gbhackers-com.cdn.ampproject.org Open in urlscan Pro
2a00:1450:4001:809::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Submission: On August 10 via api (August 10th 2022, 1:05:24 am UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 13 domains to perform 54 HTTP transactions. The main IP is 2a00:1450:4001:809::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is gbhackers-com.cdn.ampproject.org.
TLS certificate: Issued by GTS CA 1C3 on July 18th 2022. Valid for: 3 months.

This is the only time gbhackers-com.cdn.ampproject.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2011	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f00... 2a03:2880:f007:1:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
54	17

24 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gbhackers-com.cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2-wp-com.cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5-googleusercontent-com.cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4-googleusercontent-com.cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d-22344007212599137565.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3p.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f007:1:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4001:800::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ampproject.org gbhackers-com.cdn.ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 374 i2-wp-com.cdn.ampproject.org — Cisco Umbrella Rank: 275127 lh5-googleusercontent-com.cdn.ampproject.org — Cisco Umbrella Rank: 620710 lh4-googleusercontent-com.cdn.ampproject.org — Cisco Umbrella Rank: 714340	608 KB
5	googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 124	22 KB
5	ampproject.net d-22344007212599137565.ampproject.net 3p.ampproject.net — Cisco Umbrella Rank: 5433	16 KB
4	gstatic.com fonts.gstatic.com csi.gstatic.com	45 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 118	27 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	88 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	3 KB
2	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 1104
1	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 52	486 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	850 B
1	facebook.com web.facebook.com — Cisco Umbrella Rank: 239	3 KB
1	google.com adservice.google.com — Cisco Umbrella Rank: 98	587 B
1	wp.com pixel.wp.com — Cisco Umbrella Rank: 2171	126 B
54	13

	Domain	Requested by
17	cdn.ampproject.org	gbhackers-com.cdn.ampproject.org cdn.ampproject.org
4	tpc.googlesyndication.com
3	csi.gstatic.com
3	googleads.g.doubleclick.net	cdn.ampproject.org
3	d-22344007212599137565.ampproject.net	cdn.ampproject.org
3	connect.facebook.net	cdn.ampproject.org 3p.ampproject.net connect.facebook.net
3	fonts.googleapis.com	gbhackers-com.cdn.ampproject.org cdn.ampproject.org srcdoc
3	gbhackers-com.cdn.ampproject.org	gbhackers-com.cdn.ampproject.org
2	3p.ampproject.net	cdn.ampproject.org d-22344007212599137565.ampproject.net
2	lh5-googleusercontent-com.cdn.ampproject.org	gbhackers-com.cdn.ampproject.org
2	csp.withgoogle.com	gbhackers-com.cdn.ampproject.org
1	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	stats.g.doubleclick.net
1	www.google-analytics.com	1 redirects
1	www.googletagmanager.com	cdn.ampproject.org
1	web.facebook.com	connect.facebook.net
1	adservice.google.com	cdn.ampproject.org
1	pixel.wp.com	gbhackers-com.cdn.ampproject.org
1	lh4-googleusercontent-com.cdn.ampproject.org	gbhackers-com.cdn.ampproject.org
1	i2-wp-com.cdn.ampproject.org	gbhackers-com.cdn.ampproject.org
54	21

This site contains links to these domains. Also see Links.

Domain
gbhackers.com
kalilinuxtutorials.com
ethicalhackersacademy.com
en.wikipedia.org
blog.cyble.com
www.linkedin.com
twitter.com
www.facebook.com
api.whatsapp.com
line.me

Subject Issuer	Validity	Valid
misc-sni.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-19` - `2022-08-17`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Frame ID: 022F9454828032AB355ED188B4C975DE
Requests: 53 HTTP requests in this frame

Frame: https://d-22344007212599137565.ampproject.net/2207221643000/frame.html
Frame ID: 018062A94FD59E878C6EFE5A1BAA38DD
Requests: 4 HTTP requests in this frame

Frame: https://web.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17beb36f17aa3%26domain%3Dd-22344007212599137565.ampproject.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fd-22344007212599137565.ampproject.net%252Ff32ef1300eac328%26relation%3Dparent.parent&color_scheme=light&container_width=90&href=https%3A%2F%2Fgbhackers.com%2Fstegomalware-surge-attackers-using-file-video-image-others-to-hide-malware%2F&layout=button_count&locale=en_US&ref=&sdk=joey&share=false&show_faces=false&size=large
Frame ID: 8615B6C5D4E9E3DBB1E6D610E6509854
Requests: 1 HTTP requests in this frame

Frame: https://csp.withgoogle.com/csp/amp
Frame ID: 2FFCF5CDF632F6B4009B8A960E33E674
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Stegomalware Surge - Attackers Using File, Video, Image To Hide Malware

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

54
Requests

98 %
HTTPS

94 %
IPv6

13
Domains

21
Subdomains

17
IPs

5
Countries

813 kB
Transfer

1802 kB
Size

1
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: https://gbhackers.com/amp/
Title: GBHackers On Security

Search URL Search Domain Scan URL

URL: http://gbhackers.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/hacks/
Title: Hacks

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/data-breach/
Title: Data Breach

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/pci-dss-breach/
Title: PCI DSS Breach

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/crypto-attacks/
Title: Cryptocurrency hack

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/mobile-attacks/
Title: Mobile Attacks

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/password-cracking/
Title: Password Cracking

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/threatsattacks/
Title: THREATS

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/ddos/
Title: DDOS

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/malware/
Title: Malware

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/phish/
Title: Phishing

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/ransome/
Title: Ransomware

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/torjan/
Title: Torjan Horses/worms

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/virus/
Title: Viruses

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/hacks/cvevulnerability/
Title: CVE/vulnerability

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/pentesting/
Title: PENTEST

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/webapp/
Title: Webapp Pentesting

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/webapplication/
Title: OWASP – Top 10

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/network-penetration/
Title: Network Pentesting

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/android/
Title: Android Pentesting

Search URL Search Domain Scan URL

URL: https://gbhackers.com/kalitutorials/
Title: KALI

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/soc/
Title: SOC

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/siem/
Title: SIEM

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/architecture/
Title: SOC Architecture

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/resources/
Title: SOC Resources

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/infosec/
Title: Infosec

Search URL Search Domain Scan URL

URL: https://kalilinuxtutorials.com/
Title: TOOLS

Search URL Search Domain Scan URL

URL: https://gbhackers.com/hacking-course/
Title: Courses

Search URL Search Domain Scan URL

URL: https://ethicalhackersacademy.com/
Title: Courses

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Steganography
Title: Steganography

Search URL Search Domain Scan URL

URL: https://blog.cyble.com/2022/08/04/stegomalware-identifying-possible-attack-vectors/
Title: reports

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gbhackers/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/gbhackers_news
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gbhackersadmin
Title: Facebook

Search URL Search Domain Scan URL

URL: https://gbhackers.com/masscan-worlds-fastest-scanner/amp/
Title: Masscan - World's Fastest Scanner - Scan the Entire Internet in Under 6 Minutes »

Search URL Search Domain Scan URL

URL: https://gbhackers.com/hackers-exploiting-high-severity-zimbra-flaw-to-steal-email-account-credentials/amp/
Title: « Hackers Exploiting High-Severity Zimbra Flaw to Steal Email Account Credentials

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/malware/amp/
Title: Malware

Search URL Search Domain Scan URL

URL: https://gbhackers.com/tag/malware/
Title: Malware

Search URL Search Domain Scan URL

URL: https://twitter.com/balaji_gbh

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/

Search URL Search Domain Scan URL

URL: http://line.me/R/msg/text/?https://gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/

Search URL Search Domain Scan URL

URL: https://gbhackers.com/apt-hackers-target-govt-defense/amp/

Search URL Search Domain Scan URL

URL: https://gbhackers.com/malware-compromised-youtube-accounts/amp/

Search URL Search Domain Scan URL

URL: https://gbhackers.com/woody-rat-office-documents/amp/

Search URL Search Domain Scan URL

URL: https://gbhackers.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://gbhackers.com/category/technology/
Title: TECH NEWS

Search URL Search Domain Scan URL

URL: https://gbhackers.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://gbhackers.com/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://gbhackers.com/about-us/
Title: About Us

Search URL Search Domain Scan URL

URL: https://gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/
Title: View Non-AMP Version

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&true&_s=1&dt=Stegomalware%20Surge%20-%20Attackers%20Using%20File%2C%20Video%2C%20Image%20To%20Hide%20Malware&sr=1600x1200&cid=aefK59Kw6tbOSYrxOf54XIH-itWWHHqlTMunnQxa1oe9YAGfW9oPbww3vfmwpOHA&tid=UA-88811382-1&dl=https%3A%2F%2Fgbhackers.com%2Fstegomalware-surge-attackers-using-file-video-image-others-to-hide-malware%2Famp%2F&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.5075154859079081&gjid=0.9082304531412009&_r=1&a=1375&z=0.3252846273402128&gtm=2pu000 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88811382-1&cid=aefK59Kw6tbOSYrxOf54XIH-itWWHHqlTMunnQxa1oe9YAGfW9oPbww3vfmwpOHA&jid=0.5075154859079081&_v=a1&z=0.3252846273402128

54 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/ 101 KB
22 KB 212ms
116ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aae85d0c22a34dee9e71b7d0a2215632a10f5704a02c8a3df2ea86dace34443

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src 'sha256-0EzT5rjCdQIs7Zb99eHUlAOmKUanRXRrJoqJ+VYepto=' 'sha256-5CxqAdDXlHviOy7zxeRpMobzRK/JNpLvkS+k8Zj3L3A=' 'sha256-FIBGC/wl1Qfnh2Fb5NPFHmRty7BHJdDpWW1FZ8egppI=' 'sha256-UXYprBCAtnqoL5acf14iemip/+HI+gDFh92yyXkM3XI=' 'sha256-dKn2nAtwgzaaXC8ZM58hhldxNyeuu4qrzW4H9//9YMA=' 'sha256-i9nAf5M9USb+lB7ZtayKdAWymLU1MCklCTdsyXbMgCs=' 'sha256-wjUSvXYNfPUUTPZYrn4pOEcf2ecDdjd3N9Av3GDSwZw=' 'sha256-yAAlWuem9ue55JEvxkWhcWWA1Zu0p6cgbYtDWJjsdvs=' blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: https://gbhackers.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=60
content-encoding: br
content-length: 20340
content-security-policy: default-src * blob: data:; script-src 'sha256-0EzT5rjCdQIs7Zb99eHUlAOmKUanRXRrJoqJ+VYepto=' 'sha256-5CxqAdDXlHviOy7zxeRpMobzRK/JNpLvkS+k8Zj3L3A=' 'sha256-FIBGC/wl1Qfnh2Fb5NPFHmRty7BHJdDpWW1FZ8egppI=' 'sha256-UXYprBCAtnqoL5acf14iemip/+HI+gDFh92yyXkM3XI=' 'sha256-dKn2nAtwgzaaXC8ZM58hhldxNyeuu4qrzW4H9//9YMA=' 'sha256-i9nAf5M9USb+lB7ZtayKdAWymLU1MCklCTdsyXbMgCs=' 'sha256-wjUSvXYNfPUUTPZYrn4pOEcf2ecDdjd3N9Av3GDSwZw=' 'sha256-yAAlWuem9ue55JEvxkWhcWWA1Zu0p6cgbYtDWJjsdvs=' blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-type: text/html; charset=UTF-8
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-eng"
date: Wed, 10 Aug 2022 01:05:19 GMT
expires: Wed, 10 Aug 2022 01:05:19 GMT
last-modified: Wed, 10 Aug 2022 01:01:08 GMT
link: <https://cdn.ampproject.org/rtv/012207221643000/v0.mjs>; rel=preload; as=script; crossorigin=anonymous
nel: {"report_to":"nel","max_age":604800,"success_fraction":0.05}
report-to: {"group":"nel","max_age":604800,"endpoints":[{"url":"https://beacons.gcp.gvt2.com/nel/upload-nel"},{"url":"https://beacons.gvt2.com/nel/upload-nel"}]} {"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
server: sffe
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-page-speed: 0.9.10.99-9999
x-xss-protection: 0

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/rtv/012207221643000/ 221 KB
63 KB 48ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d44b7120bc89ff5888e1f79a988bd09e88288c9c9973fcd10588d0b44475e87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 540246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62971
x-xss-protection: 0
server: sffe
date: Wed, 03 Aug 2022 19:01:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3aeaf843fc7e0aa1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 19:01:13 GMT

GET
H2 200 amp-ad-network-adsense-impl-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 187 KB
51 KB 66ms
28ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-network-adsense-impl-0.1.mjs

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7122d2ea6721b21f14ab27a9d871aed66b8d6312b910aa2fbbfc6a24dc6b2d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 540243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51888
x-xss-protection: 0
server: sffe
date: Wed, 03 Aug 2022 19:01:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c4b603284b612606"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 19:01:16 GMT

GET
H2 200 amp-ad-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 74 KB
21 KB 47ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-0.1.mjs

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

298bc0963a884e7ebdff91f81d2cec25e143c174fd5063f6a3b9c12f2b0163eb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 540246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21026
x-xss-protection: 0
server: sffe
date: Wed, 03 Aug 2022 19:01:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f13b54cda3d12417"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 19:01:13 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 94 KB
28 KB 54ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28864
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14e9be8f3cf5efda"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 72 KB
16 KB 61ms
29ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-animation-0.1.mjs

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

924aace23e54fcf154a07509debd7336088b7546df4f6566062f477b6ed500a4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118031
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16646
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "662bf586d06a4736"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:08 GMT

GET
H2 200 amp-facebook-like-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 14 KB
5 KB 57ms
26ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-facebook-like-0.1.mjs

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6de68f8dda81ad747b06d66baae8eada6e508639dbeed71b03a2cdc4802e36a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 540171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5444
x-xss-protection: 0
server: sffe
date: Wed, 03 Aug 2022 19:02:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0bd7225a31ab04b9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 19:02:28 GMT

GET
H2 200 amp-position-observer-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 8 KB
3 KB 58ms
27ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-position-observer-0.1.mjs

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf367c5c86ea251f94b495b3714e2f4235cb0ac4da70cf243db0b73efa036a2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 540243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3096
x-xss-protection: 0
server: sffe
date: Wed, 03 Aug 2022 19:01:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d588f5e424cec1ce"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 19:01:16 GMT

GET
H2 200 amp-sidebar-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 25 KB
8 KB 63ms
31ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-sidebar-0.1.mjs

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13857df7ad8533fe15de0eed09d39c2888440ba6a604cc7b459b4c73318a37df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 540244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8246
x-xss-protection: 0
server: sffe
date: Wed, 03 Aug 2022 19:01:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "05bf19388a3f2a28"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 19:01:15 GMT

GET
H2 200 amp-social-share-latest.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 12 KB
4 KB 55ms
24ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-social-share-latest.mjs

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194ec37f605bf83fe6c3e880654b45503ca4db10b66dc21631739e377b0062a4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 540246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4303
x-xss-protection: 0
server: sffe
date: Wed, 03 Aug 2022 19:01:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e44618109ac7e19c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 19:01:13 GMT

GET
H2 200 amp-user-notification-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 8 KB
3 KB 63ms
32ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-user-notification-0.1.mjs

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b75dbe84c83dfc89fe8cca5654fc5983990fb9ed415de691e452df028b4c57

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 540235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3032
x-xss-protection: 0
server: sffe
date: Wed, 03 Aug 2022 19:01:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a896b1816905bb84"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 19:01:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 41ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,400italic,700,700italic&display=optional

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a957e731dc9a2f6aa5439070945adb1b92e70ea8273d7bbc474a5137b1b16594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 00:45:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 10 Aug 2022 01:05:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Aug 2022 01:05:19 GMT

GET
H2 200 Stegomalware%20Surge%20-%20Attackers%20Using%20File,%20Video,%20Image%20&%20Others%20to%20Hide%20Malware%20(1).png
i2-wp-com.cdn.ampproject.org/i/s/i2.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMPydlzm1VB8pv2DYooMGIS-EmGtUPAoLVOEJeGknuwcpIEoEBtTNTBAbM5Fz8uRHnrffi2YJIKqMrhYvQIoM0IEAiUd5oZj9QPetdF... 15 KB
15 KB 107ms
44ms Image
image/avif 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-wp-com.cdn.ampproject.org/i/s/i2.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMPydlzm1VB8pv2DYooMGIS-EmGtUPAoLVOEJeGknuwcpIEoEBtTNTBAbM5Fz8uRHnrffi2YJIKqMrhYvQIoM0IEAiUd5oZj9QPetdFU4iMvfMIZ7cRyJZlMQmC42DxlK-9wg-6lih350ZpETDUMPy8kTwRKDDi5s3_s-KgBtGZBaCbDaBK2pX7vwUUA/s16000/Stegomalware%20Surge%20-%20Attackers%20Using%20File,%20Video,%20Image%20&%20Others%20to%20Hide%20Malware%20(1).png?w=700&ssl=1

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70f8b7276a2ea3e970fc28268df17b67e7576b62f998fac7ac4d1499c99bda4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15603
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 20:28:48 GMT
server: sffe
date: Wed, 10 Aug 2022 01:05:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
content-type: image/avif
vary: Accept, Origin
cache-control: private, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-eng"
expires: Wed, 10 Aug 2022 01:05:19 GMT

POST
H2 204 amp
csp.withgoogle.com/csp/ 0
0 625ms
599ms Other
text/html 2a00:1450:4001:82a::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/amp
Requested by: Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
DATA 200
OK truncated
/ 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60e7d3d3b27388f5e2342f465e7e2f7cc041e5e2898fb2a59f523d62f65b74b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Merriweather-Regular.ttf
gbhackers-com.cdn.ampproject.org/r/s/gbhackers.com/wp-content/plugins/accelerated-mobile-pages/templates/design-manager/design-1/fonts/ 108 KB
108 KB 38ms
37ms Font
application/x-font-ttf 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers-com.cdn.ampproject.org/r/s/gbhackers.com/wp-content/plugins/accelerated-mobile-pages/templates/design-manager/design-1/fonts/Merriweather-Regular.ttf

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b96cf372e58cf65f0d2b71f63c13d4612bdd92bd69a2528c2df139a702387163

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110188
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 09:27:42 GMT
server: sffe
date: Wed, 10 Aug 2022 01:05:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-eng"
expires: Wed, 10 Aug 2022 01:05:19 GMT

GET
H2 200 Merriweather-Bold.ttf
gbhackers-com.cdn.ampproject.org/r/s/gbhackers.com/wp-content/plugins/accelerated-mobile-pages/templates/design-manager/design-1/fonts/ 108 KB
108 KB 43ms
43ms Font
application/x-font-ttf 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers-com.cdn.ampproject.org/r/s/gbhackers.com/wp-content/plugins/accelerated-mobile-pages/templates/design-manager/design-1/fonts/Merriweather-Bold.ttf

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a20efeb90321fcb1f52eece95252fab023ab68d919123783399ec55dac82d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110212
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 14:22:59 GMT
server: sffe
date: Wed, 10 Aug 2022 01:05:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-eng"
expires: Wed, 10 Aug 2022 01:05:19 GMT

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eac1eb0b7857697a7d9f1efb2ab0ca6c0bcc837ef5c63c7d19301fa60e7e8537

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edbad0bb6c295ef085bda449a2f216432e3b23c1519b6b041166578d966b115c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffc2867f77fc193c5ec39525fc4cbe4589c7f326694f588605c9e4284e3a56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97415e44b4afaba192d785b822600b5ac16baa3b285fb01c9c261075c18bc726

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f34b0007d57fe6234d8cbe40385e9260829ad887c785e043d586be9ad192c69

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe1db5ec75bb73e75d24b8a345ddc4246f1a9c3144f90e7db34c355dd5655f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 XOrtti9lWcOE6edhUDvKSZDdaf6M9r2yYZYRZQJZozR9iK0YFfA82gIXfwr9vYPSX6mkoH5fXTKhnayYjCZQQTgutnby-s8NUaO8YFeG_qycZ7W9BCWzWPXAGZ3A5gc11poPgOP7669EbBdXP9V7YTI
lh5-googleusercontent-com.cdn.ampproject.org/i/s/lh5.googleusercontent.com/ 6 KB
6 KB 133ms
71ms Image
image/avif 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5-googleusercontent-com.cdn.ampproject.org/i/s/lh5.googleusercontent.com/XOrtti9lWcOE6edhUDvKSZDdaf6M9r2yYZYRZQJZozR9iK0YFfA82gIXfwr9vYPSX6mkoH5fXTKhnayYjCZQQTgutnby-s8NUaO8YFeG_qycZ7W9BCWzWPXAGZ3A5gc11poPgOP7669EbBdXP9V7YTI

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90b2fef67a613192309718aaa2eb1e4770d7335fbc3c6ca66bd58c3c4b9b772c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5925
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 00:43:51 GMT
server: sffe
date: Wed, 10 Aug 2022 01:05:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
content-type: image/avif
vary: Accept, Origin
cache-control: private, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-eng"
expires: Wed, 10 Aug 2022 01:05:19 GMT

GET
H2 200 SwSvGrkQXbES31djDvtXK8xBFh5fwK3Yd5zVzoEcMDxBchQ7Qw4jV2XE7NYeHTTemUr6GopECQT4W-sY4k140Nnyk7NyyCA4rQvUu0_VKlViv6R1f_DuEzniTE44O3xYdA1A5FdnOfvqVjTYqM1JlCE
lh4-googleusercontent-com.cdn.ampproject.org/i/s/lh4.googleusercontent.com/ 51 KB
51 KB 59ms
44ms Image
image/avif 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4-googleusercontent-com.cdn.ampproject.org/i/s/lh4.googleusercontent.com/SwSvGrkQXbES31djDvtXK8xBFh5fwK3Yd5zVzoEcMDxBchQ7Qw4jV2XE7NYeHTTemUr6GopECQT4W-sY4k140Nnyk7NyyCA4rQvUu0_VKlViv6R1f_DuEzniTE44O3xYdA1A5FdnOfvqVjTYqM1JlCE

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d1bf14e653ac18f74d0756b007529fa0db185b381ea864d3393d65b52b42c7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52391
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:47:28 GMT
server: sffe
date: Wed, 10 Aug 2022 01:05:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
content-type: image/avif
vary: Accept, Origin
cache-control: private, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-eng"
expires: Wed, 10 Aug 2022 01:05:19 GMT

GET
H2 200 y5ZC4sxGILx6BO8231IOkYo92uc_dSieDbUjJ2Kf8AT8ZvM_FIVr0NkGQ_kd3iz9OQYRBVG0kC3oWQtIZjkRSNFVAbgtu2CwjyHPD967VKMRTwQeWE7D48O0C70ezNBInLM9LriKX2y2ZOI_Il2RxzA
lh5-googleusercontent-com.cdn.ampproject.org/i/s/lh5.googleusercontent.com/ 51 KB
52 KB 150ms
88ms Image
image/avif 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5-googleusercontent-com.cdn.ampproject.org/i/s/lh5.googleusercontent.com/y5ZC4sxGILx6BO8231IOkYo92uc_dSieDbUjJ2Kf8AT8ZvM_FIVr0NkGQ_kd3iz9OQYRBVG0kC3oWQtIZjkRSNFVAbgtu2CwjyHPD967VKMRTwQeWE7D48O0C70ezNBInLM9LriKX2y2ZOI_Il2RxzA

Requested by

Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72387f171eea989063847803b2d5789de079f476194f8a369038093bcd8a8be3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52671
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 01:01:47 GMT
server: sffe
date: Wed, 10 Aug 2022 01:05:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
content-type: image/avif
vary: Accept, Origin
cache-control: private, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-eng"
expires: Wed, 10 Aug 2022 01:05:19 GMT

GET
H3 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 7 KB
3 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c227fbf1e5b4a0fa0908cc8471e523df3fa25a82e1a1a0825198c77cf5262e14

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 540246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2835
x-xss-protection: 0
server: sffe
date: Wed, 03 Aug 2022 19:01:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ffa9d34afbace805"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 19:01:13 GMT

GET
H2 200 sdk.js
connect.facebook.net/en_US/ 3 KB
2 KB 27ms
9ms Other
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d84ec7d6f279c211cdd1472922240d3608574f55b2951c1c94f585c96ea24bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kAf3itJqJswsbOPCr/t6kQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: /Vd7fvPcSxDAjEC2R8gNtln+LHMZ/yeQdVuDEGuouqOn18t3CvV10Dx9v4jD6RmOButO9H3cdFHjr4JOG2oqCg==
x-fb-trip-id: 686109401
x-fb-content-md5: a03c7fd77fdb1be12a54016b9dd85127
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 10 Aug 2022 01:05:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "dca90d9fa4086f054abb9555d3e05009"
timing-allow-origin: *
expires: Wed, 10 Aug 2022 01:19:02 GMT

GET
H2 200 frame.html
d-22344007212599137565.ampproject.net/2207221643000/ 0
0 78ms
16ms Other
text/html 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-22344007212599137565.ampproject.net/2207221643000/frame.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 facebook.mjs
3p.ampproject.net/2207221643000/vendor/ 22 KB
8 KB 68ms
8ms Other
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3p.ampproject.net/2207221643000/vendor/facebook.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19906e30c92b24fb1101b71e282722d957b89e54dbed2258dccc831b5b5e6bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 06 Aug 2022 09:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7597
x-xss-protection: 0
last-modified: Sat, 23 Jul 2022 08:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Aug 2023 09:27:58 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
126 B 38ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.4.3&blog=116523949&post=54317&tz=0&srv=gbhackers.com&host=gbhackers.com&rand=0.6294751755526036&ref=
Requested by: Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Aug 2022 01:05:19 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 666df6b58ed258a39995d5a62841b537e67860d4b0a11096f0b2366e661571d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 12 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

857bdb8e2ba2b971af964d3c4fafb96c572b43295907da0acb7dc9bd292d6262

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 540241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3835
x-xss-protection: 0
server: sffe
date: Wed, 03 Aug 2022 19:01:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4be1e1546fa0c306"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 19:01:18 GMT

GET
H2 200 frame.html Show response
d-22344007212599137565.ampproject.net/2207221643000/ Frame 0180 507 B
773 B 57ms
15ms Document
text/html 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d-22344007212599137565.ampproject.net/2207221643000/frame.html

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-facebook-like-0.1.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a0c65f7421bf10b159566bb03e6584a97d65e757b129a7baaac7a14534a277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: br
content-length: 216
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 01:05:19 GMT
expires: Thu, 10 Aug 2023 01:05:19 GMT
last-modified: Sat, 23 Jul 2022 08:28:00 GMT
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
587 B 41ms
18ms Fetch
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=gbhackers.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Aug 2022 01:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin: https://gbhackers-com.cdn.ampproject.org
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0

GET
H2 200 nameframe.html
d-22344007212599137565.ampproject.net/2207221643000/ 0
0 55ms
23ms Other
text/html 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-22344007212599137565.ampproject.net/2207221643000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 amp-lightbox-gallery-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 56 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-lightbox-gallery-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fede9b6aae0574b268b02e80b6751427ab3033ac48561304568708db50f4a898

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 540243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16799
x-xss-protection: 0
server: sffe
date: Wed, 03 Aug 2022 19:01:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b67d7fc2df9b017e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 19:01:16 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ 38 KB
11 KB 463ms
439ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&format=300x250&w=300&h=250&ptt=12&iu=3408087399&adk=2166028470&output=html&bc=7&pv=2&wgl=1&asnt=0-10704295372307519305&dff=Merriweather%2C%20%22Times%20New%20Roman%22%2C%20%22Times%2C%20Serif%22&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=1&pfx=0&adf=3124722825&nhd=0&adx=650&ady=76&oid=2&aexp=1002!1102&is_amp=3&amp_v=2207221643000&d_imp=1&c=541993001375&ga_cid=aefK59Kw6tbOSYrxOf54XIH-itWWHHqlTMunnQxa1oe9YAGfW9oPbww3vfmwpOHA&ga_hid=1375&dt=1660093519639&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fgbhackers.com%2Fstegomalware-surge-attackers-using-file-video-image-others-to-hide-malware%2F&loc=https%3A%2F%2Fgbhackers-com.cdn.ampproject.org%2Fc%2Fs%2Fgbhackers.com%2Fstegomalware-surge-attackers-using-file-video-image-others-to-hide-malware%2Famp%2F&bdt=249&dtd=39&__amp_source_origin=https%3A%2F%2Fgbhackers.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b35948c8aa479d6a99cbefa25db0fabc837d88af9688b326dc283017ad59acf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 01:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: nameframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9640
x-xss-protection: 0
amp-fast-fetch-signature: google:1:mfVbgRRCgzKo/En/WgJjbSUTFkJonKE5oBfFsW20i0+mvgy2TU1CpVLNlgS2MGEHDOXQlRN1kdpep5behEa6eKh2F+HgHzRFOg96+hS8svZ7H7UE56iuXpG3oYYMXaAg7j4ZSV/44ki+kwlWi+y7Wj5FOaNTkD1Ri1yX2GTxrAdWSuiR7oGJ0woKm6TvyqkwJKbETgdjbJ3CAnFPC77uSJDiUVlGbH4exuNbPHSdprZcgIHaZTXJveX7ItmXrt6JZNq/3jpdozLJdmSqJ93uSZGeRgzIUxUS25cy2TGNy8Ue9QkDlx+yYuUQCA9cQKwdp7dAdDELHwqqcj2pBMgy1w==
x-ampanalytics: {"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssk1tTdXYhTGALM08j844E4OSI7M97ML622fFDXCmGKG6naqZQErMwS3M-X1ndU1fxHsjNZVZJi8ATAWuWu-AaI-CzBQ6Fhfi4W4sAEEooJSw53yanIl7NrF3g9OsxGIOwNeDwQc82LWxGd\u0026sai=AMfl-YQVflDRXk_MLpGeJ5WXyW6ce05jIh_NHPjU8N1XJ9hHuXERtEp3anQ4Zs7lxX-KV1NhPbrD7bsDGImE\u0026sig=Cg0ArKJSzEYo88pBPsEDEAE\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=2166028470"],"btrUrl":[]}
x-qqid: CPLfpaSKu_kCFUNw4AodDKEAJg
amp-access-control-allow-source-origin: https://gbhackers.com
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://gbhackers-com.cdn.ampproject.org
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-QQID,amp-ff-sandbox,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 10 Aug 2022 01:05:20 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ 34 KB
16 KB 449ms
426ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&format=300x250&w=300&h=250&ptt=12&iu=6361553794&adk=1393248651&output=html&bc=7&pv=1&wgl=1&asnt=0-29316961751825200636&dff=Merriweather%2C%20%22Times%20New%20Roman%22%2C%20%22Times%2C%20Serif%22&prev_fmts=300x250&prev_slotnames=3408087399&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&adf=505013372&nhd=0&adx=650&ady=4544&oid=2&aexp=1002!1102&is_amp=3&amp_v=2207221643000&d_imp=1&c=541993001375&ga_cid=aefK59Kw6tbOSYrxOf54XIH-itWWHHqlTMunnQxa1oe9YAGfW9oPbww3vfmwpOHA&ga_hid=1375&dt=1660093519641&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fgbhackers.com%2Fstegomalware-surge-attackers-using-file-video-image-others-to-hide-malware%2F&loc=https%3A%2F%2Fgbhackers-com.cdn.ampproject.org%2Fc%2Fs%2Fgbhackers.com%2Fstegomalware-surge-attackers-using-file-video-image-others-to-hide-malware%2Famp%2F&bdt=251&dtd=39&__amp_source_origin=https%3A%2F%2Fgbhackers.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce0edd136d606479850b49f2613b60f033b804366fe4c42ffeb188635333df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 01:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: nameframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
amp-fast-fetch-signature: google:1:ODO3TXH8yY7NtJ4LAyKJsC+OisMp2n3G5mkvDiXnbK5uTEdZ3KQoAtdXXe8+ACLaiHLBepPSoyXwknaYGvm2uR2lgNEnDNwmLS71V6DDNGou37ortId9D1s2QIlw85I3fQyl3Tpq1pT71fFGaLwtNwM9DVSimF+uqj0VnLn4m953L3sayKgBH24zCRkJQCkIYSMmdQYW7tQFNrSmrt4yKVczIn4TvxEBun21WpXduylN3TkDgy56pO7BJf8sZtlaxUqd1Hj+JyH3eajuyOI1NrgMmSnW+7Eqrp8vFT99rNRCZmtmOFqq2ge833nFaFEU4jcuHm9uGxf0kTzTNbDQSA==
x-ampanalytics: {"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCSCE_Q2Arh2QE9oYdY5OLx3rt-3AZDfSiU5zGqqgWE8ZBG-l2EQNvono3Yc8FPz63XQHGbhAOj3wu7Gwgyg7p0pis0SOxwI3B1-c_SMkQDiqv2f2nnaG-LaeGhigOq2dcnXMXchLVlx_y\u0026sai=AMfl-YQpZ9ReSmWAoZBuMdTL5hcaZPqUZadYmtgMjN1hhz9eMruoeJoAA8WU_ctiQWgASlkmNUkTSd6aPb_-\u0026sig=Cg0ArKJSzB_wws9b6Q4-EAE\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=1393248651"],"btrUrl":[]}
x-qqid: CMrspaSKu_kCFVNk4AodHX0EVQ
amp-access-control-allow-source-origin: https://gbhackers.com
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://gbhackers-com.cdn.ampproject.org
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-QQID,amp-ff-sandbox,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 10 Aug 2022 01:05:20 GMT

GET
H3 200 facebook.mjs Show response
3p.ampproject.net/2207221643000/vendor/ Frame 0180 22 KB
7 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3p.ampproject.net/2207221643000/vendor/facebook.mjs

Requested by

Host: d-22344007212599137565.ampproject.net
URL: https://d-22344007212599137565.ampproject.net/2207221643000/frame.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19906e30c92b24fb1101b71e282722d957b89e54dbed2258dccc831b5b5e6bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-22344007212599137565.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 06 Aug 2022 09:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7597
x-xss-protection: 0
last-modified: Sat, 23 Jul 2022 08:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Aug 2023 09:27:58 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 0180 3 KB
2 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: 3p.ampproject.net
URL: https://3p.ampproject.net/2207221643000/vendor/facebook.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d84ec7d6f279c211cdd1472922240d3608574f55b2951c1c94f585c96ea24bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d-22344007212599137565.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kAf3itJqJswsbOPCr/t6kQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: /Vd7fvPcSxDAjEC2R8gNtln+LHMZ/yeQdVuDEGuouqOn18t3CvV10Dx9v4jD6RmOButO9H3cdFHjr4JOG2oqCg==
x-fb-content-md5: a03c7fd77fdb1be12a54016b9dd85127
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 10 Aug 2022 01:05:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "dca90d9fa4086f054abb9555d3e05009"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 10 Aug 2022 01:19:02 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 0180 297 KB
84 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=9cbe312ef47122630db8e43f97a95f58

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d88f9f50bf6f2a412f50881d24c274ac661fb2c072e29adb5691b60c3877db92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://d-22344007212599137565.ampproject.net/
Origin: https://d-22344007212599137565.ampproject.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: CinjW24Oo5A6vP1wh//tDw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86403
x-fb-rlafr: 0
x-fb-debug: ejpPJzohIYZb5g76arOkmTIwOYlulyUa59KyI9ElVnNzVz7mnlU2uUyaJfsXoH4WXf5Tr0mOJoYzbPqWbFDSiA==
x-fb-content-md5: 19dfeaebecc1ccf788a265917e6fd07a
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 10 Aug 2022 01:05:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7496a8b327080f96a82684a0f74805e7"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 09 Aug 2023 16:38:20 GMT

GET
H2 200 like.php Show response
web.facebook.com/v2.5/plugins/ Frame 8615 0
3 KB 72ms
44ms Document
text/html 2a03:2880:f007:1:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17beb36f17aa3%26domain%3Dd-22344007212599137565.ampproject.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fd-22344007212599137565.ampproject.net%252Ff32ef1300eac328%26relation%3Dparent.parent&color_scheme=light&container_width=90&href=https%3A%2F%2Fgbhackers.com%2Fstegomalware-surge-attackers-using-file-video-image-others-to-hide-malware%2F&layout=button_count&locale=en_US&ref=&sdk=joey&share=false&show_faces=false&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9cbe312ef47122630db8e43f97a95f58

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:1:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d-22344007212599137565.ampproject.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 10 Aug 2022 01:05:19 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: /zGwWg3qtMuitMWS+a8JuCkMHoLvDfilrgsIpKGYt2//DRqKBYo22Pjs+BKSm3UI1lKXiQXndbnqvJXwwpSgIw==
x-xss-protection: 0

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012207221643000/v0/analytics-vendors/ 2 KB
931 B 8ms
8ms Fetch
application/json 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 540243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 901
x-xss-protection: 0
server: sffe
date: Wed, 03 Aug 2022 19:01:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4b6ddd49348c64a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 19:01:16 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 692 B
850 B 41ms
16ms Fetch
application/json 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fgbhackers.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b07598ab95725307430f7187cbd93a2f202c9c53e11507b9eb9b0a51e7862044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Wed, 10 Aug 2022 01:05:19 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 284
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://gbhackers.com
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gbhackers-com.cdn.ampproject.org
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&true&_s=1&dt=Stegomalware%20Surge%20-%20Attackers%20Using%20File%2C%20Video%2C%20Image%20To%20Hide%20Malware&sr=1600x1200&cid=aefK59Kw6tb...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88811382-1&cid=aefK59Kw6tbOSYrxOf54XIH-itWWHHqlTMunnQxa1oe9YAGfW9oPbww3vfmwpOHA&jid=0.5075154859079081&_v=a1&z=0.3252846273402128

35 B
430 B

62ms
21ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88811382-1&cid=aefK59Kw6tbOSYrxOf54XIH-itWWHHqlTMunnQxa1oe9YAGfW9oPbww3vfmwpOHA&jid=0.5075154859079081&_v=a1&z=0.3252846273402128

Protocol

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 10 Aug 2022 01:05:20 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Aug 2022 01:05:19 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88811382-1&cid=aefK59Kw6tbOSYrxOf54XIH-itWWHHqlTMunnQxa1oe9YAGfW9oPbww3vfmwpOHA&jid=0.5075154859079081&_v=a1&z=0.3252846273402128
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 427
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 14 KB
5 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5196
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc8caad49b08d8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 5 KB
2 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcd376918b45715d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 40 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd6c62727a90c1dd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:05 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 38ms
19ms Other
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 00:20:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 10 Aug 2022 01:05:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Aug 2022 01:05:20 GMT

POST
H3 204 amp
csp.withgoogle.com/csp/ Frame 2FFC 0
0 134ms
116ms Other
text/html 2a00:1450:4001:82a::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/amp
Requested by: Host: gbhackers-com.cdn.ampproject.org
URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame 2FFC 5 KB
667 B 25ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 00:21:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 10 Aug 2022 01:05:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Aug 2022 01:05:20 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14901089852885037741/ Frame 2FFC 3 KB
3 KB 46ms
8ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14901089852885037741/downsize_200k_v1?w=100&h=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6364a43008373fe0446d237ae05ba78e12e854ea4ba10e22823e390d086f1693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 07:02:49 GMT
x-content-type-options: nosniff
age: 151351
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2979
x-xss-protection: 0
last-modified: Fri, 27 Aug 2021 12:48:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 07:02:49 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6528039975527766319/ Frame 2FFC 14 KB
15 KB 46ms
9ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6528039975527766319/downsize_200k_v1?w=400&h=209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b3f9e0eec5b585b86c19bc175b155922daf524f542bba4703c5d1675e0f01b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 07:15:24 GMT
x-content-type-options: nosniff
age: 150596
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14771
x-xss-protection: 0
last-modified: Fri, 06 Mar 2020 14:22:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 07:15:24 GMT

GET
DATA 200
OK truncated
/ Frame 2FFC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e8ca124d4d79e7145843a06f49a0761faf6535ea190728c3ae189a7e012d21a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2FFC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2FFC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37606a72c482460fd0d7d3f4fa7e15e87c7251cb175b95db32eea64b6907d365

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 2FFC 44 KB
44 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers-com.cdn.ampproject.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 91991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 23:32:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2FFC 0
0 70ms
54ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/adview?ai=CzWvfTwTzYrL8K8PggQeMwoKwAo3-xvBoqcKLirkIg-iniOQgEAEgiqr2QmCV8p-CsAegAcixqc0DyAEBqAMByANKqgSdAk_QuhmWzZQCGZ8uDall7hlT0dfJvx-at3Ogfjf0eOjuQjhU9e3QRiW8A7GeDYVZVJIL5x866xUpqbEy4-rHl3sdgRJiGAE8XgI8mZzIYkNogPY3cuNj8Lw7tEb1KgpUHIkM7qx1oNOaqOV-XNdF17KrqFJrcoXjBvZNLSteYOHps-KU6ZpGKyQerUnEdU4GSK9T8HDaT0nwJ4Yv0kcwJTlxzgYlEQEHLgJwgQCzv5nwYuS7VsY9T5qUkRRNjgUeWlgygMFVYB-8K0M1dQTf27Z2W9J92GJSiK3OvMu6rvX9lLw40hEM2yeS3nkFSVBGG6EhHHWA8-KwpqQ4cxx_2nY4QX6aMthH2E3US07wX6w9tGNl7B8BJiVAR1mIJcAE0fb5neQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-Tq4jWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCy8RPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUFtAVAYAXAbIXHAoaCAASFHB1Yi01MzcyNzg2MTc0NzYwMjI4GAA&sigh=Du128x9OZjo&uach_m=[UACH]&template_id=5021
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 204 csi
csi.gstatic.com/ 0
327 B 761ms
251ms Image
image/gif 2404:6800:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csi.gstatic.com/csi?s=a4a&c=541993001375&slotId=0&qqid.0=CPLfpaSKu_kCFUNw4AodDKEAJg&dt=1660093519174&aexp=1002!1102&rls=2207221643000&adt.0=adsense&met.a4a.0=iniLoadCsiFriendly.1012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:800::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Aug 2022 01:05:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 csi
csi.gstatic.com/ 0
54 B 763ms
254ms Image
image/gif 2404:6800:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csi.gstatic.com/csi?s=a4a&c=541993001375&slotId=0&qqid.0=CPLfpaSKu_kCFUNw4AodDKEAJg&dt=1660093519174&aexp=1002!1102&rls=2207221643000&adt.0=adsense&met.a4a.0=renderStartCsiFriendly.1012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:800::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Aug 2022 01:05:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2FFC 3 KB
3 KB 28ms
14ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:44:16 GMT
x-content-type-options: nosniff
server: cafe
age: 33664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 12948112503563494795
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Wed, 10 Aug 2022 15:44:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2FFC 344 B
582 B 27ms
13ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:34:18 GMT
x-content-type-options: nosniff
server: cafe
age: 27062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 10 Aug 2022 17:34:18 GMT

GET
H2 204 csi
csi.gstatic.com/ 0
54 B 551ms
250ms Image
image/gif 2404:6800:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csi.gstatic.com/csi?s=a4a&c=541993001375&slotId=0&qqid.0=CPLfpaSKu_kCFUNw4AodDKEAJg&dt=1660093519174&aexp=1002!1102&rls=2207221643000&adt.0=adsense&met.a4a.0=visibilityCsi.1012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:800::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Aug 2022 01:05:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
497 B 86ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssk1tTdXYhTGALM08j844E4OSI7M97ML622fFDXCmGKG6naqZQErMwS3M-X1ndU1fxHsjNZVZJi8ATAWuWu-AaI-CzBQ6Fhfi4W4sAEEooJSw53yanIl7NrF3g9OsxGIOwNeDwQc82LWxGd&sai=AMfl-YQVflDRXk_MLpGeJ5WXyW6ce05jIh_NHPjU8N1XJ9hHuXERtEp3anQ4Zs7lxX-KV1NhPbrD7bsDGImE&sig=Cg0ArKJSzEYo88pBPsEDEAE&id=ampim&o=650,76&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=1049&tls=2050&g=100&h=100&tt=2050&r=v&avms=ampa&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)&uafvl=UACH(fullVersionList)&uaw=UACH(wow64)&adk=2166028470

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Aug 2022 01:05:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 14:29:49	Name: IDE Value: AHWqTUmsUEmWD4A6RGU4kIZFNNrENSBDCJbCCcuwMfWlTBmr4pHocOZDLh77U6Rreg8

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/ Message: The resource https://connect.facebook.net/en_US/sdk.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/ Message: The resource https://d-22344007212599137565.ampproject.net/2207221643000/frame.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/ Message: The resource https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/ Message: The resource https://d-22344007212599137565.ampproject.net/2207221643000/nameframe.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/stegomalware-surge-attackers-using-file-video-image-others-to-hide-malware/amp/ Message: The resource https://3p.ampproject.net/2207221643000/vendor/facebook.mjs was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * blob: data:; script-src 'sha256-0EzT5rjCdQIs7Zb99eHUlAOmKUanRXRrJoqJ+VYepto=' 'sha256-5CxqAdDXlHviOy7zxeRpMobzRK/JNpLvkS+k8Zj3L3A=' 'sha256-FIBGC/wl1Qfnh2Fb5NPFHmRty7BHJdDpWW1FZ8egppI=' 'sha256-UXYprBCAtnqoL5acf14iemip/+HI+gDFh92yyXkM3XI=' 'sha256-dKn2nAtwgzaaXC8ZM58hhldxNyeuu4qrzW4H9//9YMA=' 'sha256-i9nAf5M9USb+lB7ZtayKdAWymLU1MCklCTdsyXbMgCs=' 'sha256-wjUSvXYNfPUUTPZYrn4pOEcf2ecDdjd3N9Av3GDSwZw=' 'sha256-yAAlWuem9ue55JEvxkWhcWWA1Zu0p6cgbYtDWJjsdvs=' blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3p.ampproject.net
adservice.google.com
cdn.ampproject.org
connect.facebook.net
csi.gstatic.com
csp.withgoogle.com
d-22344007212599137565.ampproject.net
fonts.googleapis.com
fonts.gstatic.com
gbhackers-com.cdn.ampproject.org
googleads.g.doubleclick.net
i2-wp-com.cdn.ampproject.org
lh4-googleusercontent-com.cdn.ampproject.org
lh5-googleusercontent-com.cdn.ampproject.org
pagead2.googlesyndication.com
pixel.wp.com
stats.g.doubleclick.net
tpc.googlesyndication.com
web.facebook.com
www.google-analytics.com
www.googletagmanager.com
192.0.76.3
2404:6800:4001:800::2003
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2011
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9c
2a03:2880:f007:1:face:b00c:0:1
2a03:2880:f01c:8012:face:b00c:0:3
01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
0ce0edd136d606479850b49f2613b60f033b804366fe4c42ffeb188635333df3
13857df7ad8533fe15de0eed09d39c2888440ba6a604cc7b459b4c73318a37df
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
194ec37f605bf83fe6c3e880654b45503ca4db10b66dc21631739e377b0062a4
19906e30c92b24fb1101b71e282722d957b89e54dbed2258dccc831b5b5e6bd1
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
1f34b0007d57fe6234d8cbe40385e9260829ad887c785e043d586be9ad192c69
298bc0963a884e7ebdff91f81d2cec25e143c174fd5063f6a3b9c12f2b0163eb
2bf367c5c86ea251f94b495b3714e2f4235cb0ac4da70cf243db0b73efa036a2
34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
37606a72c482460fd0d7d3f4fa7e15e87c7251cb175b95db32eea64b6907d365
3d44b7120bc89ff5888e1f79a988bd09e88288c9c9973fcd10588d0b44475e87
42a20efeb90321fcb1f52eece95252fab023ab68d919123783399ec55dac82d6
4aae85d0c22a34dee9e71b7d0a2215632a10f5704a02c8a3df2ea86dace34443
4d1bf14e653ac18f74d0756b007529fa0db185b381ea864d3393d65b52b42c7c
4e8ca124d4d79e7145843a06f49a0761faf6535ea190728c3ae189a7e012d21a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
60e7d3d3b27388f5e2342f465e7e2f7cc041e5e2898fb2a59f523d62f65b74b7
6364a43008373fe0446d237ae05ba78e12e854ea4ba10e22823e390d086f1693
666df6b58ed258a39995d5a62841b537e67860d4b0a11096f0b2366e661571d5
70f8b7276a2ea3e970fc28268df17b67e7576b62f998fac7ac4d1499c99bda4d
72387f171eea989063847803b2d5789de079f476194f8a369038093bcd8a8be3
77a0c65f7421bf10b159566bb03e6584a97d65e757b129a7baaac7a14534a277
79b75dbe84c83dfc89fe8cca5654fc5983990fb9ed415de691e452df028b4c57
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
857bdb8e2ba2b971af964d3c4fafb96c572b43295907da0acb7dc9bd292d6262
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
90b2fef67a613192309718aaa2eb1e4770d7335fbc3c6ca66bd58c3c4b9b772c
924aace23e54fcf154a07509debd7336088b7546df4f6566062f477b6ed500a4
97415e44b4afaba192d785b822600b5ac16baa3b285fb01c9c261075c18bc726
9b3f9e0eec5b585b86c19bc175b155922daf524f542bba4703c5d1675e0f01b7
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a957e731dc9a2f6aa5439070945adb1b92e70ea8273d7bbc474a5137b1b16594
b07598ab95725307430f7187cbd93a2f202c9c53e11507b9eb9b0a51e7862044
b35948c8aa479d6a99cbefa25db0fabc837d88af9688b326dc283017ad59acf9
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
b96cf372e58cf65f0d2b71f63c13d4612bdd92bd69a2528c2df139a702387163
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c227fbf1e5b4a0fa0908cc8471e523df3fa25a82e1a1a0825198c77cf5262e14
c6de68f8dda81ad747b06d66baae8eada6e508639dbeed71b03a2cdc4802e36a
d84ec7d6f279c211cdd1472922240d3608574f55b2951c1c94f585c96ea24bb6
d88f9f50bf6f2a412f50881d24c274ac661fb2c072e29adb5691b60c3877db92
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eac1eb0b7857697a7d9f1efb2ab0ca6c0bcc837ef5c63c7d19301fa60e7e8537
edbad0bb6c295ef085bda449a2f216432e3b23c1519b6b041166578d966b115c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7122d2ea6721b21f14ab27a9d871aed66b8d6312b910aa2fbbfc6a24dc6b2d6
fe1db5ec75bb73e75d24b8a345ddc4246f1a9c3144f90e7db34c355dd5655f0a
fede9b6aae0574b268b02e80b6751427ab3033ac48561304568708db50f4a898
ffc2867f77fc193c5ec39525fc4cbe4589c7f326694f588605c9e4284e3a56ab

gbhackers-com.cdn.ampproject.org Open in urlscan Pro 2a00:1450:4001:809::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

98 %HTTPS

94 %IPv6

13 Domains

21 Subdomains

17 IPs

5 Countries

813 kBTransfer

1802 kBSize

1 Cookies

52 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gbhackers-com.cdn.ampproject.org Open in urlscan Pro
2a00:1450:4001:809::2001 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

94 %
IPv6

13
Domains

21
Subdomains

17
IPs

5
Countries

813 kB
Transfer

1802 kB
Size

1
Cookies

54 HTTP transactions
15 data transactions