H3 200 PostNextFiveStories.717a022a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 23ms
22ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostNextFiveStories.717a022a.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.476fcf85.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a1272ec4f1f3ab3e74bfe2a19dfe25699eac24a353376e10066aed4398a0acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
x-amz-version-id: OxlCq20Y1rLOfo1Wua.C2QAwvvEwwAIW
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GVFNERDHKA8XSC1P
age: 322354
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: TBcw/GAwoej/TN02NBv/unNx/lOQwcpe0RLOyC2JVZi/50aU+YaUhpusnNboLyJijlnRwDKGciE=
last-modified: Wed, 08 Mar 2023 22:09:08 GMT
server: cloudflare
etag: W/"35bd16f834c86aa992fb2c790b524670"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ae71548b9049b70-FRA
expires: Tue, 26 Mar 2024 10:52:18 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
692 B 203ms
162ms XHR
application/json 2600:9000:2491:dc00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:dc00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

493be524a68fbd0cbe74ab9dcab6eac7cc36641c1b394fb3a013985c4d602114

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 5dfe2ac1-11f4-4db6-bd0d-4536d07c549f-2023032710
content-length: 316
x-amz-cf-id: qzbCldOzgJh-JTZfHm09dUGyfyQNVW0oUTf9e_gqE-N7o-F11wE59A==

POST
H3 200 graphql Show response
labs.guard.io/_/ 22 KB
4 KB 286ms
286ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b3065ac1ce9da0df269379e7466e1f8678d240661090395e1dd163bab59726f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

apollographql-client-name: lite
medium-frontend-route: post
ot-tracer-sampled: true
accept-language: de-DE,de;q=0.9
ot-tracer-traceid: 3042664be9504424
medium-frontend-path: /fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
graphql-operation: PostNextFiveStoriesQuery
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
medium-frontend-app: lite/main-20230327-071906-014b73d21d
apollographql-client-version: main-20230327-071906-014b73d21d
ot-tracer-spanid: 54b51e332520b56c

Response headers

date: Mon, 27 Mar 2023 10:52:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-envoy-upstream-service-time: 134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
etag: W/"5698-w1n+On0D/YzE573PQggaFTcQtH8"
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4, rito/main-20230327-071906-014b73d21d, tutu/main-20230327-074114-8b0957d508
cf-ray: 7ae715493d2d0487-FRA
x-request-received-at: 1679914338849

POST
H2 200 profile Show response
api2.branch.io/v1/ 183 B
614 B 170ms
170ms XHR
application/json 2600:9000:2491:dc00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:dc00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

dacb564b84b555eadcd42605b04b29c664ee6433fd62eba870e700e58bc4e5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 Mar 2023 10:52:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"b7-hG7Dy3mBCiZAgmgNIGTlVkv5OQw"
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: d3ab6f98491741f39739ed943f218c45-2023032710
content-length: 183
x-amz-cf-id: bM_U9puTROEhai2C9s7vaYK2TwVFqq0zuA5DCsGmjPBEKJsmW2YBGw==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
434 B 323ms
323ms XHR
application/json 2600:9000:2491:dc00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:dc00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 Mar 2023 10:52:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: f0b614d0448f45c0b1c156451fccb057-2023032710
content-length: 28
x-amz-cf-id: 08elS4bqHVCoLpqc2QoOEGXvEZcgHaJq2IUsvdpnu5Z2MBWt_5i7Rw==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
434 B 177ms
177ms XHR
application/json 2600:9000:2491:dc00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/105.9e1f764a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:dc00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 Mar 2023 10:52:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 6c0af0afa7424e1badb9396dc89a8480-2023032710
content-length: 28
x-amz-cf-id: g0LzGCG0F77Bgq8xlXYP0dtGDw4v6Nzgo6XO0smBdyOSeHMNsEA92Q==

POST
H3 200 batch Show response
labs.guard.io/_/ 17 B
296 B 285ms
284ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.guard.io/_/batch

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.5b51cc7a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
x-xsrf-token: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type: application/json

Response headers

date: Mon, 27 Mar 2023 10:52:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
worker-missing-cookies: 0
vary: Accept-Encoding
content-type: application/json
medium-fulfilled-by: edgy/8.3.0, valencia/main-20230324-163351-2539dc1cc4
x-envoy-upstream-service-time: 153
cf-ray: 7ae7156149b80487-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.labs.guard.io/	1969-12-31 23:59:59	Name: __cfruid Value: 723365affd83b6a67732598792891601c3a84133-1679914335
.medium.com/	1970-01-20 19:25:36	Name: uid Value: lo_82b14224d996
.medium.com/	1970-01-20 19:25:36	Name: sid Value: 1:S9a/TIcsDucL4HkJcpepwsQkEiQ0SS9eLqXXtyM8rzJnKMt9ADK00fqJLDykJ1Ah
.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: 11f54436e6acce6efef205c89169c7f39cf01423-1679914336
labs.guard.io/	1970-01-20 19:25:36	Name: uid Value: lo_82b14224d996
labs.guard.io/	1970-01-20 19:25:36	Name: sid Value: 1:eZKWhDL/ceBaFZCenNOuOnHV5UguneoMEt7Pu6kVVCfzoEqu9FLmch3PpaVkfxlO
labs.guard.io/	1970-01-20 10:38:35	Name: _dd_s Value: rum=0&expire=1679915237616
.guard.io/	1970-01-20 20:14:34	Name: _ga Value: GA1.2.293863824.1679914338
.guard.io/	1970-01-20 10:40:00	Name: _gid Value: GA1.2.1260397168.1679914338
.guard.io/	1970-01-20 10:38:34	Name: _gat Value: 1
.app.link/	1970-01-20 19:24:10	Name: _s Value: g8IxwJwRPS7LPNDyAzn30%2Ffbiam0q941BpK8TobdjnO8ux8A%2BEcG6g%2FV5vNvBFsU

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
labs.guard.io
medium.com
miro.medium.com
static.cloudflareinsights.com
www.google-analytics.com
108.138.17.80
162.159.153.4
2600:1f18:24e6:b902:129b:52d8:409e:22a7
2600:9000:2057:f400:19:9934:6a80:93a1
2600:9000:2491:dc00:11:f728:3040:93a1
2606:4700:7::a29f:9904
2606:4700::6810:3965
2a00:1450:4001:82a::200e
0134174dae124a376b9eda4f9991d1719140f1dd5743f7039ecee84a9a1293d4
019b9549d1add8514876e9aaabb20c29e90fcbca7c08eb7962168c4a1ad163c1
02e9e1939e214dfa38c8eab94afca48043e7f00c46e95908662548a7d19819e1
03339318237f203c39972793a5232b2c94f3ea7a2c814641ae62660d8dd6e02b
0573eb7e1b3f0dbaad578ead6eb03bfbd6280ae5d9a2827ad95b260717410939
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
0d19349e1a7fc17631e75d4434c94ded800f5bcb8cf8e019abe59369b9e574e0
0daa86ae7a8d02fd70a8eed0aef1ab1fd2f012a85ec387c0887a7d943ef6f262
0e0fd5124a43543afad915b027f29bb84fddb17255673cbaaa1f9da33f049ae8
109305b83312289d5b5026f82598c22c14fc16fa6c973ddbe8e049b59b27ae98
10f6863941a69dacb051d913b6a6483a06d5fde434a689d9a0402d7d2abecc65
14630d61ff002f2fc564d00a080ba2cef7e0811be983a192549c43335b1d706e
15cc2881089acdd5534ce3ce3c3524b1c8fb0f51238e79a7d7c09ed2e300423f
160057a9ff13f4259bd4df4bb3dd3e2bc435e49b93f8a451ec818bc7e3c5c87b
1759305834cedeed5848075000d38fa180ea9461d26b6c2f7d1fe0dc41c37b87
17b661a486215879018ecdf2463102d385f2c4fb74558fd15582e9f4844523d3
1ae9114902b2ab33b092fbb3f9082924a72fe93924969932340e9fd54d16089b
1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e543b82c6cc0cfab55e6bb56334d01ec7b92f0013095c489408297e6d72c515
20a4fbe5c62f180ce9fd4679f55b696f7b6fbcd116bfd6c21a9de36b54266ccb
2410eea0a29d1bdf77ec70bf2f53b0b77adfac2de33ca829943f758b12fdfb99
262e375e9795bcba1e73546c02ce7ef5eb30067bce5a8a7c70e0a9e5ce5d6883
265526ce77f97d404aa19bc51556dceafed4c642c3eac315a0633db316b07257
2911927df6c0a93829e78411112c7814bc7b90ecb78c3656c43d501ce89a0a65
293cb36ca1c002f569bcbce51360a20745ce87b2e515be849d83d5269d7d2174
2f65625d4e5e602275192a263aa5829346dda4c0e91e269ba2804d9b78e9a961
32579933fa7409a851f4fed587cb4a19111bf097eb787ba275666500c1dc1596
3509c454b102f44e784622f3c20676a48a66b42cd9c674c59bf9f1c8a735f9a3
3931bd7f23bc38d81098698e191881070610cf3fdd333eab9d4a12afa969a31a
3fadd67e1ecf12bdd2fa18d6192d411068afd3f3cb4fd93d9a8a528070dd000d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
457c73fda826dc12d4ee8d563ddfbdb3971411032e4d661bd19a4420e6a8bcfb
4915cb0960fda9afe3b4d35b4e569e4944be7be81c2f7f30d16f88f4cbbf5eb6
493be524a68fbd0cbe74ab9dcab6eac7cc36641c1b394fb3a013985c4d602114
4a7798b932189586c10476725680d487c508de89bd1824df1b58d78e84af8430
4a96cae42b1009fa744e6e9d4149f69da1ad14892d80a57ca04f6b0e3f1d9e46
50a979f6e8a062abeacd9791b81cbedbe908659d6bc12d73f1102167bfc41937
5672352c6067919339803100571f773db22963c9a71b4a3e075f973655169dac
575be440fd61e4d3666cd1d027a88bca046ce1b2a4be3c49a4c192c6ebb02774
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a9538496fc598aef8185ce64a1416f66dbb480363eacd5466477f888985c161
6173a1b363b6bffdf4ec8d533f260644b17cc6f8a747f2d4f529795a3cdf0c04
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
6b435ccf90393f5a5829b1a4baa617535ddd7a79ce6afc18bec910a9850a465e
6c452648a5259b5db228427477a67b2605e4dea75b45024436e7899c9097f1fa
6d5c1203e3eb0b39d54d649e3cb5a765a5d7f583f51d913a0e0f7aaa6cf2bc58
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
78319da9bdcfdcead7c5784d6d5a97c837df7b561edd30f6096eb7a92c17b9ce
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
79055c5ced00aaa34cd82639689ff5e0a82479a77deaf5647bd5239839c6d7f4
7922cea637f271d76bc107e7955bbf5b89a4e757e19459c6575a4f11dc06e643
798ac101e9328c4c2c94e3901198733670dfa1a1d09440e94e74b85fb3fb94c9
7ed67da0bdabd16ddaca960a2ea253496cf4dd3526d30867a189704b11c6a467
81f57e6fb25434f5eda588bdddaae55d343b285a28e4df5fdc5eed5646cdc5aa
8b3065ac1ce9da0df269379e7466e1f8678d240661090395e1dd163bab59726f
8b75797cf449be117986913ab61b0fe44ab2aba98cd6fed86a319fab3fd3cd1e
8c4e5c4fd526522c11301d87d90cd21092dbef86faeb8bc73c2b53331cefdf8a
8c90145729c8ac298928c43206ddc0cbf770a05280b94e58b9fe033132927c81
93ec15dd15d0b36925c06e9cd208be62b2bd75010d9681c067867fc429b29d9f
987b520121ba6601b336c4173fd71afba7c979fec402177956f0b6f251e63a42
9a1272ec4f1f3ab3e74bfe2a19dfe25699eac24a353376e10066aed4398a0acc
a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542
a704f2ec882fdbfb9406c850912fc5002ac51f344ab31d0122fe87a0e7dcd6da
a7b32f55e453df9dafb38e1526d6df303dad3082f9c3af5d02e051d43cc3fb88
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
aabd7237fd06f6a0911f5161f31467fbdff9bdc6270c8400fb02b0e589926290
ac0a9f481658d0c59a9b23ff85188017c0bb8975036725cb094aaacdfcc1226e
ae4a152dbc443cb2190ebe669b3604fa97bae75f8012b0364ffb2ff2d4def713
b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b6c7af4cf38f7cf7c3f086b94b3c188b80a3cd014d34b6d090cea7ab1bb83013
b7a186a71840944885d3c455f4e3c5b73fcc575b75fcd91f4e111ea512e75b8f
bb1ed19249c07f3ad9aa269ca1a0a5a41096960f35bddb839fbdad08767e3017
be18a208d4e5e0c3f3343588333535ac1efad32afa983e2ce0d6c42a80fff5d3
c4a0cb6328126994438b5a127dc9d3bb890323c339df243cc9f19bc3bde40bfa
ca2b6c294049540bb3cf90a4425ee46c65a114fba4d1a91b0c76b644b95e4d2f
d1925453f0c7fcc73914d9ff411bbdc787a17639020213ab8e726c0238d6a0ec
d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213
d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee
d77bf5c7f91ff6aa8149d4793569cd79cfce03791cfe8632a2a88bc086b4d992
d7e8addc36fcc7ebabf0199ec910423b7044b25895211d993fb550956c76e9cc
d90d9b25e381a5dc97ed9e96eddb5928686281984682f25e32d6d4934890b15c
da15a28f3982706969212484d7424b3323813a5b44176f7da9d3bdc1a542fea4
dacb564b84b555eadcd42605b04b29c664ee6433fd62eba870e700e58bc4e5b1
de16b6ad8b62c74f785db80c6cda1da7b480899643c69e482b9c9ca62120aeaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53ebfbcc9c25748543c93340d2eb361c3fae51ae63261e01e54758703593afc
e80a252cee9dbd81949fcda2a31ee089bba091c13482d2a2044670c42920b619
e8724e03987435c26bcb349f0dae558b524c11210bc93fc6504723524f14d582
e895fe04d8b395643f30193ddbb235f7778a0e5bf38268950e4dab5b39d74f0b
e908bc0bd99283dd6f61e60a919c277a92763001d3c2d22f2253e4f902b09688
ec60da686bdb6ecb9649da974c150a9ac39b834b4340f02a25e5ea787ebdeff3
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f4b695c8d1f5f0104a278f86b5627f40af5eda69a11e2935afb9cd43ffb95139
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
fb77d553412e3911b30897a9a25388cc091cfa9fd87930852bc47dc5cd82757d
fe013aaffd40c811e5c329e429d314d95f9a2b4a40efd75e3c2ca8b27448f86d
ffb05d842097704d80ae4cbabc01da78700a238784dced37722a07c30236840a

labs.guard.io Open in urlscan Pro 162.159.153.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

100 %HTTPS

75 %IPv6

7 Domains

11 Subdomains

8 IPs

3 Countries

1121 kBTransfer

3254 kBSize

11 Cookies

63 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

labs.guard.io Open in urlscan Pro
162.159.153.4 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

1121 kB
Transfer

3254 kB
Size

11
Cookies

104 HTTP transactions
0 data transactions