gbhackers.com Open in urlscan Pro
104.21.34.223 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
Submission: On February 05 via manual (February 5th 2024, 5:24:31 pm UTC) from CA — Scanned from CA

Summary HTTP 227 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 19 domains to perform 227 HTTP transactions. The main IP is 104.21.34.223, located in and belongs to CLOUDFLARENET, US. The main domain is gbhackers.com. The Cisco Umbrella rank of the primary domain is 928828.
TLS certificate: Issued by E1 on January 3rd 2024. Valid for: 3 months.

This is the only time gbhackers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 38	104.21.34.223 104.21.34.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	142.251.167.95 142.251.167.95	15169 (GOOGLE) (GOOGLE)
17	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
62	172.253.62.132 172.253.62.132	15169 (GOOGLE) (GOOGLE)
2	152.199.5.152 152.199.5.152	15133 (EDGECAST) (EDGECAST)
17	142.251.167.157 142.251.167.157	15169 (GOOGLE) (GOOGLE)
2 7	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1 4	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 21	142.250.31.132 142.250.31.132	15169 (GOOGLE) (GOOGLE)
2	172.253.115.105 172.253.115.105	15169 (GOOGLE) (GOOGLE)
2	152.199.24.163 152.199.24.163	15133 (EDGECAST) (EDGECAST)
11	172.253.63.102 172.253.63.102	15169 (GOOGLE) (GOOGLE)
7	172.253.115.94 172.253.115.94	15169 (GOOGLE) (GOOGLE)
4	172.253.122.113 172.253.122.113	15169 (GOOGLE) (GOOGLE)
2	172.253.62.102 172.253.62.102	15169 (GOOGLE) (GOOGLE)
2	142.250.31.102 142.250.31.102	15169 (GOOGLE) (GOOGLE)
2	172.253.122.100 172.253.122.100	15169 (GOOGLE) (GOOGLE)
2	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
1	172.253.122.139 172.253.122.139	15169 (GOOGLE) (GOOGLE)
1	74.125.0.135 74.125.0.135	15169 (GOOGLE) (GOOGLE)
4	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
1 2	50.116.194.21 50.116.194.21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 7	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
1 1	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	172.105.213.147 172.105.213.147	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 2	185.167.164.52 185.167.164.52	198622 (ADFORM) (ADFORM)
2 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
227	27

38 104.21.34.223 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gbhackers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.167.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.163.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 172.253.62.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f132.1e100.net

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.5.152 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.167.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.253.63.154 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.31.132 (Oxford, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bj-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.105 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.24.163 (United States)

ASN15133 (EDGECAST, US)

static.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.253.63.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f102.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.122.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f113.1e100.net

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f102.1e100.net

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.31.102 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f102.1e100.net

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f100.1e100.net

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f139.1e100.net

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.0.135 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s75-in-f7.1e100.net

rr2---sn-ab5l6nk6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.116.194.21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.253.115.156 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.150.170.96 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.213.147 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1867-147.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.52 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland) 1 redirects

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

cm.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12324	10 MB
38	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	807 KB
38	gbhackers.com 1 redirects gbhackers.com — Cisco Umbrella Rank: 928828 staging.gbhackers.com Failed	852 KB
36	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com csi.gstatic.com	679 KB
14	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	152 KB
13	google.com www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	71 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	9 KB
6	linkedin.com 1 redirects platform.linkedin.com — Cisco Umbrella Rank: 3538 www.linkedin.com — Cisco Umbrella Rank: 632 px.ads.linkedin.com — Cisco Umbrella Rank: 349	324 KB
4	creativecdn.com 3 redirects creativecdn.com — Cisco Umbrella Rank: 564 cm.creativecdn.com — Cisco Umbrella Rank: 10608 ams.creativecdn.com — Cisco Umbrella Rank: 9710	2 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
3	wp.com stats.wp.com — Cisco Umbrella Rank: 2723 pixel.wp.com — Cisco Umbrella Rank: 2679	6 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 843 r.turn.com — Cisco Umbrella Rank: 4167	869 B
2	licdn.com static.licdn.com — Cisco Umbrella Rank: 2308	43 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 9026	600 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 856	715 B
1	googlevideo.com rr2---sn-ab5l6nk6.googlevideo.com — Cisco Umbrella Rank: 22567	856 KB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 2733	11 KB
227	19

	Domain	Requested by
62	blogger.googleusercontent.com
38	gbhackers.com	1 redirects gbhackers.com
21	tpc.googlesyndication.com	2 redirects pagead2.googlesyndication.com tpc.googlesyndication.com gbhackers.com googleads.g.doubleclick.net
17	pagead2.googlesyndication.com	gbhackers.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
17	fonts.gstatic.com	fonts.googleapis.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	fonts.googleapis.com	client gbhackers.com googleads.g.doubleclick.net
7	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
7	www.gstatic.com	gbhackers.com googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
4	www.googleadservices.com
4	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	www.linkedin.com	platform.linkedin.com gbhackers.com
2	creativecdn.com	2 redirects
2	c1.adform.net	2 redirects
2	csi.gstatic.com	www.gstatic.com
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	static.licdn.com	www.linkedin.com
2	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
2	platform.linkedin.com	gbhackers.com www.linkedin.com
2	stats.wp.com	gbhackers.com
1	ams.creativecdn.com
1	cm.creativecdn.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	a.c.appier.net	1 redirects
1	px.ads.linkedin.com	1 redirects
1	um.simpli.fi	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	rr2---sn-ab5l6nk6.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	pixel.wp.com
0	staging.gbhackers.com Failed	gbhackers.com
227	35

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.indusface.com
news.google.com
nvd.nist.gov
www.continuitysoftware.com
blog.aquasec.com
www.manageengine.com

Subject Issuer	Validity	Valid
gbhackers.com E1	`2024-01-03` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2023-07-11` - `2024-07-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2023-08-02` - `2024-08-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
Frame ID: 436584F9BBFF2EED06F98010F64BB10A
Requests: 162 HTTP requests in this frame

Frame: https://gbhackers.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 53E1F9B84FE88F1C438325FC5C68013D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: E3F47DE5D68F81AAD6B9A342F37E021A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&adk=1812271804&adf=3025194257&lmt=1707153865&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_r&format=0x0&url=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6~9~14&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707153865103&bpp=9&bdt=365&idt=226&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6827351143638&frm=20&pv=2&ga_vid=1967591128.1707153865&ga_sid=1707153865&ga_hid=1628165602&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42532523%2C44809005%2C44809530%2C31080825%2C95321957%2C95324155%2C95324161%2C95324266&oid=2&pvsid=2104204338625840&tmod=841211714&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=262
Frame ID: 112821DF6217234A0C89090B40B9FF6E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A0265D45B1864C400A94DDCAEFA76551
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 42A7D63B09EB09EBD79D2E5C2F2E0A85
Requests: 2 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=13218263&counter=bottom&xdOrigin=https%3A%2F%2Fgbhackers.com&xdChannel=86caf750-1801-498b-ba95-2a1b5ebb5123&xd_origin_host=https%3A%2F%2Fgbhackers.com
Frame ID: 9A9E4980941C579339E622E1BC72A929
Requests: 1 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=13218263&counter=bottom&xdOrigin=https%3A%2F%2Fgbhackers.com&xdChannel=86caf750-1801-498b-ba95-2a1b5ebb5123&xd_origin_host=https%3A%2F%2Fgbhackers.com
Frame ID: DD9F8CA10513CA99B1614C058BDD9DCC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5372786174760228&output=html&h=280&adk=1606071286&adf=430874041&pi=t.aa~a.1711906059~i.14~rp.4&w=702&fwrn=4&fwrnh=100&lmt=1707153866&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9720455393&ad_type=text_image&format=702x280&url=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=176&rw=702&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707153866552&bpp=2&bdt=1813&idt=-M&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6827351143638&frm=20&pv=1&ga_vid=1967591128.1707153865&ga_sid=1707153865&ga_hid=1628165602&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1924&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42532523%2C44809005%2C44809530%2C31080825%2C95321957%2C95324155%2C95324161%2C95324266&oid=2&pvsid=2104204338625840&tmod=841211714&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=115
Frame ID: E25B47222C00CF554FCCAE0B90F32B88
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 7EC82B39DC308BA69212C417A6BCFC78
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 4BED0572177CA5084C201B19EF56F1C9
Requests: 20 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019
Frame ID: E69DF1EF81E8E029BFD7E7890563A9F3
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 28400407058B49C03FC2AB4CCF69D482
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: B88D124C147AA4325DDABDCA16985740
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BD66DCB2DF0083C2BBB06AE2A4FA45ED
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: B35552E45DBAF3FE9EE06E7B0A94CFB7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hackers Actively Exploiting Linux Privilege Escalation FlawDocument

Page URL History Show full URLs

https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Page URL
https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

227
Requests

93 %
HTTPS

0 %
IPv6

19
Domains

35
Subdomains

27
IPs

6
Countries

13651 kB
Transfer

19956 kB
Size

21
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/gbhackers/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/gbhackers_news
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.indusface.com/web-application-firewall.php?utm_source=gbhackers-top-banner&utm_medium=ppc&utm_campaign=managed-waf-usd-99
Title: <img width="728" height="90" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz4CD0Q4OzZn9OQtPUWOL5oAOyAPjFJuf_7OAdaq_SucoQ23W6lBaEC3598TNQKcf4kTuaR9jowkE1EQnnDuxwQ9KqvLEZc2u185ER9y9F_SuFiKTNHsA-A4l-w8pTXMGEckxmYgdKMyaqPTvOHbRbO7Kk2F5O6bQNv8FqTDXZyTrIU6h1JJc-7f48NVOL/s16000/Managed%20WAF%20-%20728x90.png">

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqKAgKIiJDQklTRXdnTWFnOEtEV2RpYUdGamEyVnljeTVqYjIwb0FBUAE?hl=en-IN&gl=IN&ceid=IN%3Aen
Title: <img width="100" height="50" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig8zaHB0FTKlmRZVt0d5XaaccsF_jbtXdlbA5eo4Zti-zsRfW-3tpEeHVNnKh7TYK4jMNNUQ-dQgOpQYc4uKme2BwCAGN8yIYKpiafBaLILOZevcg3U2jxj4A6zUfRU4unv2GmfgqVbUYfR7ejrmWkn6q999akECnuVZ5dt81r-y8ZTLwd9io5zH3koNTA/s1600/Google%20news%20%20blue.png">

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-4911
Title: CVE-2023-4911

Search URL Search Domain Scan URL

URL: https://www.continuitysoftware.com/webinar-ensure-cyber-resilient-with-the-new-dora-regulation/?utm_source=CyberSecurityNews
Title: Register Your Spot

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2017-9841
Title: CVE-2017-9841

Search URL Search Domain Scan URL

URL: https://blog.aquasec.com/loony-tunables-vulnerability-exploited-by-kinsing
Title: security researchers

Search URL Search Domain Scan URL

URL: https://www.manageengine.com/patch-management/?utm_source=GBHackers&utm_medium=Website-CPM&utm_campaign=PMP-300x600
Title: free trial

Search URL Search Domain Scan URL

URL: https://www.indusface.com/web-application-firewall.php?utm_source=gbhackers-banner&utm_medium=ppc&utm_campaign=managed-waf-usd-99
Title: Managed WAF Protection

Search URL Search Domain Scan URL

URL: https://www.indusface.com/zero-vulnerability-report-within-72-hours.php?utm_source=gbhackers-blog-cta&utm_medium=referral&utm_campaign=2024-jan-webinar-zero-vulnerability-report
Title: Register Your Spot

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Page URL
https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://gbhackers.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Request Chain 198

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODqg_3XQRCwCRiwCTIIkmDQmvwj6IE HTTP 301
https://tpc.googlesyndication.com/simgad/8698539365504761701

Request Chain 205

https://googleads.g.doubleclick.net/pagead/adview?ai=CorYgyRnBZbiVGYWNvPIP2J6-uAGukY3ddePaz_qWErnu8MiqARABIIqq9kJg_eiigfADoAGhwJjxKMgBCagDAcgDywSqBLACT9D4woeowMfP9hNbwvvekGJ24Wdi5GnVz3wkDyuBxSa3GCpVY45Q3doyFE0zBT9SKSOReMxYjq2vYjOQYUIcXykLGMjHsTbzYnw_ya_PmkOi5JM8S9EXMJ5NVSoJ3jQZsLFahhH2qutCBvvexH7m_dSq0uDMhwbL3aGE3pr1p_RH-3A04Budz0BhnFH3e_vGIWmkG5049meEdnyh1_l58O40h9uyVaMv4ArNx79dKE8TtrN94Kl2C1HRKgs-PrxU4X0I7oEt8KCRZD3Yo0C-N6gn8LW2E-m8Mpft8iV4SpO-QtgK1p6T6UqQ-CfvRzj3J2M_BI8HmMxbV78p5pk2LFYTXx0RfMyHyb5E_NB0TK-Ksm1F6R8nqEzUWAeWEyCeXhLj_wpmm41i_ZfAGYcn6cAE6u2DjNMEiAW65c_eTZIFBAgEGAGSBQQIBRgEoAYugAff57ieBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBDJ31PSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WP_G5d3blIQDmgmBAmh0dHBzOi8vd3d3LnRlbXUuY29tL2NhL2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9Mzd-ZW5-Q0FEJmdvb2RzX2lkPTYwMTA5OTUxMzM2ODkwOCZfcF9yZnM9MSZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2JnX2FkaWQ9Z2QyMjQ0MDIxLTEmdG9waWNfY2xhc3NpZnk9MTA2gAoByAsB2gwQCgoQ0Kzaqa_YpN5DEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi01MzcyNzg2MTc0NzYwMjI4GAA&sigh=zyskDezq4M4&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_uHtqqfZqzsvhIPJKdRyob3N7DZVpnbA2CQo0Y1O1lFrp7QGpJZSdJOBgLEuGNt_78gOeugq9CFUOk1dIAaCVhf3CQme-7zTxURgB&template_id=494&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x804bbe4b7674e21a0000000000000000%22,%222%22:%220x91d26f93e99141630000000000000000%22,%223%22:%220xb44fd79da95ea1a10000000000000000%22,%224%22:%220x2cf4a524323d8b3f0000000000000000%22,%225%22:%220x531c4f15b456db6b0000000000000000%22},%22debug_key%22:%227491419296154664116%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225433924358560222657%22}&andc=true

Request Chain 224

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODqg_3XQRCwCRiwCTIIkmDQmvwj6IE HTTP 301
https://tpc.googlesyndication.com/simgad/8698539365504761701

Request Chain 226

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELOrNGF4rsmB2zRhUyEC4L8&google_cver=1&google_push=AXcoOmSgX9X4-1g3UVLSWqP2j3B2W3loXtoWYMOcfyd1rnap6S_kZ1IROaFlH3Ixi6TMeC0C0KiSXKpxXKIbHhutN2pHXzLCV88QJEH2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTIxNTY1OTg3NDU4MTk2NDUzNg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELOrNGF4rsmB2zRhUyEC4L8&google_cver=1

Request Chain 227

https://um.simpli.fi/gp_match?google_gid=CAESEIVy2Lr1ZuV2YTllKfQQGpU&google_cver=1&google_push=AXcoOmQPddxBkKRgLUjrVpEk3_wiQZUvKMvnn8Ind92WrlTaHSayepXMT4MVo2RhoWj79P3bCL27tw9mfIimHAaIPJk1HqqUVchkNhl- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11EBE8E2B1A64B8B92292226676F7C09&google_push=AXcoOmQPddxBkKRgLUjrVpEk3_wiQZUvKMvnn8Ind92WrlTaHSayepXMT4MVo2RhoWj79P3bCL27tw9mfIimHAaIPJk1HqqUVchkNhl-

Request Chain 228

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIGi9GBlb6xHGJASAh6VKD4&google_cver=1&google_push=AXcoOmSN3Py22gl6K7JaU0tVfd_6FI0ABFLYQ05cJ8GTtnuq-SUFxgZ3asu-lgWpBaRMjkyX6cJ0lRTF5dszVPqeHkPrKtSzldTjGpTF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSN3Py22gl6K7JaU0tVfd_6FI0ABFLYQ05cJ8GTtnuq-SUFxgZ3asu-lgWpBaRMjkyX6cJ0lRTF5dszVPqeHkPrKtSzldTjGpTF

Request Chain 229

https://a.c.appier.net/gcm?google_gid=CAESEPpciaWYh58R1moMMdJzEeA&google_cver=1&google_push=AXcoOmSh3jn62Po6-FshBxeAHwTJWKtfXcJrgZrVsPad0GSbE9H3ZezKqCb-wLRgZyzwbfgnruQJ9TScoTmt0Xm3LBHGNKwGnRac91gm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WGtoaEZDMmFDVnFNWnB5RHpCbkJaUQ%3D%3D&google_push=AXcoOmSh3jn62Po6-FshBxeAHwTJWKtfXcJrgZrVsPad0GSbE9H3ZezKqCb-wLRgZyzwbfgnruQJ9TScoTmt0Xm3LBHGNKwGnRac91gm

Request Chain 231

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECb-mkZb6zpXVzyXcxpsI5I&google_cver=1&google_push=AXcoOmTcNcUqjJJQGNpV8xBeHX3NHg6DJsJHZTvZsbsJ58hwhtvs10MjFn7aGQn9iSrk3qcRr1ZcwprJrXlMX8zLtBjlOmzT-YVfbe8J HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECb-mkZb6zpXVzyXcxpsI5I&google_cver=1&google_push=AXcoOmTcNcUqjJJQGNpV8xBeHX3NHg6DJsJHZTvZsbsJ58hwhtvs10MjFn7aGQn9iSrk3qcRr1ZcwprJrXlMX8zLtBjlOmzT-YVfbe8J HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQyNTc0OTE2OTMwMTg4MjUwMQ&google_push=AXcoOmTcNcUqjJJQGNpV8xBeHX3NHg6DJsJHZTvZsbsJ58hwhtvs10MjFn7aGQn9iSrk3qcRr1ZcwprJrXlMX8zLtBjlOmzT-YVfbe8J

Request Chain 232

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEENpOXQhpvCAWOL3vUvK7C0&google_cver=1&google_push=AXcoOmSiPDZhGS4xM6QVP4t62J21SVTEUpczyBNn6GjwtIvvWKROddwF9DHXTaBXd2_jrhKproEuqqDepOXhePR42sCxg2P5LMks0pha HTTP 302
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEENpOXQhpvCAWOL3vUvK7C0&google_cver=1&google_push=AXcoOmSiPDZhGS4xM6QVP4t62J21SVTEUpczyBNn6GjwtIvvWKROddwF9DHXTaBXd2_jrhKproEuqqDepOXhePR42sCxg2P5LMks0pha&tc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=2isVxo51js7LV-47ey4EhG-IlbKBy2gdBVOhxrQ52dI&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEENpOXQhpvCAWOL3vUvK7C0&google_cver=1&google_push=AXcoOmSiPDZhGS4xM6QVP4t62J21SVTEUpczyBNn6GjwtIvvWKROddwF9DHXTaBXd2_jrhKproEuqqDepOXhePR42sCxg2P5LMks0pha&tc=1 HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5 HTTP 302
https://ams.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5

Request Chain 241

https://googleads.g.doubleclick.net/pagead/adview?ai=CP5N1yhnBZc2_K_vGvPIPpcy3oA-ukY3ddePaz_qWErnu8MiqARABIIqq9kJg_eiigfADoAGhwJjxKMgBCagDAcgDywSqBLgCT9A8AH6ZK1sM-cmDRcEE7XIEo12dfSLfaD4a3F7okMRsNWwpyQYJXuxidKmLFY3T5ELe3T0tjpdMl_6iGZQniURsQHu0dXFSwwv0jTw3nzn0VMPcwDLXp6f8HASykEpO7w_qTkvroA7JIkakybbusgw5BQjfsq_20XtXYekM6wSQRZTkH6oq3DBZ4YQ0WKPy0to3x4vE7G6IPAOy5z4BuVMPt2PxnE0LZ55ewYRxnCDHdE432arNmhne1-NDPREcXhQwl1THEE9qLw4Hwkxcyxew4LYqBWgma0JH5s99hzbuwvQgTotapntWq2nHWw7bIhI3LL_CS_6_5YPl8L3g3P7kZe0qH_W6R46-4mTqJpAEiQuj4_E3W6Mlmwc98XkCYOnS67eQcLKxKx53Lp5osdAIMV7MHaKswATq7YOM0wSIBbrlz95NkgUECAQYAZIFBAgFGASgBi6AB9_nuJ4EqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEENH_OtIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY3fa03tuUhAOaCYECaHR0cHM6Ly93d3cudGVtdS5jb20vY2Eva3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT0zN35lbn5DQUQmZ29vZHNfaWQ9NjAxMDk5NTEzMzY4OTA4Jl9wX3Jmcz0xJl94X2Fkc19jaGFubmVsPWdvb2dsZSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYmdfYWRpZD1nZDIyNDQwMjEtMSZ0b3BpY19jbGFzc2lmeT0xMDaACgHICwHaDBAKChDAo_rnia7BokgSAgED2BMM0BUBgBcBshccChoIABIUcHViLTUzNzI3ODYxNzQ3NjAyMjgYAA&sigh=3hTKiw7mtRo&uach_m=%5BUACH%5D&ase=2&cid=CAQSPAAvHhf_0bJqirzZiFN4s4BslqwqM22B4wqlnhBW9lPeEVV9Yim7DdsnEXryCFXaOU-q5wYTUoLUsR7qyhgB&template_id=494&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x804bbe4b7674e21a0000000000000000%22,%222%22:%220x91d26f93e99141630000000000000000%22,%223%22:%220xb44fd79da95ea1a10000000000000000%22,%224%22:%220x2cf4a524323d8b3f0000000000000000%22,%225%22:%220x531c4f15b456db6b0000000000000000%22},%22debug_key%22:%2216014411165118801108%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227901755299727304673%22}&andc=true

227 HTTP transactions
22 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ 492 KB
64 KB 334ms
272ms Document
text/html 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2796e1361ce7a2f174509e99243965f1e0917601d10f2aead6fc7f9251019c04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 850cd8c048faa20a-YYZ
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Mon, 05 Feb 2024 17:24:23 GMT
link: <https://gbhackers.com/wp-json/>; rel="https://api.w.org/" <https://gbhackers.com/wp-json/wp/v2/posts/77674>; rel="alternate"; type="application/json" <https://gbhackers.com/?p=77674>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BhBVnHpOUHKeLRS3QP%2F5kaPa2imtPtYFsOopnoh7QLf0%2BApOm4fZwmsV0Va%2Bf02EkOhPJHfw5EerkIl35Gmct74WqVtZ%2B7CFxRft8fjDRMn83BRDv67io%2FcDVVftVFy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-pingback: https://gbhackers.com/xmlrpc.php
x-turbo-charged-by: LiteSpeed

GET
H2 200 b78c0fddc3cb107c8e95c7a06f26ab2e.css
gbhackers.com/wp-content/litespeed/css/ 1 MB
141 KB 64ms
63ms Stylesheet
text/css 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/b78c0fddc3cb107c8e95c7a06f26ab2e.css?ver=2c857

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b17e07b3111c0378867cf2f79a0f7c0f348afdc4288de08a7b2b63663eef207

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20747
cf-polished: origSize=1117907
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 05 Feb 2024 11:25:24 GMT
server: cloudflare
etag: W/"110ed3-65c0c5a4-3a62af7c2954106f;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxS7zotXT4OMZfnrwV2X5tfREHsni%2BY2NTF0Q81RHyt%2B8ClbKJqO3%2BlAeduhyJ4gcl4PPx5qWgFxAPRp8d8fwDMrOvMQf8M7wZnRmhwIRLrkkjrZMDvFLWfxdSsNuhRH"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c20c06a20a-YYZ
expires: Tue, 04 Feb 2025 17:38:37 GMT

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 233f2b2d1dc2196f93c236a30a61cbea0a794a1241fc50a85baac3720a95d65d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98a9871b1d3a0a44ad7e7de96d6af7a365c9c86f7524358189169ba2724ed6a4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d49a8f03d0407fedabe49d6db487ad62e4d387c595bcf2a88b623de11fa0e1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adb65669c9ada12a5c7a102979d8bf26cb39baeb296e836bc06ea6f0c8ed4f4f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
517 B 107ms
42ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 16:01:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 17:24:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 107ms
41ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

32ae247e879a3b1b2405758e18afb6c4d3b4ff120090ade83f320df4681c1ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:24:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 17:24:24 GMT

GET
H2 200 rocket-loader.min.js Show response
gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 44ms
43ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 18:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b94449-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPcIzKUDXJzQG7cZ4vOiSceQ3MQ435jOPqz90PQv4kn3pw9EfBl8x66p4%2F9dQ8jqgTPNZP5LjmhbsVcf76DqTRFzG68tTG8qaUJtizdwZJg%2BC%2BoOXLNWuresu%2FvXmm9L"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 850cd8c25c7aa20a-YYZ
expires: Wed, 07 Feb 2024 17:24:24 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5542c4510ca401b310518148c408ba1c52a97e35ac3a0dde456230b6894a6ed

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 email-decode.min.js Show response
gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 27ms
27ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 18:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b94449-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLpypdwL6FX3n8CLqUNeA%2BH0KsCprBWKb6hgjqHNgDA5%2BS%2Bnd3kIEQU4IBzndwASPowOe%2F1GAOG5CVHht%2Fyn2hDn9LQDtmrxX6BsZbQiG9jQ3q%2B0tkqFB9p1p0q0%2Bx1H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 850cd8c25d173700-YYZ
expires: Wed, 07 Feb 2024 17:24:24 GMT

GET 2020072771408f81-31a7-403e-59dd-d687f193fc7d.jpg
staging.gbhackers.com/wp-content/uploads/2023/08/ 0
0

GET
H3 200 newspaper.woff
gbhackers.com/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 38ms
38ms Font
font/woff 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?221

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-content/litespeed/css/b78c0fddc3cb107c8e95c7a06f26ab2e.css?ver=2c857

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gbhackers.com/wp-content/litespeed/css/b78c0fddc3cb107c8e95c7a06f26ab2e.css?ver=2c857
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8224189
alt-svc: h3=":443"; ma=86400
content-length: 33488
last-modified: Fri, 11 Aug 2023 11:01:29 GMT
server: cloudflare
etag: "82d0-64d61509-93ce23cc59205ee5;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4DXPRuZgduiKWio2FOaeqQjXN9VF7C9pVoB1Wulp7LwTKgVIdfsVRF9l%2Bi7tZMG5qh9u0EQF8bFxqPddTTtrc6zNmS32wqat2uYfPayPmEKR6trOH1Nfwgi%2BudxkNQZ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 850cd8c2ee223700-YYZ
expires: Fri, 01 Nov 2024 18:54:34 GMT

GET
H3 200 fontawesome-webfont.woff2
gbhackers.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 75 KB
76 KB 63ms
63ms Font
font/woff2 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-content/litespeed/css/b78c0fddc3cb107c8e95c7a06f26ab2e.css?ver=2c857

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gbhackers.com/wp-content/litespeed/css/b78c0fddc3cb107c8e95c7a06f26ab2e.css?ver=2c857
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5804612
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Fri, 11 Aug 2023 11:01:47 GMT
server: cloudflare
etag: "12d68-64d6151b-8994aa5bb479bd34;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TemDDA2l5dlO8KcO%2BngBobMiexmwWAHpXRrQ1jK7EsRdNXXacH6RqsjcngHlsaHZVy5TBES1ggeE1AYnJUkJEYzgXaiGKthv5wZ3NS38Pcmn1Hls45Q0%2B4kQe%2B%2BvlVoM"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 850cd8c2ee233700-YYZ
expires: Fri, 29 Nov 2024 19:00:52 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 108ms
39ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:10:42 GMT
x-content-type-options: nosniff
age: 375222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:10:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 101ms
41ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:31:21 GMT
x-content-type-options: nosniff
age: 373983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:31:21 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cd1aa3320ac7c4b14118aa9ea4d422041f089d53cb3ddbc61dbad69eb1fd12e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc915c1f3bb527c0ad9c102c5f6004c9e5a84a5ba637a76b13611e66eb6487f2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b1748d8cea8b7f3eeace07cef59dfb618e116d46b2a1bd8cdab1bdbcf716590

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37552f69514fecd835ff9c729be34b76f064fd722ce5bdeea316015fde5ac027

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 e-202406.js Show response
stats.wp.com/ 7 KB
3 KB 77ms
24ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202406.js
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT yyz
date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356930.8542
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 16:05:18 GMT

GET
H3 200 instant_click.min.js Show response
gbhackers.com/wp-content/plugins/litespeed-cache/assets/js/ 4 KB
2 KB 36ms
36ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=5.7.0.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 5903997
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 10:27:30 GMT
server: cloudflare
etag: W/"e63-65437992-99415a2fab1e9c2e;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BALJKqaAWqvl1plOJwbvmdwYBm%2FmxEesbawaBkDA9D7jiOoVTq29dDYp%2BhShOZzpI8hEishyrbNLwBXBcjeRf9K05bn1X8ucO1Vn3T8LMmMBx6WhOB3VG4JemSgbw%2B2Z"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c408c73700-YYZ
expires: Thu, 28 Nov 2024 15:24:27 GMT

GET
H3

200

main.js Show response
gbhackers.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 53E1
Redirect Chain

https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://gbhackers.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

7 KB
4 KB

33ms
33ms

Script
application/javascript

104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Protocol

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb2427a244934b7e1f0439dd1320bfb2a899cbfb9b8fd1e4ad28b53dfe2b07be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txXyejDZfniSKVJykvF%2BsH4zKwpP%2B4Pvq2e6CDgVhsh73IOIXffb3Gue68Aw96Rk076gbmN%2BD3IBZ9tprci2wwcNreLjOxJjoNIdA97%2FOUE40hw3%2BH45iBgUlr8u%2BLFf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 850cd8c4698a3700-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 05 Feb 2024 17:24:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEKQ0FsS0UDHEL%2F1HdfgCZ%2FICqIFnN5WLZVwu2YLhgn3rtW7ytqEePyhV5f8ljXidSf3HLgvemxWUqlJNJ3gSzQhrJnX7Dldff0i1HmJn1N19fk%2BvePgNm3A9W9it1gu"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 850cd8c418fc3700-YYZ
alt-svc: h3=":443"; ma=86400

POST
H3 200 guest.vary.php
gbhackers.com/wp-content/plugins/litespeed-cache/ 16 B
668 B 205ms
205ms Fetch
text/html 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/litespeed-cache/guest.vary.php

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-litespeed-cache-control: no-cache
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxmkQ3UpAnHF9cl2WYqqXE6wSACz1nKfiXLrvN8n6NzwAARzaLMl5FQOTsW5EGg3AYpnxk65Xf9ZweqrseEKhrXzlOWnfJheiInjRKEBcudeeJLLnuIQz%2BmZs6FmR3GA"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 850cd8c439413700-YYZ

GET
H3 200 GBHackers-On-Security-272-x-90-px-322-x-50-px-422-x-50-px.png
gbhackers.com/wp-content/uploads/2023/08/ 10 KB
11 KB 36ms
35ms Image
image/png 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbhackers.com/wp-content/uploads/2023/08/GBHackers-On-Security-272-x-90-px-322-x-50-px-422-x-50-px.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc4360c0a29af7e975e2ad9dc76f951e49628535a6de8003b5675d428e353c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5726672
alt-svc: h3=":443"; ma=86400
content-length: 10504
last-modified: Sat, 16 Sep 2023 05:39:29 GMT
server: cloudflare
etag: "2908-65053f91-b289ce6b35e4e18e;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ur9IUIqPxaFu29D4D0ILBbh%2FtHz%2Fe%2BB%2FqaEiN9HHCyKd7dt7wI8dpGHEWXeaD6v8TsjYtq4MEuMQ52Xzk%2FT9D3BKajdwfkMlgwygz3ajAkUfw34kWwtM2StU2agA6WjJ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 850cd8c499ea3700-YYZ
expires: Sat, 30 Nov 2024 16:39:52 GMT

GET
H2 200 Managed%20WAF%20-%20728x90.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz4CD0Q4OzZn9OQtPUWOL5oAOyAPjFJuf_7OAdaq_SucoQ23W6lBaEC3598TNQKcf4kTuaR9jowkE1EQnnDuxwQ9KqvLEZc2u185ER9y9F_SuFiKTNHsA-A4l-w8pTXMGEckxmYgdKMyaqPTvO... 21 KB
22 KB 262ms
192ms Image
image/png 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz4CD0Q4OzZn9OQtPUWOL5oAOyAPjFJuf_7OAdaq_SucoQ23W6lBaEC3598TNQKcf4kTuaR9jowkE1EQnnDuxwQ9KqvLEZc2u185ER9y9F_SuFiKTNHsA-A4l-w8pTXMGEckxmYgdKMyaqPTvOHbRbO7Kk2F5O6bQNv8FqTDXZyTrIU6h1JJc-7f48NVOL/s16000/Managed%20WAF%20-%20728x90.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v5de7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Managed WAF - 728x90.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21973
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:24 GMT

GET
H2 200 Google%20news%20%20blue.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig8zaHB0FTKlmRZVt0d5XaaccsF_jbtXdlbA5eo4Zti-zsRfW-3tpEeHVNnKh7TYK4jMNNUQ-dQgOpQYc4uKme2BwCAGN8yIYKpiafBaLILOZevcg3U2jxj4A6zUfRU4unv2GmfgqVbUYfR7ej... 4 KB
4 KB 299ms
229ms Image
image/png 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig8zaHB0FTKlmRZVt0d5XaaccsF_jbtXdlbA5eo4Zti-zsRfW-3tpEeHVNnKh7TYK4jMNNUQ-dQgOpQYc4uKme2BwCAGN8yIYKpiafBaLILOZevcg3U2jxj4A6zUfRU4unv2GmfgqVbUYfR7ejrmWkn6q999akECnuVZ5dt81r-y8ZTLwd9io5zH3koNTA/s1600/Google%20news%20%20blue.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v5abc"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Google news blue.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3620
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:24 GMT

GET Hackers%20Actively%20Exploiting%20Linux%20Privilege%20Escalation%20Flaw%20to%20Attack%20Cloud%20Environments.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2e3UhFjK6kw096Xrt8MoJYffOOHdoQvN8fZL5YkegZxCPAWLieu5mAfk1OX-vOAJfrqS_ub7892zyU-4kJoKlbpsWTeQcPZsSEpaDPn3nQMx1jdbolvIO6eMEhduZwxMD7fQ2v5XL3xNedgYB... 0
0

GET gbhackers-waf-banner-300x600.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggxrET8rL53qWvxNg0ojgbDwhKZUmlLqGRzzfXePO67o4NYLh0rAXrh94aQcN0k8EB1cge5SlSrZ42GgQgjwsxqYAEkfzyYPTOtaQzOjdx4grNJfxFnnp7ei-h6DN35p1Jx3I6LKIO33fXMa31... 0
0

POST
H3 200 850cd8c048faa20a
gbhackers.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 53E1 0
575 B 61ms
60ms XHR
text/plain 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/cdn-cgi/challenge-platform/h/g/jsd/r/850cd8c048faa20a
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToI2djYCtgsW54EUlWKld7gVSSqwt9NfeH6cKWKAbjYQAJuLfPeS2NETs5dWTtcg85Genqe8xC5Mp0B%2BvLjMF%2F1AwCxN6ZtIGrGIlOiACYDhPlXYjCYc5o5aQUEJzipP"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 850cd8c53ba43700-YYZ
alt-svc: h3=":443"; ma=86400

POST
H3 200 850cd8c048faa20a
gbhackers.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 53E1 0
582 B 61ms
61ms XHR
text/plain 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbhackers.com/cdn-cgi/challenge-platform/h/g/jsd/r/850cd8c048faa20a
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBaRB5IyY54y5a936BypTNA%2BEMsIbxqeTy5hkV%2BB6zk3xWH5b9ODzxsytLGCOPrG4rh%2BnPhySdURRY5%2FceldWmXUdQuOnf8qNCubaCJzXbBg57taaxfKy3EKCqxmFglr"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 850cd8c5dd083700-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request / Show response
gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ 498 KB
65 KB 130ms
130ms Document
text/html 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99fda8b2abb0af6ab90ee32a785a3908a8c07a7ba29491fcef044795b0360995

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 850cd8c5dd193700-YYZ
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Mon, 05 Feb 2024 17:24:24 GMT
link: <https://gbhackers.com/wp-json/>; rel="https://api.w.org/" <https://gbhackers.com/wp-json/wp/v2/posts/77674>; rel="alternate"; type="application/json" <https://gbhackers.com/?p=77674>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgaFpozrfH%2BmiINpgRcIqAZ%2B9gXmI%2BLwEWpJD0Y1o7vmeCP3SjCHLtbD2g%2FzjV0oOfVKdAlszKhbpBPkFDrbGpOEqhdXuv3mUDQp0KSbJL6hMJcSyb1Yi4DWN9qR1fTr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-pingback: https://gbhackers.com/xmlrpc.php
x-turbo-charged-by: LiteSpeed

GET
H3 200 b07551821deafed18860688967539e97.css
gbhackers.com/wp-content/litespeed/css/ 107 KB
15 KB 45ms
44ms Stylesheet
text/css 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/b07551821deafed18860688967539e97.css?ver=02988

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eef46dddc1cd02fd80cd4b37cffbe963ebfda495cb316937805be4595d2e112

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477342
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 04:48:38 GMT
server: cloudflare
etag: W/"1ad2c-65b9d126-dd84b3439ce4b428;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVsStceDwkJSQL867suuvCm0w8VBZVgE%2Bj0W2FXBhvksz4Z4U9PfMUEsqS6%2BDaKrOC3MZSx0cHuYd612B3BgCZXG6rMi7Qgf%2B92owa1ETk75jMuyB5sR5QVpa4DXx%2Fby"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c6bef43700-YYZ
expires: Thu, 30 Jan 2025 10:48:42 GMT

GET
H3 200 7a094d7f8e2c386f14fee69e7794002b.css
gbhackers.com/wp-content/litespeed/css/ 11 KB
3 KB 40ms
37ms Stylesheet
text/css 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/7a094d7f8e2c386f14fee69e7794002b.css?ver=6a393

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1450508
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 19 Jan 2024 22:28:41 GMT
server: cloudflare
etag: W/"2c47-65aaf799-789272ff78154562;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwQR2oC4aclyLYmvHtQHQwn%2BRE%2BviGxDvolTXJgpqWwv4blacsy5Gb%2FOPT7G%2BNFrv0vUdppCLB2PNv0nOzM%2FFQcwkUMy8Ksq5Vr2crJrwgRe1EkmiujtasuaQoQD3YGN"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c6bf013700-YYZ
expires: Sun, 19 Jan 2025 04:29:16 GMT

GET
H3 200 3bf9892e971db026ebc7f0a5a5050d05.css
gbhackers.com/wp-content/litespeed/css/ 4 KB
2 KB 41ms
38ms Stylesheet
text/css 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/3bf9892e971db026ebc7f0a5a5050d05.css?ver=b5f59

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477342
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 04:48:38 GMT
server: cloudflare
etag: W/"105a-65b9d126-46de7bce81708307;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmyB9Cp6O6pKDO1m6iY5o2O5%2BSr69nT0wLicznXGOJN7csP1U7a05HFX35TKAH1vgIMObnOHONK%2BPNvH%2BNrfNPy3tj8VuSTqwZ%2FnkAketZePWuxejW0WMbO20JQStTUL"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c6bf083700-YYZ
expires: Thu, 30 Jan 2025 10:48:42 GMT

GET
H3 200 b76acefd1f0a6b0d32407291bad2eeac.css
gbhackers.com/wp-content/litespeed/css/ 5 KB
2 KB 39ms
36ms Stylesheet
text/css 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/b76acefd1f0a6b0d32407291bad2eeac.css?ver=82142

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fda5ff8910b86411087b7c4c614e66b41eea77a892c9e816840f46c5fb8e9d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5900576
cf-polished: origSize=5456
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 10:21:27 GMT
server: cloudflare
etag: W/"1550-656710a7-af2d2d7541ed9a14;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8iAY4jRuxamqhP8FHEZhYXvnyzbiU86HanANtfWiNEKKmZbcjx7kvCdvfgapgF6g%2BtFz8zDCoevfs4W677yOsQ4uoaj%2BGWf5jHF%2BHcko8875i9%2B7%2FKLhD27oKPQkk2C"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c6bf0e3700-YYZ
expires: Thu, 28 Nov 2024 16:21:28 GMT

GET
H3 200 c31f820e1c0ed5aeebb8bb3728e10ace.css
gbhackers.com/wp-content/litespeed/css/ 34 KB
5 KB 43ms
41ms Stylesheet
text/css 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/c31f820e1c0ed5aeebb8bb3728e10ace.css?ver=3b17e

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73f5ed5132b2f16e83906cdafeb4b12d5d047e7474527c9020df0312df6ba816

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5892562
cf-polished: origSize=35311
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 12:35:01 GMT
server: cloudflare
etag: W/"89ef-65672ff5-13fa49281e8d3958;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZ%2Bh6xtVhLUHr4ruuzAwBosa2E%2FnbfDDSfZa3uIZizdGs7nX4%2BMo%2BTYGP9FG6o49bbK723lWeHKJ%2B2cYEWgmAcs1xo%2FRLuW1DOQHh5fi2XYsr5zJoJ4yE1BuiJLNU9Nf"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c6bf0f3700-YYZ
expires: Thu, 28 Nov 2024 18:35:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 42 KB
3 KB 46ms
43ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPoppins%3A500%2C600%2C700%2C400%7CNiramit%3A500%2C400%7CRubik%3A500%2C400%7CRed+Hat+Display%3A400%7CSpace+Grotesk%3A700%2C400%7CMontserrat%3A700%2C400&display=swap&ver=12.5.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

8dc26caf0d8fc5f38e3b7768563088dafa8faf717d2f8ef6fa67f35749aae4dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:24:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 17:24:24 GMT

GET
H3 200 c6a1c558f9599505e674dc121522b8d2.css
gbhackers.com/wp-content/litespeed/css/ 35 KB
7 KB 41ms
39ms Stylesheet
text/css 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/c6a1c558f9599505e674dc121522b8d2.css?ver=a567c

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb978b753755834b23783cb48a512f099cee571a35418efdac64ed162049617d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5972984
cf-polished: origSize=35637
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 14:14:32 GMT
server: cloudflare
etag: W/"8b35-6565f5c8-4b88fc9a16cfcac7;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDlqzrWg%2BLj9X1hXQ5XLTHqAZBOhXXxucMiJzBK7LKghdJ3p2YvyTPQ2X8WlgfR0jGniBuYo9QTa%2Bp7iHX1DA14txSC7lQcGvCYXQOy3UeeZ3yF%2BgyOTfPMha36u41KF"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c6bf113700-YYZ
expires: Wed, 27 Nov 2024 20:14:40 GMT

GET
H3 200 3634cf0217589f9ac478a28ad0aa8ec4.css
gbhackers.com/wp-content/litespeed/css/ 107 KB
21 KB 64ms
63ms Stylesheet
text/css 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/3634cf0217589f9ac478a28ad0aa8ec4.css?ver=c045b

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4a37cd111f96d393d31dcba0f281b16903bf1a7b7c916aab33a5bdd198ae890

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5978293
cf-polished: origSize=109713
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 12:46:10 GMT
server: cloudflare
etag: W/"1ac91-6565e112-b488e93676b412f9;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKbHBKLfSUiWuTfc9LDSJF9dkq4cUpZjhy8ezRKaQ8wEBEREvCvpH32l3uVjUuy8gL3qclqIDNw0z8K51w5QXR5XA%2B4v%2FRH7N8RNnvyS19Wppn0cL9uEvOT5smJzWbfi"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c6bf133700-YYZ
expires: Wed, 27 Nov 2024 18:46:11 GMT

GET
H3 200 568c797d9a70722a4d648f956f12702e.css
gbhackers.com/wp-content/litespeed/css/ 133 KB
22 KB 43ms
42ms Stylesheet
text/css 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/568c797d9a70722a4d648f956f12702e.css?ver=d3a0a

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

046717d70366ca33bb3789d121ca3e84583e66c783b6dd879da77994cc77a16d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5900576
cf-polished: origSize=136923
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 10:21:27 GMT
server: cloudflare
etag: W/"216db-656710a7-dd84b3439ce4b428;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19sRoeAW7HPrdxje%2B2AThakEgSyQoRm4vh3LTh0uIiU0ET4wDxfH7ptDogAUbAZDBQV3sg1Ou9x%2FjZYwspVpcytyqpuynt15jdXuhJ3Z2ADcsOmsmxzeYskZS6CVVh2q"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c6bf143700-YYZ
expires: Thu, 28 Nov 2024 16:21:28 GMT

GET
H3 200 2e97590493d4e9d98dbf42dad3a70813.css
gbhackers.com/wp-content/litespeed/css/ 514 KB
50 KB 67ms
65ms Stylesheet
text/css 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/2e97590493d4e9d98dbf42dad3a70813.css?ver=fcb5c

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fcf6fe53e66f96bcb2ea0880cd46f587d94cb50ce0eeae6782c27a406ad18b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5978293
cf-polished: origSize=527968
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 12:46:11 GMT
server: cloudflare
etag: W/"80e60-6565e113-13fa49281e8d3958;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WmXsA8KvrpPB0C2f4x8F5ZYRaut%2F8jy%2FzNZwXUr7nQphlpVv0sGNv5hw2dqsqvwFC3DEwjDKUC5sACkK2t%2BmGQJkrBIVqyTuet2dk4yEMw6CcdQ%2BSG4HMUo8Vn5OLEY"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c6bf173700-YYZ
expires: Wed, 27 Nov 2024 18:46:11 GMT

GET
H3 200 d70781104619c8043391f015873e7343.css
gbhackers.com/wp-content/litespeed/css/ 41 KB
8 KB 68ms
67ms Stylesheet
text/css 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/d70781104619c8043391f015873e7343.css?ver=a7f45

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5a19169357b9ffe3b21c07af6a32d873741ae7b3f9755657d9b5cde2c3b145c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8224189
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 12:53:16 GMT
server: cloudflare
etag: W/"9fc9-65439bbc-f06cfe58bb07e66;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRvpFn7bAP4TxrV%2FpUQbOXSDQAhv8WnBUd%2FvM%2BgSPzdR4IRZeOQPGxCnADyK%2BsG%2B1zorFbI%2BPH%2BFOPmuV%2BtvmTyvtPG5WxcZA8jMtbYVIhe%2FnO%2FbGGSes6TCY5E80RNX"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c6bf193700-YYZ
expires: Fri, 01 Nov 2024 18:54:35 GMT

GET
H3 200 424c40e3a95ada4a10614e2f5bae8fbd.css
gbhackers.com/wp-content/litespeed/css/ 98 KB
19 KB 69ms
67ms Stylesheet
text/css 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/css/424c40e3a95ada4a10614e2f5bae8fbd.css?ver=ba3a6

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebeb638f6380a3fa66e608729ebc1c3465ca44015908222c0722e81502261cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5978293
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 12:46:11 GMT
server: cloudflare
etag: W/"188fd-6565e113-c78f25a94aea4d0f;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QX5kD2xXT%2BNhheF3RZfrpTnUVTdrgwmtrRVyiruDHvwMh2jZqte2JQIls6QYRQOZAgIh%2B4ystPojNRcn%2Bto6ppItwqw1Nbtgl7HK2bVhVs1Sg6rujlq3Kv%2BnHBGyuhnW"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c6bf1b3700-YYZ
expires: Wed, 27 Nov 2024 18:46:11 GMT

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 233f2b2d1dc2196f93c236a30a61cbea0a794a1241fc50a85baac3720a95d65d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98a9871b1d3a0a44ad7e7de96d6af7a365c9c86f7524358189169ba2724ed6a4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d49a8f03d0407fedabe49d6db487ad62e4d387c595bcf2a88b623de11fa0e1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adb65669c9ada12a5c7a102979d8bf26cb39baeb296e836bc06ea6f0c8ed4f4f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
517 B 44ms
44ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 16:04:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 17:24:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
744 B 46ms
45ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

32ae247e879a3b1b2405758e18afb6c4d3b4ff120090ade83f320df4681c1ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:24:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 17:24:24 GMT

GET
H3 200 rocket-loader.min.js Show response
gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 36ms
36ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 18:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b94449-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5pGUZ9H1o4zj3a5vYjghVElefnH7tHirKTf9XXZh9JSacBdqnMxrS082vqQpnDq7o2g9uCy4Cvti16fw5ovCKBk1FpFtf8Rv9H%2FQIaSFTwXjn3ydly8RM8lVvTH8kv4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 850cd8c70f9e3700-YYZ
expires: Wed, 07 Feb 2024 17:24:24 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5542c4510ca401b310518148c408ba1c52a97e35ac3a0dde456230b6894a6ed

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 email-decode.min.js Show response
gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 28ms
27ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 18:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b94449-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZR7I9IzzwgsMTSAfZz1oBqjKX2DSC6MnLCtza7D7ELkIDF1e4f2ovSD%2FxNd1mp7r41F%2FiyCn2zI3Z2b94WMlU34wgaGeKeyzRd7aKAPWcRnAVdidL5vv1ALbi0eEBUh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 850cd8c72fbc3700-YYZ
expires: Wed, 07 Feb 2024 17:24:24 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cd1aa3320ac7c4b14118aa9ea4d422041f089d53cb3ddbc61dbad69eb1fd12e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc915c1f3bb527c0ad9c102c5f6004c9e5a84a5ba637a76b13611e66eb6487f2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b1748d8cea8b7f3eeace07cef59dfb618e116d46b2a1bd8cdab1bdbcf716590

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37552f69514fecd835ff9c729be34b76f064fd722ce5bdeea316015fde5ac027

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET 2020072771408f81-31a7-403e-59dd-d687f193fc7d.jpg
staging.gbhackers.com/wp-content/uploads/2023/08/ 0
0

GET
H3 200 newspaper.woff
gbhackers.com/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 35ms
34ms Font
font/woff 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?221

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-content/litespeed/css/3634cf0217589f9ac478a28ad0aa8ec4.css?ver=c045b

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gbhackers.com/wp-content/litespeed/css/3634cf0217589f9ac478a28ad0aa8ec4.css?ver=c045b
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8224189
alt-svc: h3=":443"; ma=86400
content-length: 33488
last-modified: Fri, 11 Aug 2023 11:01:29 GMT
server: cloudflare
etag: "82d0-64d61509-93ce23cc59205ee5;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrZakw6wrtLlWxhlt89OQplzhCYb3gFxYO4%2FK1Y7lYFQbRAzCz%2F5VIdoOAnUn4xtNT%2Fv41Criga7xsjtdXzQRiunK%2BgBEiqPJOp9J%2Fralv84sh4lUfM9DC%2B7sNLIFUwx"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 850cd8c7987a3700-YYZ
expires: Fri, 01 Nov 2024 18:54:34 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 34ms
33ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPoppins%3A500%2C600%2C700%2C400%7CNiramit%3A500%2C400%7CRubik%3A500%2C400%7CRed+Hat+Display%3A400%7CSpace+Grotesk%3A700%2C400%7CMontserrat%3A700%2C400&display=swap&ver=12.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:10:42 GMT
x-content-type-options: nosniff
age: 375222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:10:42 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 36ms
35ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:13:22 GMT
x-content-type-options: nosniff
age: 375062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:13:22 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 38ms
37ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 20:26:45 GMT
x-content-type-options: nosniff
age: 75459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Feb 2025 20:26:45 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 58ms
57ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 05:39:31 GMT
x-content-type-options: nosniff
age: 387893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 05:39:31 GMT

GET
H3 200 fontawesome-webfont.woff2
gbhackers.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 75 KB
76 KB 40ms
40ms Font
font/woff2 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/wp-content/litespeed/css/c6a1c558f9599505e674dc121522b8d2.css?ver=a567c

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gbhackers.com/wp-content/litespeed/css/c6a1c558f9599505e674dc121522b8d2.css?ver=a567c
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5804612
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Fri, 11 Aug 2023 11:01:47 GMT
server: cloudflare
etag: "12d68-64d6151b-8994aa5bb479bd34;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKHYugMCsld9fYTXRQjib1jvzAS0YayKKhDNQmHoqcNPCc8B9e5jzHd8Hti6IifhuJh1alMnlPPNSZCdz48f6q0rG2NUYLxTeoNnKG1ZKLYFBvHshVoQK0tcCpWGOKl0"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 850cd8c798813700-YYZ
expires: Fri, 29 Nov 2024 19:00:52 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 67ms
66ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 05:39:12 GMT
x-content-type-options: nosniff
age: 387912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 05:39:12 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 64ms
63ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:10:42 GMT
x-content-type-options: nosniff
age: 375222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:10:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 68ms
67ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:18:35 GMT
x-content-type-options: nosniff
age: 374749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:18:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 69ms
68ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:31:21 GMT
x-content-type-options: nosniff
age: 373983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:31:21 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 73ms
73ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:18:48 GMT
x-content-type-options: nosniff
age: 374736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:18:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 71ms
70ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:21:05 GMT
x-content-type-options: nosniff
age: 374599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:21:05 GMT

GET
H2 200 8vIf7wUr0m80wwYf0QCXZzYzUoTK8RZQvRd-D1NYbmyWQk8z-A.woff2
fonts.gstatic.com/s/redhatdisplay/v19/ 13 KB
13 KB 80ms
79ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redhatdisplay/v19/8vIf7wUr0m80wwYf0QCXZzYzUoTK8RZQvRd-D1NYbmyWQk8z-A.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

d32442891dcae36d8ca84ef307be3534ec1bb25f0b72a290446e50560a877692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 05:39:46 GMT
x-content-type-options: nosniff
age: 387878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12908
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:53:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 05:39:46 GMT

GET
H2 200 V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
fonts.gstatic.com/s/spacegrotesk/v16/ 22 KB
22 KB 76ms
76ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spacegrotesk/v16/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

7d707172ce856c4ce5413ba9adb35483106a2f1ad9b4fdd285f3b1540cb4f7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 02:56:26 GMT
x-content-type-options: nosniff
age: 138478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22284
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:44:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Feb 2025 02:56:26 GMT

GET
H3 200 948ee26f370f8f0ca7d5290060ea7d42.js Show response
gbhackers.com/wp-content/litespeed/js/ 201 KB
48 KB 45ms
44ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/js/948ee26f370f8f0ca7d5290060ea7d42.js?ver=09a31

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ea33bb1565c64b033be9f6e65ebeff13d03459f6d8d3fe0568cf14913b74bcd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5978293
cf-polished: origSize=206104
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 12:46:11 GMT
server: cloudflare
etag: W/"32518-6565e113-627ad9ec0dca6e5e;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gncjMZDZ9ylRMpxJ%2FK5hA0HrrRoGwfMAMUOn6kY0zf4XslJYz6m2pqdGdjv44%2FC%2BPYtBmz%2FBVprv75HzHzLoioCP82tgFRKgbSaMs8Q3wXfM1m6VFUu%2FCfpBlQGKD2gd"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c7c8d33700-YYZ
expires: Wed, 27 Nov 2024 18:46:11 GMT

GET
H2 200 e-202406.js Show response
stats.wp.com/ 7 KB
3 KB 30ms
24ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202406.js
Requested by: Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT yyz
date: Mon, 05 Feb 2024 17:24:24 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356930.8542
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 16:05:18 GMT

GET
H3 200 instant_click.min.js Show response
gbhackers.com/wp-content/plugins/litespeed-cache/assets/js/ 4 KB
2 KB 48ms
46ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=5.7.0.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 5903997
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 10:27:30 GMT
server: cloudflare
etag: W/"e63-65437992-99415a2fab1e9c2e;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuES%2BxU5%2FbczEdsq86Ntmt1DcVPT7hNjjem3%2BWdt5fxj01XFvH%2Bfr4qQoVawgE6%2BWVqviLqaYFZSsvdOS2ousCIW0ja3MeH%2F1DRv0K4g2JVkmVXZ1bz8GW1GK%2B5DoJ%2Bh"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c7c8da3700-YYZ
expires: Thu, 28 Nov 2024 15:24:27 GMT

GET
H3 200 20fe1466ec961d6814f53fba3f79a3e2.js Show response
gbhackers.com/wp-content/litespeed/js/ 3 KB
2 KB 39ms
37ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/js/20fe1466ec961d6814f53fba3f79a3e2.js?ver=4cd81

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84c0fa68ee2db40f022744b0df40c9642364978814babe80631ee14649c57a3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477341
cf-polished: origSize=2982
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 04:48:38 GMT
server: cloudflare
etag: W/"ba6-65b9d126-d69f4e490c7eed84;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OS0JqYmKDpVLpffyB3jbvVOl7mxKgHniiwFdMOT8wLKiwCi3Pn16veVa8af1MWI3cxSjTj95OPwed809rdFGmNHOjjJFHKx0lL%2Ft5UVeFhu%2F15vgpsGg4%2Fcnk1fV1d31"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c7c8dc3700-YYZ
expires: Thu, 30 Jan 2025 10:48:43 GMT

GET
H3 200 88abcef607d2b87dee895ff8396d0658.js Show response
gbhackers.com/wp-content/litespeed/js/ 304 KB
72 KB 52ms
50ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/js/88abcef607d2b87dee895ff8396d0658.js?ver=0cf60

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2defb9660abeee3ab31471e8ef505caeedae433761e78398015fff073073ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5978293
cf-polished: origSize=311606
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 12:46:11 GMT
server: cloudflare
etag: W/"4c136-6565e113-faf19de049633089;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v79PJJO6SwXYX7mhQHWVCdWi9FE3fcfaYQ9D3hiX5v8uO3QyzVtE7k455NUpY%2FKCQ0ImfoLwU7bOMSOe%2BgClWYW0cWhHYrxmbImuJyTEYFYiHaMivLYVJ7AtEwaAP2FC"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c7c8e13700-YYZ
expires: Wed, 27 Nov 2024 18:46:11 GMT

GET
H3 200 c69540ea4875bada46c79fef485c0d63.js Show response
gbhackers.com/wp-content/litespeed/js/ 5 KB
3 KB 42ms
40ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/js/c69540ea4875bada46c79fef485c0d63.js?ver=53ab5

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36fa7ec483adc206a0b0ec5e6aa360d6889efffaa0655729b36513ca6aa28dec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5809285
cf-polished: origSize=5433
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 11:42:58 GMT
server: cloudflare
etag: W/"1539-65687542-4b88fc9a16cfcac7;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSv1Kg8X54x7eBS7sADexRgb2r6YfuqfXyJPFvplAqSxwjbkfblSnTjytbf5h82NEjze1wxU99jNFrvDnrF0F1J3QUKIbAGWRfCwNalBDEAA8cjbqgc9bbA6zYWdOQI1"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c7c8e43700-YYZ
expires: Fri, 29 Nov 2024 17:42:59 GMT

GET
H3 200 686ee657c2c36e1c7c77a1805f3b498d.js Show response
gbhackers.com/wp-content/litespeed/js/ 18 KB
8 KB 46ms
44ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/js/686ee657c2c36e1c7c77a1805f3b498d.js?ver=b57fe

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22c46011b6b9a23b7219e2ed6a78aa06e0d6fb0c274166ecc7ba412f020b12c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5978293
cf-polished: origSize=18834
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 12:46:11 GMT
server: cloudflare
etag: W/"4992-6565e113-45d18116543acaa0;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KBJvPEM39kM3mRNgxDRukG96cunC8kwC1s4ysk4zdSMreGYJ185WJLhq9h0oV4Ir7JUp5L6gSW4Dkt4PnB4W6qqG6E9cWRxfJmh0c6uHs1bR7cFxKAZIMOj%2FuDpF64l"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c7c8e63700-YYZ
expires: Wed, 27 Nov 2024 18:46:11 GMT

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 165ms
42ms Script
text/javascript 152.199.5.152
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.5.152 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/8117) /

Resource Hash

e8bb46d80302efabc7c4e63a92161bf286d14ff7ae3931127fd6cd6cb4428b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV4
x-cdn: ECST
age: 574
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163638
x-li-uuid: AAYQpZmAx9oJpIThbCJWIA==
last-modified: Mon, 05 Feb 2024 17:14:51 GMT
server: ECAcc (cha/8117)
x-li-pop: prod-lva1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Mon, 5 Feb 2024 18:14:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
52 KB 136ms
68ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5372786174760228&host=ca-host-pub-2644536267352236

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

0a04a6b477324ec10bc1322c568e6fe5d061ae803e1db827e38d05ca2e604f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Origin: https://gbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52493
x-xss-protection: 0
server: cafe
etag: 16092199916160271947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 05 Feb 2024 17:24:25 GMT

GET
H3 200 44a8438280a25fc2bef30c67fe80af6b.js Show response
gbhackers.com/wp-content/litespeed/js/ 13 KB
6 KB 42ms
39ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-content/litespeed/js/44a8438280a25fc2bef30c67fe80af6b.js?ver=2e1f4

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a31a33fc31ae7a9514ac25ccd3288f9ee2fbfbbd33b07f58f694e207876bdf1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5978293
cf-polished: origSize=13577
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 12:46:11 GMT
server: cloudflare
etag: W/"3509-6565e113-3a62af7c2954106f;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hm5mrGPMGymzHCdbAdXM9q5Ap%2FTsUblHPU7ozuue81W2O0FQJEEVBA4OD9yhUqoG95v%2BpJiKLXBZ5ylmm0KPXEbAkXpH1%2FxpGCcr4dZyc0olzYKMFF3HkSEQaC39E5%2F5"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c7c8e83700-YYZ
expires: Wed, 27 Nov 2024 18:46:11 GMT

GET
H3 200 jquery.min.js Show response
gbhackers.com/wp-includes/js/jquery/ 86 KB
31 KB 47ms
44ms Script
application/javascript 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbhackers.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:24 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 3556427
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 03:59:08 GMT
server: cloudflare
etag: W/"15601-654b078c-f2627e7a294a91aa;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCCET3tQRPvjX2hSZ9C6ujrhqJp%2BygMythVOZdRhG2MDylFxV9Au37%2Fpty9rELaeJ0WxUvyaKihQr28xPfXi1Z1KfaAYeW4D9kx7sxIf4wDR81PvCdIgRCfoa4C%2BhEWC"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 850cd8c7c8e93700-YYZ
expires: Wed, 25 Dec 2024 19:30:37 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ 406 KB
138 KB 145ms
81ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5372786174760228&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

e308c1328ae3042d14022fdea1e3d37d7ec24a019b4612ff6eec495f8ce55749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140884
x-xss-protection: 0
server: cafe
etag: 1726191228802624425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 17:24:25 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/ Frame E3F4 9 KB
5 KB 97ms
31ms Document
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5372786174760228&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 29086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 09:19:39 GMT
etag: 9539045072340585784
expires: Mon, 19 Feb 2024 09:19:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 26ms
24ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=116523949&post=77674&tz=0&srv=gbhackers.com&j=1%3A12.7&host=gbhackers.com&ref=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&fcp=318&rand=0.25047934747509704
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Feb 2024 17:24:25 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 Hackers%20Abusing%20LSASS%20Memory-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3MdCsztTN8T75P4vfEOTYb6C3b05vMkILaDpkyo9XkABIrvqVI0ptUpJxPn3wenJNKkXGgfgLa-0FYj8UPZ7ShYyujg83JV39mpGxJ-9aOUwJgiRWU3iBO6k5CXkGbNuoL6i69wYu4PRfD9mj... 176 KB
176 KB 163ms
156ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3MdCsztTN8T75P4vfEOTYb6C3b05vMkILaDpkyo9XkABIrvqVI0ptUpJxPn3wenJNKkXGgfgLa-0FYj8UPZ7ShYyujg83JV39mpGxJ-9aOUwJgiRWU3iBO6k5CXkGbNuoL6i69wYu4PRfD9mjVTaPX11hrtCBowYh8Rs_8OkqJm-_I8eFTG_NL6PrPFLO/s1600/Hackers%20Abusing%20LSASS%20Memory-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

e25e62add9112517afe60b0717ae615a60807a3da37223234084b694e42e723c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "vb64"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers Abusing LSASS Memory-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 180308
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Sidewinder%20Hacker%20Group%20Using%20Weaponized%20Documents%20to%20Deliver%20Backdoor.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMbLxXoTYzbRwMo8Hr0QCK8yBfoh_VRuk5Q3ma1zYGFFValoUZnZWgOIBCBoC_lHI4elJbWmAiaHbNljbnpc2s5Gj26WmxGuzqphnKjYyniJnEiQHXgN2wyJVNnmsLN8YEGV8I79wCseNMYCxG... 272 KB
272 KB 240ms
233ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMbLxXoTYzbRwMo8Hr0QCK8yBfoh_VRuk5Q3ma1zYGFFValoUZnZWgOIBCBoC_lHI4elJbWmAiaHbNljbnpc2s5Gj26WmxGuzqphnKjYyniJnEiQHXgN2wyJVNnmsLN8YEGV8I79wCseNMYCxGUN72Lo6VAKJ23WNpEpvOzfwfOQjWRRm0LFR8UlkAvTtH/s1600/Sidewinder%20Hacker%20Group%20Using%20Weaponized%20Documents%20to%20Deliver%20Backdoor.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

4609c06d6b3f68810684ff17043090a96ca190ae3188afe1206ed2f5f62f4a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "va17"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Sidewinder Hacker Group Using Weaponized Documents to Deliver Backdoor.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278226
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Remove%20Default%20Passwords%20CISA%20Warns-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5yW38D9CQrq0PI2q4C0D2Uf6IS9m_77rwHyv4DyU_MG7Q7I88kzENoookqRl2_c7eQGyUPnm820FkSs_zzgkaZKT2qCxa812Zu1he9dSryw-egr4Z_wacpVpYzxpHKskgMX6FzVYPkBldEYx-... 138 KB
138 KB 161ms
155ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5yW38D9CQrq0PI2q4C0D2Uf6IS9m_77rwHyv4DyU_MG7Q7I88kzENoookqRl2_c7eQGyUPnm820FkSs_zzgkaZKT2qCxa812Zu1he9dSryw-egr4Z_wacpVpYzxpHKskgMX6FzVYPkBldEYx-NU550nNfi-No2PPZpti0v9hHLsuKPYsWHlCaSJz4WLR8/s1600/Remove%20Default%20Passwords%20CISA%20Warns-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

e4eb1181801bbf483c630b0b4ea7e478584de25bb5ebc68343f370b420f36fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "va15"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Remove Default Passwords CISA Warns-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140983
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 50%20Insider%20Attacks%20Via%20Privilege%20Escalation%20Flaw-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhN9Y7NX4ZCoqtC9fuC63v5Nsp9zcJspRc9JO42fcFL9D3aDArasvTJ-Ww4vS_3m87KU-a_LHkmBrbRb9P3XPvXN3GIhbiHHmt0BhKLFC-37xQwVuqijnayMG-kTAxQL-buHcRRNvvw8dTQa9dT... 132 KB
132 KB 218ms
212ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhN9Y7NX4ZCoqtC9fuC63v5Nsp9zcJspRc9JO42fcFL9D3aDArasvTJ-Ww4vS_3m87KU-a_LHkmBrbRb9P3XPvXN3GIhbiHHmt0BhKLFC-37xQwVuqijnayMG-kTAxQL-buHcRRNvvw8dTQa9dTNtZOwEZSlH4xtDLvuNJX4P6Mbj169JUN3_sz2tNT6DnP/s1600/50%20Insider%20Attacks%20Via%20Privilege%20Escalation%20Flaw-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

83f7bfce8835fecb5302bfc1fe5ecca789506beaaceff69aa097629f9739221f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v992"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="50 Insider Attacks Via Privilege Escalation Flaw-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134796
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 North%20Korean%20Hackers%20As%20Both%20Job%20Recruiters%20&%20Seekers(1)-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhtJTsFSkCpcwJ0mSd1q9NfJyEgYLQLPOKbZxf9Da11TUBkkF2oFfkL0PFWTisY8bWwdK554PDyvgJ3L-8YzALrjgmesh05UuCeN9E1Crbsu94uxRHiyK1IhiMiSqsLDRuFy6u_rFaXiZSEIIeu... 159 KB
159 KB 228ms
222ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhtJTsFSkCpcwJ0mSd1q9NfJyEgYLQLPOKbZxf9Da11TUBkkF2oFfkL0PFWTisY8bWwdK554PDyvgJ3L-8YzALrjgmesh05UuCeN9E1Crbsu94uxRHiyK1IhiMiSqsLDRuFy6u_rFaXiZSEIIeusi87PYAWkKBXXm_m3HNcQ7HLFwkHSFPjjwOlAxTnRAUK/s1600/North%20Korean%20Hackers%20As%20Both%20Job%20Recruiters%20&%20Seekers(1)-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

8aa739bb859941d2f12e90c188858b7cf127d3c7dda07f70b171e981076b8660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v8df"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="North Korean Hackers As Both Job Recruiters & Seekers(1)-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163023
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Ivanti%20Zero-day%20Under%20Attack-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihv7ue2wNAoeNH707gwk4FmS2rmIOTD-3voVB9BEGN00U458gdoMWkYOlEeuNHEP9QfETA1e45_fyFJ0mQ6aV3c7-kpW4bzciVJ2bW0lTFwUCNqxkLYDvAorx9s_4u6umsuK-ZK9ee28t9ZvQE... 72 KB
72 KB 166ms
160ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihv7ue2wNAoeNH707gwk4FmS2rmIOTD-3voVB9BEGN00U458gdoMWkYOlEeuNHEP9QfETA1e45_fyFJ0mQ6aV3c7-kpW4bzciVJ2bW0lTFwUCNqxkLYDvAorx9s_4u6umsuK-ZK9ee28t9ZvQEFxZPbY2yIGoblYzb0s1y0YGtWRYHqRisrx3SBSTbCNjP/s1600/Ivanti%20Zero-day%20Under%20Attack-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

2d4d1908b557d4c21b1023a4a43ed10373f89bd070d3029005572b7f41809764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "vbd6"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ivanti Zero-day Under Attack-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73710
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 RCE%20Attacks-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgljclWQECI6qJDnVc83P3bVIyltTNP14UYNmIrP_4YNCjC_NP9gZ0o0TpCa5xHTS6SU1AOIa6IXuOF3UR1_P-dpgk8LUOVIxqaLs-GytuhtbrV462Sm_PDsNe-frCXXPx-zwGsFyPs7cr7vAxJ... 359 KB
360 KB 170ms
164ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgljclWQECI6qJDnVc83P3bVIyltTNP14UYNmIrP_4YNCjC_NP9gZ0o0TpCa5xHTS6SU1AOIa6IXuOF3UR1_P-dpgk8LUOVIxqaLs-GytuhtbrV462Sm_PDsNe-frCXXPx-zwGsFyPs7cr7vAxJyorztVESW46_DlOV1_zQRinVzkm-FO3yCf1Ko3soLJ3B/s1600/RCE%20Attacks-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

9681064cc0d41b9f603de6b0b6ce684bf6c448387bfd377441faf3286aead8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "vbbc"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="RCE Attacks-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 368038
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 git-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGTsojU1K0Ed8p_7rQDlBYk4Wd-E5-O_3p03AGnyL0AkCKVJNb5GrQPDy7UuIP2KMLC4Pf9aQexFRlmawg25J0CTKX9GUsc8LrzuT8BxLIO8xHqWneJ-pj3PLb2R0dn0brK6gFsW7exDn3Acj3... 59 KB
60 KB 229ms
224ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGTsojU1K0Ed8p_7rQDlBYk4Wd-E5-O_3p03AGnyL0AkCKVJNb5GrQPDy7UuIP2KMLC4Pf9aQexFRlmawg25J0CTKX9GUsc8LrzuT8BxLIO8xHqWneJ-pj3PLb2R0dn0brK6gFsW7exDn3Acj3ZbxJZPtiLqXxUBlQnIorAZuZq11xjhroee_oQTx3vIz-/s1600/git-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

126491ca5eb371eda925bbc0bfc5880354f4f0ef46fc05a53cb08e611526dde1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "vbaf"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="git-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60916
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Jenkins.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEIAfUvlhfkVUXpvrZ02udJyHqHtATCq1OW6E1Jv8WGqfIY_eFz9kVzpqgY9jRY4TFmleecFmGtjh258DFzbEtmGsj9gSgjcf4E8h31Yam3Q7HmeQIOEqrkHHYVVmA7JEp2X85HOZUZkg8HWwl... 122 KB
122 KB 237ms
231ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEIAfUvlhfkVUXpvrZ02udJyHqHtATCq1OW6E1Jv8WGqfIY_eFz9kVzpqgY9jRY4TFmleecFmGtjh258DFzbEtmGsj9gSgjcf4E8h31Yam3Q7HmeQIOEqrkHHYVVmA7JEp2X85HOZUZkg8HWwlni7IcfMFjjMu5QUxZc6QLsiZXbe1vr_ZK9NxcyejHJya/s16000/Jenkins.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

5101fa4f35f9e33fae7d6df0ecba0dbf0e8805fe9d234bbf005a4fe3a9991865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5e3a"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Jenkins.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125154
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Outlook%20Flaw%20Let%20Attackers%20Access%20Passwords.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8Bp7YUe-ngLuHvjOgzixvPeb1vStBTSwmCOhiQih_pQK2KHcL5g4TLzTYl-FmEkOu3V72oGYIqZY0Zr5N1LiamODitpwiFcnt_8g0D9SEiIQrw4AXL1VC3mt5ymXI4_X_tSB19awMSxVYs5ov... 63 KB
64 KB 198ms
193ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8Bp7YUe-ngLuHvjOgzixvPeb1vStBTSwmCOhiQih_pQK2KHcL5g4TLzTYl-FmEkOu3V72oGYIqZY0Zr5N1LiamODitpwiFcnt_8g0D9SEiIQrw4AXL1VC3mt5ymXI4_X_tSB19awMSxVYs5ovPUh2V11CRVLscfdURfeDQe5_A1dMrhlX3SbGq95x6oy1/s16000/Outlook%20Flaw%20Let%20Attackers%20Access%20Passwords.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

d1fed9652886febb863676496730bcd839a9c435fa6f72c015c0ee171a9430d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5e05"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Outlook Flaw Let Attackers Access Passwords.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64913
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 cyber%20security%20plan%202024.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipkK3moJRiE7kUdIvg4ujOIIvvsLUY_3O8MFZaD9xWBU2jH8d43ivTQYYwYzGepFIvKcv9ICLOL3rjCtm3UEN7C3ZzY3bqa_he8BeVa7IANTei5rvCvoe2e7RnGgd462rV4cZ3T1RbkUK7jhGt... 396 KB
397 KB 290ms
285ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipkK3moJRiE7kUdIvg4ujOIIvvsLUY_3O8MFZaD9xWBU2jH8d43ivTQYYwYzGepFIvKcv9ICLOL3rjCtm3UEN7C3ZzY3bqa_he8BeVa7IANTei5rvCvoe2e7RnGgd462rV4cZ3T1RbkUK7jhGtYMR0EK9zNtAg9VdCTo3zfDUNaffjoBy9Mr4BYEznhUqB/s16000/cyber%20security%20plan%202024.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

fdc6769a72ebf95f9891d967d25c16b60389dd84518e63a634cf1229f99012cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5d4f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cyber security plan 2024.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 405989
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Unpatched%20Critical%20Vulnerabilities%20on%20AI%20Tools.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaWqBung4Y7EhwCULj372w6pnVGDj7qX3G8KtYoccwmOCfU_KRpCe3fOWk0QjONil4FpiSu5kABH3BAXpqq3xbVx27n5U6GW-W9mZYatM0PTXTtjYZqOC95bdJf74sV3Sfdg6e63T9ebCZvt74... 234 KB
235 KB 184ms
179ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaWqBung4Y7EhwCULj372w6pnVGDj7qX3G8KtYoccwmOCfU_KRpCe3fOWk0QjONil4FpiSu5kABH3BAXpqq3xbVx27n5U6GW-W9mZYatM0PTXTtjYZqOC95bdJf74sV3Sfdg6e63T9ebCZvt74XDW1esYGS67yzbwSWn6B4tE8BFgWXo2JckBC_BMkg8EV/s16000/Unpatched%20Critical%20Vulnerabilities%20on%20AI%20Tools.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

53661e1472a669c228222922fbf39f8c593c539e488241b50966070b51ed9f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v6f31"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Unpatched Critical Vulnerabilities on AI Tools.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240082
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Promptmap%20-%20Tool%20to%20Test%20Prompt%20Injection%20Attacks%20on%20ChatGPT%20Instances.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjreedTQE0_OpTK8YjIc75jn0JFHzOPlA6eEHpjpf18L2fOlBz8D36HG8jAawQB2m6d6wsYv9XJLowSIkxixoNmZwbcm_SEPocy6vsK7kqSYZWU2R2fbkHtW6gsyrUVpa53379tL0M8T38epGWu... 113 KB
113 KB 232ms
227ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjreedTQE0_OpTK8YjIc75jn0JFHzOPlA6eEHpjpf18L2fOlBz8D36HG8jAawQB2m6d6wsYv9XJLowSIkxixoNmZwbcm_SEPocy6vsK7kqSYZWU2R2fbkHtW6gsyrUVpa53379tL0M8T38epGWuKxIauv3hlVEsacrbLf3-6-h5CG-5jka8IHtO2qJ6R0C9/s16000/Promptmap%20-%20Tool%20to%20Test%20Prompt%20Injection%20Attacks%20on%20ChatGPT%20Instances.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

12caed2c3b74424afad5b326b244f89bb46e00ecda6eed633e08a2654afbbe18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v59d9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Promptmap - Tool to Test Prompt Injection Attacks on ChatGPT Instances.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115681
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Researchers%20Uncovered%20a%20New%20Flaw%20in%20AI%20Chatbots%20to%20Turn%20Them%20Evil.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQCBulvpZA1KCUz76PJeM-To76WWpXE9q8474j3e3bGGqwfTcEmP3nWe9iUC6aM7VJ4ETRhXVKFDd8Fz6_B7_qT7V5NjODN3uVkMV4Ra7jx5QezTrN2G9uMcoT9fkTQqj8oE4Z77mhzX16sAp1... 110 KB
110 KB 243ms
238ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQCBulvpZA1KCUz76PJeM-To76WWpXE9q8474j3e3bGGqwfTcEmP3nWe9iUC6aM7VJ4ETRhXVKFDd8Fz6_B7_qT7V5NjODN3uVkMV4Ra7jx5QezTrN2G9uMcoT9fkTQqj8oE4Z77mhzX16sAp1ATYC0BUpf6NGbN0CiR1PXoz-UfNznAC5A1CVb1Bg_BnS/s1600/Researchers%20Uncovered%20a%20New%20Flaw%20in%20AI%20Chatbots%20to%20Turn%20Them%20Evil.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

4ec2e0a9621a04369a540c5621200689817f754b76c2a86489afe64c00811b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v300"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Researchers Uncovered a New Flaw in AI Chatbots to Turn Them Evil.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112380
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 FraudGPT%20Dark%20Side%20AI%20Tool.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg178YD3c1AeYosKbPBkR-iQSct_fS_ylC9XycoxSZO8X4SVOIFUcfJBMpc2rNAosRHRagjIMghPpvZCcCBWZWFW-swCbXyJiKTC6BuRiEyu4ccLA2z7LUHngt4N1hIy9YITrqkSI8f_5U-9zyd... 130 KB
130 KB 202ms
198ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg178YD3c1AeYosKbPBkR-iQSct_fS_ylC9XycoxSZO8X4SVOIFUcfJBMpc2rNAosRHRagjIMghPpvZCcCBWZWFW-swCbXyJiKTC6BuRiEyu4ccLA2z7LUHngt4N1hIy9YITrqkSI8f_5U-9zyd0k5sz-SeMXoLIwwhvZ46uq5WrbZ8rrwVL7QIcl7Vws6x/s16000/FraudGPT%20Dark%20Side%20AI%20Tool.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

d7e1116c00141cde70eb79551330c376c31db0cd5df2d1cc9dd64c68ef727c3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5840"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FraudGPT Dark Side AI Tool.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132951
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Toyota%20Ransomware%20Attack-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvd126pPteDYkIe8KSUKdY_LcP0MhkLd6XuqGCVowxpA00CJ6agpK9l9m7W3Nb5dSLksH5gVVhimIaXb3T0a3YoIzHzdemBSBO7HVf563UL8GUPY6uJtcqP5m_61ZtTtuM-4eua1OAuhig0DYU... 154 KB
154 KB 234ms
229ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvd126pPteDYkIe8KSUKdY_LcP0MhkLd6XuqGCVowxpA00CJ6agpK9l9m7W3Nb5dSLksH5gVVhimIaXb3T0a3YoIzHzdemBSBO7HVf563UL8GUPY6uJtcqP5m_61ZtTtuM-4eua1OAuhig0DYUVtYAZj_9kFU8z_6paKtWco-jsixKGUNHfBXnfYsJFYov/s1600/Toyota%20Ransomware%20Attack-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

15c1fa3b178d31c3daed27a4cff7b61ea8073060df1c5b3c5aed99ede66bda74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v9ac"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Toyota Ransomware Attack-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157488
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Hackers%20trick%20Users%20With%20Data%20Leak%20messages(1)-1-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivan29UO4I2CONplE_7gOQxHPHQ0eKrIJJRDpFNhTmpWaOdPht7fVbPWyI0RM_oW8xKCSIsrKBClR9_9iYYfvfdIl9oPPGbg6yBh1oZj3pQkbbqU303_moVLGZFr_78wKq9S6mtx6nWYIUw-Uo... 184 KB
184 KB 219ms
215ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivan29UO4I2CONplE_7gOQxHPHQ0eKrIJJRDpFNhTmpWaOdPht7fVbPWyI0RM_oW8xKCSIsrKBClR9_9iYYfvfdIl9oPPGbg6yBh1oZj3pQkbbqU303_moVLGZFr_78wKq9S6mtx6nWYIUw-Uon9I7EKw1-xRGVW1dxQyhNLL97kCPEubsUhyYhyGN0Dwu/s1600/Hackers%20trick%20Users%20With%20Data%20Leak%20messages(1)-1-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

36973c14c4ec99c8a2628f8e69399425dd0a55518755792533569d763b1a654e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v9a0"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers trick Users With Data Leak messages(1)-1-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188325
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Chinese%20Hackers%20Stolen%20Chip%20Designs%20from%20Major%20Dutch%20Semiconductor%20Company.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWCQ3N9U2sxe4JvFko3Tb4MLpeoU8NBDx2sBcneaXH-bN1t6V63s0BoOb-U7Seid0SYcX_AtAdBaGQ_MjFJeEHYmAick33inpx-ObfMeD2X-cGg4j-QUk1tMNAUDWZhePNyIG-9Q3ZyYQbJuxt... 262 KB
263 KB 205ms
200ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWCQ3N9U2sxe4JvFko3Tb4MLpeoU8NBDx2sBcneaXH-bN1t6V63s0BoOb-U7Seid0SYcX_AtAdBaGQ_MjFJeEHYmAick33inpx-ObfMeD2X-cGg4j-QUk1tMNAUDWZhePNyIG-9Q3ZyYQbJuxt8xXu04uLCgtpfnua2KaOOFiTmLKVsMmhyCyXEUBeEqiK/s1600/Chinese%20Hackers%20Stolen%20Chip%20Designs%20from%20Major%20Dutch%20Semiconductor%20Company.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

86bf766865ae129b5f6eb788f265a19bc6a1d21fb88e3289e3955e2f4f89d5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v923"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Chinese Hackers Stolen Chip Designs from Major Dutch Semiconductor Company.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 268518
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Ransomware%20Gang%20Files%20an%20SEC%20Complaint-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvS7DIecejLM9kuz3URlx-LRcsHGiUE81Vz5g8lOouD2fH-CNefqbnxOevukb6qJ8tPWWhTAOjgoKpKarGyqLzPvbjh2s9v4AvZwzotbwJ9ycGIZJonhSzjC-PHPufuyRuDKMjrgk5MFZN1buZ... 175 KB
175 KB 246ms
242ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvS7DIecejLM9kuz3URlx-LRcsHGiUE81Vz5g8lOouD2fH-CNefqbnxOevukb6qJ8tPWWhTAOjgoKpKarGyqLzPvbjh2s9v4AvZwzotbwJ9ycGIZJonhSzjC-PHPufuyRuDKMjrgk5MFZN1buZwl_otEr4SejOGf5k1FnxlWCdoJVcbSwURt-WgKdBefd9/s1600/Ransomware%20Gang%20Files%20an%20SEC%20Complaint-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

3fe1e827ec6e0faf05d0559b2bc49a2d2f07edb09b82e09c7adb6bff173f69d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v89b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ransomware Gang Files an SEC Complaint-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178960
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Police%20Imprisoned%20for%20Selling%20Secrets-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEht7E9P4n3n4efmsQPoHD36QMZT4vLh8Nvglpw-9O6Df4iduS5xPFAlUWD5gxLdkGzTZ3i803jJl8lsu1fvbBAUzbYcvErRXUhil38IJkklU9OPpYamaPcmiaMxygpgEz-_48tqXAHhtchrqjkI... 126 KB
127 KB 200ms
196ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEht7E9P4n3n4efmsQPoHD36QMZT4vLh8Nvglpw-9O6Df4iduS5xPFAlUWD5gxLdkGzTZ3i803jJl8lsu1fvbBAUzbYcvErRXUhil38IJkklU9OPpYamaPcmiaMxygpgEz-_48tqXAHhtchrqjkIFmdi3Iw1GSV20v54PGUjzCfmxH4DirDs7AbjRZjLzxo3/s1600/Police%20Imprisoned%20for%20Selling%20Secrets-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

2d0c65d57cea07c651bd80f7165d8ec50a1c09884db8c911cc5a3a45cd46390b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v82e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Police Imprisoned for Selling Secrets-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129442
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Web%20Server%20Penetration%20Testing%20Checklist-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKJVqO9XiKvAuSWuAYv1piF5WPlqeUKjJlT90vnDx951xYsiPotC8-YSqqR2CzgcarD8juQY63WnoWBcnXGqYGewCUQLneEmlFPZyLrkUpm2Jg3j5IMUuRBqbRJ1s60SM2VcnhTHVJ_D2xVcKO... 154 KB
155 KB 206ms
202ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKJVqO9XiKvAuSWuAYv1piF5WPlqeUKjJlT90vnDx951xYsiPotC8-YSqqR2CzgcarD8juQY63WnoWBcnXGqYGewCUQLneEmlFPZyLrkUpm2Jg3j5IMUuRBqbRJ1s60SM2VcnhTHVJ_D2xVcKOcfCi8lTjzJNP3-dB7UUV-f7Mbe4PYNgvgM9sfImQ-CIo/s1600/Web%20Server%20Penetration%20Testing%20Checklist-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

340924ac682298d8171157183f263c3d23c29b099cb7a6b30569dcd86e75bf6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v7bd"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Web Server Penetration Testing Checklist-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158178
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Network%20Penetration%20Testing%20Tools%20for%20Security%20Professionals-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz3VRAQkQalTlP8oaUmFbSRwpZbr4JCOY5UEf6rT99yR7fWN6gfeQvmym3y2xSdgGOWaApoYdvIW5pg2qj3_Nh2qTTArdqoAdS5lqTGt_oKRQK7rE8POv9stPEN6qkVmK6ZZ5rfA2gKA8EqlEr... 141 KB
141 KB 195ms
191ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz3VRAQkQalTlP8oaUmFbSRwpZbr4JCOY5UEf6rT99yR7fWN6gfeQvmym3y2xSdgGOWaApoYdvIW5pg2qj3_Nh2qTTArdqoAdS5lqTGt_oKRQK7rE8POv9stPEN6qkVmK6ZZ5rfA2gKA8EqlEr_WAxmZTvUuG8rsApvUlUHSIYTub-62TukyWsJxey95_Q/s1600/Network%20Penetration%20Testing%20Tools%20for%20Security%20Professionals-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

bbd85d9238e9e46bc45da79f2814000dd43b574f2cbcd4533bf005899b214bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v7e3"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Network Penetration Testing Tools for Security Professionals-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143896
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 10%20Prominent%20Cybersecurity%20Acquisitions%20of%202023.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmhq6YIBFu2Or9XoQo-FztnBTNXN2xOkgUmROCAdAhuizWDs7_W-lVXi160bGxzVP-d_aq890VDqbV08AGta2anIuqotXXMx6Dsmjh57N5dBcLRYBWzY2_N-42JCWR-fwt9v3Ik8iCRlebzs34... 122 KB
122 KB 265ms
262ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmhq6YIBFu2Or9XoQo-FztnBTNXN2xOkgUmROCAdAhuizWDs7_W-lVXi160bGxzVP-d_aq890VDqbV08AGta2anIuqotXXMx6Dsmjh57N5dBcLRYBWzY2_N-42JCWR-fwt9v3Ik8iCRlebzs342ayxPPvyZtJpg4lGpBhbgT6kuQB15ZDwHLDUuV7jW5GV/s1600/10%20Prominent%20Cybersecurity%20Acquisitions%20of%202023.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

029933e9acffa3d306253574c7f69ca044b74f625bac6392b06e2dc84a0358bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "va6d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10 Prominent Cybersecurity Acquisitions of 2023.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124641
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Top%2010%20Unified%20Endpoint%20Management%20Tools%20for%202024-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhI7OD-bBymYKPAUxUpOdedPFIVBecpqEhMpPdH3COHjlPQurCLwyW4MjQsdvcsFRktoN6MnHpN6ktScJH9crhoQZLASwihLElcQPHrxIjLo7HMvahsxudXIMj9KXD9A-pae62r6Znie9naXYM... 155 KB
155 KB 219ms
216ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhI7OD-bBymYKPAUxUpOdedPFIVBecpqEhMpPdH3COHjlPQurCLwyW4MjQsdvcsFRktoN6MnHpN6ktScJH9crhoQZLASwihLElcQPHrxIjLo7HMvahsxudXIMj9KXD9A-pae62r6Znie9naXYMsZ4U5tMERJ5uf5qNEpMj56sA2SqsssOpUExS0blHsq3i/s1600/Top%2010%20Unified%20Endpoint%20Management%20Tools%20for%202024-1.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

b9bec247813fe14c962c6478d9c1e4d521be73d4261aa6e63adca81f873a5564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v83e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Top 10 Unified Endpoint Management Tools for 2024-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158555
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Kubernetes%20Vulnerabilities.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj16B1FEzM1BQjMZGSOGuEsfc0XT5XXs4tLKxKHkcyjgKfvX6J4pP_2mwPWNQStCuz8-zDl3vCnzd57Wfr96xQKpWFFp4i9V1cJI1eAh-JYL-QeUZ3LJOwDo6OIAXgGC3B4aLYu6KBxxC7Ol18J... 107 KB
107 KB 191ms
189ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj16B1FEzM1BQjMZGSOGuEsfc0XT5XXs4tLKxKHkcyjgKfvX6J4pP_2mwPWNQStCuz8-zDl3vCnzd57Wfr96xQKpWFFp4i9V1cJI1eAh-JYL-QeUZ3LJOwDo6OIAXgGC3B4aLYu6KBxxC7Ol18J5Edb0eFVS1ydGftxgp9erQl5RGnNmkn5UyBhFZb_YXmb/s16000/Kubernetes%20Vulnerabilities.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

307e1a72eca0e7c2e8a53eccc42fc2d5e7216f4be4885be44f5e7be00e628d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5bdb"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Kubernetes Vulnerabilities.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109533
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Best%20Penetration%20Testing%20Companies.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhufq1QCtK7vFgRFHH4UiWGPKEffBfJgzbbEoXuUx3du_wujhjbOia2aheuNDIoSOd_0smkYRjUe9peh9zVqnxy-HA0CQUo_f0s6Cj24AQxpwCZ3GB6OKhfhbbYHVBapJ_smBvfZ6H_wNw67luT... 201 KB
202 KB 177ms
174ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhufq1QCtK7vFgRFHH4UiWGPKEffBfJgzbbEoXuUx3du_wujhjbOia2aheuNDIoSOd_0smkYRjUe9peh9zVqnxy-HA0CQUo_f0s6Cj24AQxpwCZ3GB6OKhfhbbYHVBapJ_smBvfZ6H_wNw67luTT0mmKgQI-17Yxv6uijnM3Vj4FMOmVzrNRBtTj8nUDEjJ/s16000/Best%20Penetration%20Testing%20Companies.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

aca18420bb327f094672d6ec8ea12a9ef0eb947ed1015b296f44e5cc95845ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v740a"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Best Penetration Testing Companies.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206265
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Data%20Security.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfAjNpVZ7B_YcgYogQia-NQ8RucjsMtSiKqN1HVCMLUJPLPRVIF1eKRxG5g2rzb0GHLmre4HQYLYKyUig0zcmbRj0pGR0Y-m8hlUx0Cz_PGZ6NV8j3KyZEf-W5rASB-FhDlJWjHlXa1CxOowtM... 179 KB
179 KB 236ms
233ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfAjNpVZ7B_YcgYogQia-NQ8RucjsMtSiKqN1HVCMLUJPLPRVIF1eKRxG5g2rzb0GHLmre4HQYLYKyUig0zcmbRj0pGR0Y-m8hlUx0Cz_PGZ6NV8j3KyZEf-W5rASB-FhDlJWjHlXa1CxOowtMxVL0bToRBhrvVzB_fU7SwK5GO140lb0nWdWaEPoFKNfR/s16000/Data%20Security.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

a434645a17775460704ad54d90577539689a282832d60ea857183d70366a427d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5d55"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Data Security.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 183399
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 How%20Snadbox%20Expose%20Script-Based%20Attacks.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1nuzPoycLN0JI18E8SUskmncB6-iH9FzGLOeXfJWenPb19netx0Dml2TzZV5eDH5fXIqPQV4iHDXsACafyEIjGAbja2cQTjCc4sWWuSvEeDnoJlJu79ble6isB6fQ4m9LDTqFLTtGzKzq_u4D... 215 KB
215 KB 230ms
228ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1nuzPoycLN0JI18E8SUskmncB6-iH9FzGLOeXfJWenPb19netx0Dml2TzZV5eDH5fXIqPQV4iHDXsACafyEIjGAbja2cQTjCc4sWWuSvEeDnoJlJu79ble6isB6fQ4m9LDTqFLTtGzKzq_u4D-CbK5OsFQSgoT8nBGfPE3NCXSzi2ADlU9etcGWsToWYc/s16000/How%20Snadbox%20Expose%20Script-Based%20Attacks.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

de8d1a36548513388d01d1beec6c499dd22220af87eb93e5ce0ce562d0ad5690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5d53"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="How Snadbox Expose Script-Based Attacks.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 219958
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 GBHackers-On-Security-272-x-90-px-322-x-50-px-422-x-50-px.png
gbhackers.com/wp-content/uploads/2023/08/ 10 KB
11 KB 34ms
33ms Image
image/png 104.21.34.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbhackers.com/wp-content/uploads/2023/08/GBHackers-On-Security-272-x-90-px-322-x-50-px-422-x-50-px.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.34.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc4360c0a29af7e975e2ad9dc76f951e49628535a6de8003b5675d428e353c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5726673
alt-svc: h3=":443"; ma=86400
content-length: 10504
last-modified: Sat, 16 Sep 2023 05:39:29 GMT
server: cloudflare
etag: "2908-65053f91-b289ce6b35e4e18e;;;"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OH0w32mnr%2BMPZ9fNf0LwaQxEibFTe%2B7M7%2FrG8RDqs0mZQPy1yVE1udxWqhfKhpcjFtdLWDD3zYrxuDw2oPNcv%2FhEp%2FXadpNJkiGv5JnOYAKCm9mW8NXj8OrUBUiGCQg9"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 850cd8ca0da53700-YYZ
expires: Sat, 30 Nov 2024 16:39:52 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

9cb148fbeef424f88bde406f8ed5af4f0156ebb3c7373a1fe3edb34cf06396a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5de7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Managed WAF - 728x90.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21973
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

2917d90e5e1d1ce32a0753b48bcadb8c98c4a2a7e0f060f3bee0d45d51373b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5abc"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Google news blue.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3620
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 Hackers%20Actively%20Exploiting%20Linux%20Privilege%20Escalation%20Flaw%20to%20Attack%20Cloud%20Environments.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2e3UhFjK6kw096Xrt8MoJYffOOHdoQvN8fZL5YkegZxCPAWLieu5mAfk1OX-vOAJfrqS_ub7892zyU-4kJoKlbpsWTeQcPZsSEpaDPn3nQMx1jdbolvIO6eMEhduZwxMD7fQ2v5XL3xNedgYB... 186 KB
187 KB 247ms
246ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2e3UhFjK6kw096Xrt8MoJYffOOHdoQvN8fZL5YkegZxCPAWLieu5mAfk1OX-vOAJfrqS_ub7892zyU-4kJoKlbpsWTeQcPZsSEpaDPn3nQMx1jdbolvIO6eMEhduZwxMD7fQ2v5XL3xNedgYB-XvBZCX7inRa4V8GO86YaAOoS2wiuSnEAlp4HFgpyH5g/s1600/Hackers%20Actively%20Exploiting%20Linux%20Privilege%20Escalation%20Flaw%20to%20Attack%20Cloud%20Environments.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

64bb36fdc546d5ea64141508b7b43fae8946731fef83a203a6643e103744aa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v832"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers Actively Exploiting Linux Privilege Escalation Flaw to Attack Cloud Environments.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190910
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 gbhackers-waf-banner-300x600.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggxrET8rL53qWvxNg0ojgbDwhKZUmlLqGRzzfXePO67o4NYLh0rAXrh94aQcN0k8EB1cge5SlSrZ42GgQgjwsxqYAEkfzyYPTOtaQzOjdx4grNJfxFnnp7ei-h6DN35p1Jx3I6LKIO33fXMa31... 173 KB
173 KB 173ms
172ms Image
image/png 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggxrET8rL53qWvxNg0ojgbDwhKZUmlLqGRzzfXePO67o4NYLh0rAXrh94aQcN0k8EB1cge5SlSrZ42GgQgjwsxqYAEkfzyYPTOtaQzOjdx4grNJfxFnnp7ei-h6DN35p1Jx3I6LKIO33fXMa31b1WDSmqshyN3cEpkEprhl3kNt-zagtkffvumEVFf4tkD/s16000/gbhackers-waf-banner-300x600.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

8cec0568b8c5294b0ae8b686b0803c9ded43d2c8bef916e8e72def00d89af188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v58cb"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gbhackers-waf-banner-300x600.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176872
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1128 469 KB
92 KB 1034ms
1032ms Document
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5372786174760228&output=html&adk=1812271804&adf=3025194257&lmt=1707153865&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_r&format=0x0&url=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6~9~14&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707153865103&bpp=9&bdt=365&idt=226&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6827351143638&frm=20&pv=2&ga_vid=1967591128.1707153865&ga_sid=1707153865&ga_hid=1628165602&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42532523%2C44809005%2C44809530%2C31080825%2C95321957%2C95324155%2C95324161%2C95324266&oid=2&pvsid=2104204338625840&tmod=841211714&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=262

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

db77d20346c56fbaf9f4b750d4512a840642da768191d9c83cbc7ee56eba83d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 94089
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 17:24:26 GMT
expires: Mon, 05 Feb 2024 17:24:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 56ms
56ms XHR
application/json 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240131&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

7d7d4f44241056aefd35b0bb8e10c33f889e865abb6378e124b5da0d9b0c6acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12301
x-xss-protection: 0

GET
H2 200 FollowCompany.js Show response
www.linkedin.com/pages-extensions/ 1 KB
2 KB 170ms
129ms Script
application/javascript 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/pages-extensions/FollowCompany.js?version=0.1.176

Requested by

Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' .licdn.com .linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ .microsoft.com; script-src 'report-sample' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q='; img-src data: blob: android-webview-video-poster: ; font-src data: ; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src .licdn.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' .licdn.com lnkd.demdex.net www.youtube-nocookie.com player.vimeo.com; frame-ancestors ; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gnf
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com; script-src 'report-sample' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q='; img-src data: blob: android-webview-video-poster: *; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src *.licdn.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' *.licdn.com lnkd.demdex.net www.youtube-nocookie.com player.vimeo.com; frame-ancestors *; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gnf
date: Mon, 05 Feb 2024 17:24:25 GMT
x-cache: CONFIG_NOCACHE
content-length: 487
x-li-uuid: AAYQpbu6KE7vBqdXX2y4zA==
pragma: no-cache
last-modified: Fri, 01 Feb 1980 00:00:00 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 242D10F8DB8748FEA40101C81B2CE0DE Ref B: YMQ01EDGE0313 Ref C: 2024-02-05T17:24:25Z
etag: "c5d55603c8f094aac75f1809a3ff08839f699bce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-li-fabric: prod-ltx1
cache-control: no-cache, no-store
x-li-proto: http/2
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 102ms
33ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 17:24:25 GMT

GET
H3 200 Ivanti%20Zero-day%20Under%20Attack-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihv7ue2wNAoeNH707gwk4FmS2rmIOTD-3voVB9BEGN00U458gdoMWkYOlEeuNHEP9QfETA1e45_fyFJ0mQ6aV3c7-kpW4bzciVJ2bW0lTFwUCNqxkLYDvAorx9s_4u6umsuK-ZK9ee28t9ZvQE... 72 KB
72 KB 216ms
215ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

2d4d1908b557d4c21b1023a4a43ed10373f89bd070d3029005572b7f41809764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "vbd6"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ivanti Zero-day Under Attack-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73710
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 git-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGTsojU1K0Ed8p_7rQDlBYk4Wd-E5-O_3p03AGnyL0AkCKVJNb5GrQPDy7UuIP2KMLC4Pf9aQexFRlmawg25J0CTKX9GUsc8LrzuT8BxLIO8xHqWneJ-pj3PLb2R0dn0brK6gFsW7exDn3Acj3... 59 KB
60 KB 212ms
212ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

126491ca5eb371eda925bbc0bfc5880354f4f0ef46fc05a53cb08e611526dde1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "vbaf"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="git-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60916
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Jenkins.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEIAfUvlhfkVUXpvrZ02udJyHqHtATCq1OW6E1Jv8WGqfIY_eFz9kVzpqgY9jRY4TFmleecFmGtjh258DFzbEtmGsj9gSgjcf4E8h31Yam3Q7HmeQIOEqrkHHYVVmA7JEp2X85HOZUZkg8HWwl... 122 KB
122 KB 157ms
156ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

5101fa4f35f9e33fae7d6df0ecba0dbf0e8805fe9d234bbf005a4fe3a9991865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5e3a"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Jenkins.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125154
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Outlook%20Flaw%20Let%20Attackers%20Access%20Passwords.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8Bp7YUe-ngLuHvjOgzixvPeb1vStBTSwmCOhiQih_pQK2KHcL5g4TLzTYl-FmEkOu3V72oGYIqZY0Zr5N1LiamODitpwiFcnt_8g0D9SEiIQrw4AXL1VC3mt5ymXI4_X_tSB19awMSxVYs5ov... 63 KB
63 KB 162ms
161ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

d1fed9652886febb863676496730bcd839a9c435fa6f72c015c0ee171a9430d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5e05"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Outlook Flaw Let Attackers Access Passwords.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64913
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Unpatched%20Critical%20Vulnerabilities%20on%20AI%20Tools.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaWqBung4Y7EhwCULj372w6pnVGDj7qX3G8KtYoccwmOCfU_KRpCe3fOWk0QjONil4FpiSu5kABH3BAXpqq3xbVx27n5U6GW-W9mZYatM0PTXTtjYZqOC95bdJf74sV3Sfdg6e63T9ebCZvt74... 234 KB
235 KB 151ms
148ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

53661e1472a669c228222922fbf39f8c593c539e488241b50966070b51ed9f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v6f31"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Unpatched Critical Vulnerabilities on AI Tools.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240082
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Promptmap%20-%20Tool%20to%20Test%20Prompt%20Injection%20Attacks%20on%20ChatGPT%20Instances.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjreedTQE0_OpTK8YjIc75jn0JFHzOPlA6eEHpjpf18L2fOlBz8D36HG8jAawQB2m6d6wsYv9XJLowSIkxixoNmZwbcm_SEPocy6vsK7kqSYZWU2R2fbkHtW6gsyrUVpa53379tL0M8T38epGWu... 113 KB
113 KB 264ms
260ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

12caed2c3b74424afad5b326b244f89bb46e00ecda6eed633e08a2654afbbe18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v59d9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Promptmap - Tool to Test Prompt Injection Attacks on ChatGPT Instances.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115681
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Researchers%20Uncovered%20a%20New%20Flaw%20in%20AI%20Chatbots%20to%20Turn%20Them%20Evil.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQCBulvpZA1KCUz76PJeM-To76WWpXE9q8474j3e3bGGqwfTcEmP3nWe9iUC6aM7VJ4ETRhXVKFDd8Fz6_B7_qT7V5NjODN3uVkMV4Ra7jx5QezTrN2G9uMcoT9fkTQqj8oE4Z77mhzX16sAp1... 110 KB
110 KB 205ms
201ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

4ec2e0a9621a04369a540c5621200689817f754b76c2a86489afe64c00811b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v300"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Researchers Uncovered a New Flaw in AI Chatbots to Turn Them Evil.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112380
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 FraudGPT%20Dark%20Side%20AI%20Tool.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg178YD3c1AeYosKbPBkR-iQSct_fS_ylC9XycoxSZO8X4SVOIFUcfJBMpc2rNAosRHRagjIMghPpvZCcCBWZWFW-swCbXyJiKTC6BuRiEyu4ccLA2z7LUHngt4N1hIy9YITrqkSI8f_5U-9zyd... 130 KB
130 KB 229ms
225ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

d7e1116c00141cde70eb79551330c376c31db0cd5df2d1cc9dd64c68ef727c3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5840"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FraudGPT Dark Side AI Tool.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132951
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Toyota%20Ransomware%20Attack-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvd126pPteDYkIe8KSUKdY_LcP0MhkLd6XuqGCVowxpA00CJ6agpK9l9m7W3Nb5dSLksH5gVVhimIaXb3T0a3YoIzHzdemBSBO7HVf563UL8GUPY6uJtcqP5m_61ZtTtuM-4eua1OAuhig0DYU... 154 KB
154 KB 173ms
169ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

15c1fa3b178d31c3daed27a4cff7b61ea8073060df1c5b3c5aed99ede66bda74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v9ac"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Toyota Ransomware Attack-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157488
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Hackers%20trick%20Users%20With%20Data%20Leak%20messages(1)-1-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivan29UO4I2CONplE_7gOQxHPHQ0eKrIJJRDpFNhTmpWaOdPht7fVbPWyI0RM_oW8xKCSIsrKBClR9_9iYYfvfdIl9oPPGbg6yBh1oZj3pQkbbqU303_moVLGZFr_78wKq9S6mtx6nWYIUw-Uo... 184 KB
184 KB 208ms
204ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

36973c14c4ec99c8a2628f8e69399425dd0a55518755792533569d763b1a654e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v9a0"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers trick Users With Data Leak messages(1)-1-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188325
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Chinese%20Hackers%20Stolen%20Chip%20Designs%20from%20Major%20Dutch%20Semiconductor%20Company.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWCQ3N9U2sxe4JvFko3Tb4MLpeoU8NBDx2sBcneaXH-bN1t6V63s0BoOb-U7Seid0SYcX_AtAdBaGQ_MjFJeEHYmAick33inpx-ObfMeD2X-cGg4j-QUk1tMNAUDWZhePNyIG-9Q3ZyYQbJuxt... 262 KB
262 KB 267ms
263ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

86bf766865ae129b5f6eb788f265a19bc6a1d21fb88e3289e3955e2f4f89d5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v923"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Chinese Hackers Stolen Chip Designs from Major Dutch Semiconductor Company.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 268518
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Ransomware%20Gang%20Files%20an%20SEC%20Complaint-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvS7DIecejLM9kuz3URlx-LRcsHGiUE81Vz5g8lOouD2fH-CNefqbnxOevukb6qJ8tPWWhTAOjgoKpKarGyqLzPvbjh2s9v4AvZwzotbwJ9ycGIZJonhSzjC-PHPufuyRuDKMjrgk5MFZN1buZ... 175 KB
175 KB 275ms
272ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

3fe1e827ec6e0faf05d0559b2bc49a2d2f07edb09b82e09c7adb6bff173f69d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v89b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ransomware Gang Files an SEC Complaint-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178960
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Police%20Imprisoned%20for%20Selling%20Secrets-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEht7E9P4n3n4efmsQPoHD36QMZT4vLh8Nvglpw-9O6Df4iduS5xPFAlUWD5gxLdkGzTZ3i803jJl8lsu1fvbBAUzbYcvErRXUhil38IJkklU9OPpYamaPcmiaMxygpgEz-_48tqXAHhtchrqjkI... 126 KB
126 KB 248ms
244ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

2d0c65d57cea07c651bd80f7165d8ec50a1c09884db8c911cc5a3a45cd46390b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v82e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Police Imprisoned for Selling Secrets-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129442
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Web%20Server%20Penetration%20Testing%20Checklist-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKJVqO9XiKvAuSWuAYv1piF5WPlqeUKjJlT90vnDx951xYsiPotC8-YSqqR2CzgcarD8juQY63WnoWBcnXGqYGewCUQLneEmlFPZyLrkUpm2Jg3j5IMUuRBqbRJ1s60SM2VcnhTHVJ_D2xVcKO... 154 KB
155 KB 256ms
253ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

340924ac682298d8171157183f263c3d23c29b099cb7a6b30569dcd86e75bf6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v7bd"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Web Server Penetration Testing Checklist-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158178
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Network%20Penetration%20Testing%20Tools%20for%20Security%20Professionals-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz3VRAQkQalTlP8oaUmFbSRwpZbr4JCOY5UEf6rT99yR7fWN6gfeQvmym3y2xSdgGOWaApoYdvIW5pg2qj3_Nh2qTTArdqoAdS5lqTGt_oKRQK7rE8POv9stPEN6qkVmK6ZZ5rfA2gKA8EqlEr... 141 KB
141 KB 250ms
247ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

bbd85d9238e9e46bc45da79f2814000dd43b574f2cbcd4533bf005899b214bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v7e3"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Network Penetration Testing Tools for Security Professionals-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143896
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 10%20Prominent%20Cybersecurity%20Acquisitions%20of%202023.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmhq6YIBFu2Or9XoQo-FztnBTNXN2xOkgUmROCAdAhuizWDs7_W-lVXi160bGxzVP-d_aq890VDqbV08AGta2anIuqotXXMx6Dsmjh57N5dBcLRYBWzY2_N-42JCWR-fwt9v3Ik8iCRlebzs34... 122 KB
122 KB 218ms
215ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

029933e9acffa3d306253574c7f69ca044b74f625bac6392b06e2dc84a0358bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "va6d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10 Prominent Cybersecurity Acquisitions of 2023.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124641
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Top%2010%20Unified%20Endpoint%20Management%20Tools%20for%202024-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhI7OD-bBymYKPAUxUpOdedPFIVBecpqEhMpPdH3COHjlPQurCLwyW4MjQsdvcsFRktoN6MnHpN6ktScJH9crhoQZLASwihLElcQPHrxIjLo7HMvahsxudXIMj9KXD9A-pae62r6Znie9naXYM... 155 KB
155 KB 200ms
198ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

b9bec247813fe14c962c6478d9c1e4d521be73d4261aa6e63adca81f873a5564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v83e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Top 10 Unified Endpoint Management Tools for 2024-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158555
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Kubernetes%20Vulnerabilities.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj16B1FEzM1BQjMZGSOGuEsfc0XT5XXs4tLKxKHkcyjgKfvX6J4pP_2mwPWNQStCuz8-zDl3vCnzd57Wfr96xQKpWFFp4i9V1cJI1eAh-JYL-QeUZ3LJOwDo6OIAXgGC3B4aLYu6KBxxC7Ol18J... 107 KB
107 KB 251ms
249ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

307e1a72eca0e7c2e8a53eccc42fc2d5e7216f4be4885be44f5e7be00e628d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5bdb"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Kubernetes Vulnerabilities.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109533
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Best%20Penetration%20Testing%20Companies.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhufq1QCtK7vFgRFHH4UiWGPKEffBfJgzbbEoXuUx3du_wujhjbOia2aheuNDIoSOd_0smkYRjUe9peh9zVqnxy-HA0CQUo_f0s6Cj24AQxpwCZ3GB6OKhfhbbYHVBapJ_smBvfZ6H_wNw67luT... 201 KB
201 KB 234ms
232ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

aca18420bb327f094672d6ec8ea12a9ef0eb947ed1015b296f44e5cc95845ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v740a"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Best Penetration Testing Companies.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206265
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Data%20Security.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfAjNpVZ7B_YcgYogQia-NQ8RucjsMtSiKqN1HVCMLUJPLPRVIF1eKRxG5g2rzb0GHLmre4HQYLYKyUig0zcmbRj0pGR0Y-m8hlUx0Cz_PGZ6NV8j3KyZEf-W5rASB-FhDlJWjHlXa1CxOowtM... 179 KB
179 KB 281ms
280ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

a434645a17775460704ad54d90577539689a282832d60ea857183d70366a427d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5d55"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Data Security.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 183399
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 How%20Snadbox%20Expose%20Script-Based%20Attacks.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1nuzPoycLN0JI18E8SUskmncB6-iH9FzGLOeXfJWenPb19netx0Dml2TzZV5eDH5fXIqPQV4iHDXsACafyEIjGAbja2cQTjCc4sWWuSvEeDnoJlJu79ble6isB6fQ4m9LDTqFLTtGzKzq_u4D... 215 KB
215 KB 196ms
194ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

de8d1a36548513388d01d1beec6c499dd22220af87eb93e5ce0ce562d0ad5690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5d53"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="How Snadbox Expose Script-Based Attacks.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 219958
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A026 13 KB
5 KB 34ms
33ms Document
text/html 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 124210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 06:54:15 GMT
expires: Mon, 03 Feb 2025 06:54:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 42A7 829 B
1 KB 118ms
52ms Document
text/html 172.253.115.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f105.1e100.net

Software

GSE /

Resource Hash

4885ee1310b7a3cecb308f62e86872f0cee6921d408977e3a1397c139e5b0b0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0Rs4k5v8RG7QVC-M0g-EcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0Rs4k5v8RG7QVC-M0g-EcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 17:24:25 GMT
expires: Mon, 05 Feb 2024 17:24:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET FollowCompany
www.linkedin.com/pages-extensions/ Frame 9A9E 0
0

GET
H2 200 FollowCompany Show response
www.linkedin.com/pages-extensions/ Frame DD9F 2 KB
1 KB 111ms
111ms Document
text/html 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/pages-extensions/FollowCompany?id=13218263&counter=bottom&xdOrigin=https%3A%2F%2Fgbhackers.com&xdChannel=86caf750-1801-498b-ba95-2a1b5ebb5123&xd_origin_host=https%3A%2F%2Fgbhackers.com

Requested by

Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7368db93c924a10e3af9e7b9428e107894f598686b83b2153439a581b3fa4176

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' .licdn.com .linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ .microsoft.com; script-src 'report-sample' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q='; img-src data: blob: android-webview-video-poster: ; font-src data: ; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src .licdn.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' .licdn.com lnkd.demdex.net www.youtube-nocookie.com player.vimeo.com; frame-ancestors ; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gnf
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 818
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com; script-src 'report-sample' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q='; img-src data: blob: android-webview-video-poster: *; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src *.licdn.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' *.licdn.com lnkd.demdex.net www.youtube-nocookie.com player.vimeo.com; frame-ancestors *; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gnf
content-type: text/html; charset=utf-8
date: Mon, 05 Feb 2024 17:24:25 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAYQpbu9M0xYa1/PlORbqw==
x-msedge-ref: Ref A: 165A2B21B6C3442C956511246801E3DE Ref B: YMQ01EDGE0313 Ref C: 2024-02-05T17:24:25Z

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame A026 39 KB
15 KB 32ms
32ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:33:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 04:33:01 GMT

GET
H3 200 RCE%20Attacks-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgljclWQECI6qJDnVc83P3bVIyltTNP14UYNmIrP_4YNCjC_NP9gZ0o0TpCa5xHTS6SU1AOIa6IXuOF3UR1_P-dpgk8LUOVIxqaLs-GytuhtbrV462Sm_PDsNe-frCXXPx-zwGsFyPs7cr7vAxJ... 359 KB
360 KB 248ms
247ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

9681064cc0d41b9f603de6b0b6ce684bf6c448387bfd377441faf3286aead8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "vbbc"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="RCE Attacks-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 368038
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 cyber%20security%20plan%202024.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipkK3moJRiE7kUdIvg4ujOIIvvsLUY_3O8MFZaD9xWBU2jH8d43ivTQYYwYzGepFIvKcv9ICLOL3rjCtm3UEN7C3ZzY3bqa_he8BeVa7IANTei5rvCvoe2e7RnGgd462rV4cZ3T1RbkUK7jhGt... 396 KB
397 KB 242ms
242ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

fdc6769a72ebf95f9891d967d25c16b60389dd84518e63a634cf1229f99012cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v5d4f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cyber security plan 2024.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 405989
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 42A7 0
0 153ms
153ms Image
text/html 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240131&jk=2104204338625840&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 5qa5u5x35oar0yz2ji5710jlj
static.licdn.com/aero-v1/sc/h/ Frame DD9F 299 KB
41 KB 164ms
43ms Stylesheet
text/css 152.199.24.163
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static.licdn.com/aero-v1/sc/h/5qa5u5x35oar0yz2ji5710jlj

Requested by

Host: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=13218263&counter=bottom&xdOrigin=https%3A%2F%2Fgbhackers.com&xdChannel=86caf750-1801-498b-ba95-2a1b5ebb5123&xd_origin_host=https%3A%2F%2Fgbhackers.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.24.163 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0714) /

Resource Hash

9465d6fafd12f6f026d97e9583c5e5e7a87cf1f565b4e59da4911e7c354de5be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.linkedin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV4
x-ambry-target-account-name: aero
x-cdn: ECST
age: 259458
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-cache: HIT
x-cdn-proto: HTTP2
x-ambry-blob-size: 306671
content-disposition: attachment
content-length: 41298
x-li-uuid: AAYQaVLXkDJjM+mA5/lMqg==
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=8.383861E-4; STORAGE_IN_GB=0.0
last-modified: Wed, 31 Jan 2024 19:40:27 GMT
server: ECAcc (chd/0714)
x-li-pop: prod-lor1-x
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
cache-control: max-age=604800, immutable
x-li-proto: http/1.1
x-li-fabric: prod-lor1
timing-allow-origin: *
x-ambry-target-container-name: assets
x-fs-uuid: 0006106952d790326333e980e7f94caa
expires: Fri, 09 Feb 2024 17:20:07 GMT

GET
H2 200 in.js Show response
platform.linkedin.com/xdoor/scripts/ Frame DD9F 510 KB
160 KB 41ms
40ms Script
text/javascript 152.199.5.152
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/xdoor/scripts/in.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.5.152 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (cha/0627) /

Resource Hash

57b76ef3be622129f9c57937fcd6759c3844f0da47e254bacc5de7d563c2e95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.linkedin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV4
x-cdn: ECST
age: 377
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163643
x-li-uuid: AAYQpaVGMGNwCjpqOySGEQ==
last-modified: Mon, 05 Feb 2024 17:18:08 GMT
server: ECAcc (cha/0627)
x-li-pop: prod-ltx1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-ltx1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Mon, 5 Feb 2024 18:18:08 GMT

GET
H2 200 cwphtfsvdwm4k6n91alllgs6q Show response
static.licdn.com/aero-v1/sc/h/ Frame DD9F 4 KB
2 KB 162ms
41ms Script
text/javascript 152.199.24.163
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static.licdn.com/aero-v1/sc/h/cwphtfsvdwm4k6n91alllgs6q

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.24.163 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0727) /

Resource Hash

e3474d77e56176d1b865553eee382eaeea05dd8ab5c6579d1b2412988c530506

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.linkedin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-encoding: br
x-ambry-target-account-name: aero
x-cdn: ECST
age: 553946
x-cdn-proto: HTTP2
content-disposition: attachment
x-ambry-user-quota-warning: HEALTHY
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-li-source-fabric: prod-lor1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
cache-control: max-age=604800, immutable
x-li-proto: http/1.1
x-fs-uuid: 00061024c2012f36246b97ceff0400f4
expires: Tue, 06 Feb 2024 07:32:00 GMT
date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cdn-client-ip-version: IPV4
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-cache: HIT
x-ambry-blob-size: 4448
content-length: 1407
x-li-uuid: AAYQJMIBLzYka5fO/wQA9A==
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=4.62019E-4; STORAGE_IN_GB=0.0
last-modified: Mon, 13 Feb 2023 20:32:05 GMT
server: ECAcc (chd/0727)
x-li-pop: prod-lor1-x
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
timing-allow-origin: *
x-ambry-target-container-name: assets

POST
H2 200 csp
www.linkedin.com/security/ Frame DD9F 0
190 B 75ms
75ms Other
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/security/csp?f=gnf

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.linkedin.com/pages-extensions/FollowCompany?id=13218263&counter=bottom&xdOrigin=https%3A%2F%2Fgbhackers.com&xdChannel=86caf750-1801-498b-ba95-2a1b5ebb5123&xd_origin_host=https%3A%2F%2Fgbhackers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 05 Feb 2024 17:24:25 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 2888A31569874687B82CBFA58BE36255 Ref B: YMQ01EDGE0313 Ref C: 2024-02-05T17:24:25Z
x-frame-options: sameorigin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
cache-control: no-cache, no-store
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQpbu/KIW7pg3+5JETNw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 Hackers%20Abusing%20LSASS%20Memory-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3MdCsztTN8T75P4vfEOTYb6C3b05vMkILaDpkyo9XkABIrvqVI0ptUpJxPn3wenJNKkXGgfgLa-0FYj8UPZ7ShYyujg83JV39mpGxJ-9aOUwJgiRWU3iBO6k5CXkGbNuoL6i69wYu4PRfD9mj... 176 KB
176 KB 254ms
253ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

e25e62add9112517afe60b0717ae615a60807a3da37223234084b694e42e723c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "vb64"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Hackers Abusing LSASS Memory-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 180308
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Sidewinder%20Hacker%20Group%20Using%20Weaponized%20Documents%20to%20Deliver%20Backdoor.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMbLxXoTYzbRwMo8Hr0QCK8yBfoh_VRuk5Q3ma1zYGFFValoUZnZWgOIBCBoC_lHI4elJbWmAiaHbNljbnpc2s5Gj26WmxGuzqphnKjYyniJnEiQHXgN2wyJVNnmsLN8YEGV8I79wCseNMYCxG... 272 KB
272 KB 202ms
202ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

4609c06d6b3f68810684ff17043090a96ca190ae3188afe1206ed2f5f62f4a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "va17"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Sidewinder Hacker Group Using Weaponized Documents to Deliver Backdoor.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278226
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 Remove%20Default%20Passwords%20CISA%20Warns-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5yW38D9CQrq0PI2q4C0D2Uf6IS9m_77rwHyv4DyU_MG7Q7I88kzENoookqRl2_c7eQGyUPnm820FkSs_zzgkaZKT2qCxa812Zu1he9dSryw-egr4Z_wacpVpYzxpHKskgMX6FzVYPkBldEYx-... 138 KB
138 KB 193ms
193ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

e4eb1181801bbf483c630b0b4ea7e478584de25bb5ebc68343f370b420f36fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "va15"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Remove Default Passwords CISA Warns-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140983
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 50%20Insider%20Attacks%20Via%20Privilege%20Escalation%20Flaw-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhN9Y7NX4ZCoqtC9fuC63v5Nsp9zcJspRc9JO42fcFL9D3aDArasvTJ-Ww4vS_3m87KU-a_LHkmBrbRb9P3XPvXN3GIhbiHHmt0BhKLFC-37xQwVuqijnayMG-kTAxQL-buHcRRNvvw8dTQa9dT... 132 KB
132 KB 204ms
203ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

83f7bfce8835fecb5302bfc1fe5ecca789506beaaceff69aa097629f9739221f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v992"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="50 Insider Attacks Via Privilege Escalation Flaw-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134796
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 200 North%20Korean%20Hackers%20As%20Both%20Job%20Recruiters%20&%20Seekers(1)-1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhtJTsFSkCpcwJ0mSd1q9NfJyEgYLQLPOKbZxf9Da11TUBkkF2oFfkL0PFWTisY8bWwdK554PDyvgJ3L-8YzALrjgmesh05UuCeN9E1Crbsu94uxRHiyK1IhiMiSqsLDRuFy6u_rFaXiZSEIIeu... 159 KB
159 KB 206ms
206ms Image
image/jpeg 172.253.62.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f132.1e100.net

Software

fife /

Resource Hash

8aa739bb859941d2f12e90c188858b7cf127d3c7dda07f70b171e981076b8660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v8df"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="North Korean Hackers As Both Job Recruiters & Seekers(1)-1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163023
x-xss-protection: 0
expires: Tue, 06 Feb 2024 17:24:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A026 0
10 B 31ms
31ms Image
text/plain 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KNa-6g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
95ms Image
text/html 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240131&jk=2104204338625840&bg=!zc6lzoHNAAa8BdJLnAU7ADQBe5WfOP2XUAd4yczhLpljxu5O1MsY1XHKit96i6PqTFPDAfK0LvkId12_ex7OUndvnkTwAgAAAJdSAAAABGgBB5kCunbd6JYTPEeZ4M0UcNZJ4O2TB_zpajA29juTgEFudh5pWUxVlKZUaZsisq_m0Js9pkhBRDeOPVV_O2LU1OTmveiV_y5CtxzSrOjk5TPvfocBnxNC7IHx5JzhM19rIe7OSZNRu9y_McBP7LTJ9utAh32uXkSSqYv24KXHV7uKmuXOYnyig5ZnpmCdezV-R1kkjiSJmwjjF0BXnmvrv-D9wRVx2MJo0bwxx0LQq823c0jg25YofIyjpff26Ef2wsxhn4BIyf8M88CQSA2NjUfooNPw4_GYJtHDga7R-jeSPazuYnaWMqKAJOqsmuI2uvImkVslCdp8Dvpwggd13nn3ThrQBYZFbb_NylYVsA2uT8710QQ6NZd8sOeLHm_qPmLqOMFCAk0NiLMSHuUo205kWfbUNoc3YZxI2RjW0uUXj_Jo3aigplrrYRMouamjLKjJAR7uSs_MOQLu9ri7EzijfI-oMViuIzs6x5d442eHCgZ0KVbkmdxELKhTMxsXZ0sPraIWBn0Lni4Xrkd_axwTmzLrcuTwV6rXXm1OitxHm4Z8DHyzg8qPCVlTsIDWrsz8iW68xjPOFXqQ8dc8LUUuf3RFluHxF0CbmOQfKg6N9PifmAtEjL11q4rleAFZ4UwVImvqdoCGBuXwYHXlwhRePYo3u1hcZGJ8fwKYA4SViZt3iLmfjbdfOmDL6RcNjIAaO9l1R-XU1EU_WmpDRcP2-xNq4Un5dlbCVSjNRQ2xRqtHyeg8bplk2u1cpZGAAlImUKUorwVNlsYvGIbSeUNSzVZ4me3ws3tAR5VOXIiZLcbqmiVRbPA-7tugCwzXBiSYbhK4reTulTR_i8EEp9NYdEi3mUf4DBlmx-jP9PPTE8bLtIdZuPxJ2aXypGHtQBYtHcebtu_MyBFa9bFmoBaNR6smvGHT3LPkg0Qx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ 165 KB
56 KB 79ms
79ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

4d18cfa356d72232e56f78c9c1c299008a79639e5a6b63a9fa56e57f289193bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57045
x-xss-protection: 0
server: cafe
etag: 16683255521909808681
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 17:24:26 GMT

GET
H2 200 ca-pub-5372786174760228 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 144ms
75ms Script
application/javascript 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5372786174760228?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

5fec1a8748b07be2a01cd128a1ce84efdfc175c6e6c55c1c4b80eb44300fbb4b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZOPGDhM3pf-kiVQRlUrfrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-ZOPGDhM3pf-kiVQRlUrfrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJwNwz0LQWEYBuDjySNOklh8lMlwUspoZTJYWI5BJiUpmWTBwj-Q9x1sRsWAMvgFEpkkBgsHyeJjYXBfdalzU0j1KTHNp6zjB9riJniiHdaVM7XxqJ_pghHNoChWSgbV0PS7kA0fryvZ31fyoIYP740-OEsmzHddsJoRnGsILqNjKDg8EjxZCp5j1hCcxz5LHmAnJbmH8YLkND6Lkr-YbErOYnW_4ga6A2v2o8tuXYxbQ4tTbqZd-gPIJVQI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E25B 148 KB
46 KB 1116ms
1116ms Document
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5372786174760228&output=html&h=280&adk=1606071286&adf=430874041&pi=t.aa~a.1711906059~i.14~rp.4&w=702&fwrn=4&fwrnh=100&lmt=1707153866&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9720455393&ad_type=text_image&format=702x280&url=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=176&rw=702&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707153866552&bpp=2&bdt=1813&idt=-M&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6827351143638&frm=20&pv=1&ga_vid=1967591128.1707153865&ga_sid=1707153865&ga_hid=1628165602&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1924&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42532523%2C44809005%2C44809530%2C31080825%2C95321957%2C95324155%2C95324161%2C95324266&oid=2&pvsid=2104204338625840&tmod=841211714&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=115

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

64567c5e8d41579ae3c9358f526fb612045b2b0411081cca6767dc75f096cbd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47013
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 17:24:27 GMT
expires: Mon, 05 Feb 2024 17:24:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/ Frame 7EC8 9 KB
4 KB 33ms
33ms Document
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 29870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 09:06:36 GMT
etag: 9539045072340585784
expires: Mon, 19 Feb 2024 09:06:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/ Frame 4BED 9 KB
4 KB 33ms
33ms Document
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 29870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 09:06:36 GMT
etag: 9539045072340585784
expires: Mon, 19 Feb 2024 09:06:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVAsn7AY2lPYhuKO6FRkeZcNx55rWdpq0EBhKOx6ALCtoX-DANQ0PbWeEhpv92pDpll3pexZcNHC31UzHj2a6voW6tNqrjG_h-0516498K93iSLNSv4-lZlssNyV6SV0tKesHwp7w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 79ms
78ms Script
application/javascript 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVAsn7AY2lPYhuKO6FRkeZcNx55rWdpq0EBhKOx6ALCtoX-DANQ0PbWeEhpv92pDpll3pexZcNHC31UzHj2a6voW6tNqrjG_h-0516498K93iSLNSv4-lZlssNyV6SV0tKesHwp7w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MTUzODY2LDc4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nYmhhY2tlcnMuY29tL2hhY2tlcnMtZXhwbG9pdGluZy1saW51eC1wcml2aWxlZ2UtZXNjYWxhdGlvbi1mbGF3LyIsbnVsbCxbWzgsIlJVclpCamtBT1JrIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMxRcLLibA8mCQ_sI3cuamh_9rJ2tw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

f415830f6275ca6bdc6320ede47f22d39205a727d282f9fddcbe3ced7666c26b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-sZyGstvai2MRt_3FUTVNpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-sZyGstvai2MRt_3FUTVNpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sOoxSXF4KAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5l4vr5kkgBiDSB-J_mK6RsQ7_DxYHkTPp2VK2I6a1zddNY8IOZbN51Vd_101i1nprPuAeKY59NZU4B4MesM1tVAPCVwBuscIHZKn8EaBMSfM2ew_gZi3_oZrLFAXHb7HGsdEAvLnWeVBmIhHo5Tm1vWsQnMmHepnxkAxyVT7Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 7EC8 4 KB
671 B 42ms
41ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 17:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:04:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 17:24:26 GMT

GET
H2 200 73134fbfa16854d24caf7cd541ab86d9.js Show response
www.gstatic.com/mysidia/ Frame E69D 9 KB
4 KB 103ms
33ms Script
text/javascript 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 06:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4097
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 16:54:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 04 May 2024 06:24:17 GMT

GET
H2 200 bc7f7aad4239fe322274bd94f062aab7.js Show response
www.gstatic.com/mysidia/ Frame E69D 174 KB
64 KB 105ms
35ms Script
text/javascript 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bc7f7aad4239fe322274bd94f062aab7.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

64bde18d8671690f9141375afac90d608da3a4e3f55403ce2fcdab5b507006e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65073
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 May 2024 12:56:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E69D 11 KB
1 KB 42ms
41ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400%2C500

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

e5688319ea093a91c367a5f64f22b2012affd2a2bf80a8e31a6f4e02c67fb1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 17:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 16:18:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 17:24:26 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame E69D 2 KB
822 B 34ms
32ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 08:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 08:36:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame E69D 23 KB
9 KB 38ms
36ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 00:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 00:21:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame E69D 3 KB
1 KB 37ms
36ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 08:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 08:10:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame E69D 20 KB
8 KB 36ms
34ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:45:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 15:45:11 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E69D 205 KB
62 KB 34ms
33ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 16:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 17:34:38 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame E69D 37 KB
15 KB 144ms
78ms Script
text/javascript 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 13:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 May 2024 13:09:34 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 7EC8 16 KB
7 KB 34ms
34ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 14:41:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 14359709190881042667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 14:41:49 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7EC8 205 B
649 B 92ms
33ms Image
image/png 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:32:40 GMT
x-content-type-options: nosniff
age: 6706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Feb 2025 15:32:40 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7EC8 604 B
694 B 142ms
83ms Image
image/png 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:36:21 GMT
x-content-type-options: nosniff
age: 6485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Feb 2025 15:36:21 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 7EC8 22 KB
9 KB 35ms
35ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 23:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 23:17:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4BED 4 KB
632 B 48ms
48ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 17:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 15:43:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 17:24:26 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 4BED 2 KB
822 B 34ms
33ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 08:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 08:36:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 4BED 23 KB
9 KB 33ms
32ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 00:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 00:21:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 4BED 3 KB
1 KB 44ms
44ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 08:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 08:10:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 4BED 20 KB
8 KB 34ms
33ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:45:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 15:45:11 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4BED 205 KB
62 KB 33ms
33ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 16:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 17:34:38 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame 4BED 37 KB
15 KB 115ms
74ms Script
text/javascript 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 13:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 May 2024 13:09:34 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4BED 15 KB
15 KB 101ms
32ms Image
image/jpeg 172.253.122.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRRgUhTeKZ0q7HBZ4oixLN8zFm6iO75oDu4roIJ2BZ4HgiVyx9ht3SibejNmA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f113.1e100.net

Software

sffe /

Resource Hash

81d76fcdf0d55900823bb819c83102bb12f01ff1a69f8fb28b011d4fe36b9876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 13:03:34 GMT
x-content-type-options: nosniff
age: 361252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15215
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 09:17:59 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 31 Jan 2025 13:03:34 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4BED 27 KB
27 KB 102ms
34ms Image
image/jpeg 172.253.62.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcT-1vRS-CTSVkSIc5uy0JljLCoQrk6T1tCKnX3NJdzcAwXKlZtXv-jpMn0GpVo&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f102.1e100.net

Software

sffe /

Resource Hash

0b26b0225d7bf884e8a9429959b5cf63e31e5e7d0c9fc5a88cfcfe59671c2b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 15:15:40 GMT
x-content-type-options: nosniff
age: 180526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27264
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 04:51:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 02 Feb 2025 15:15:40 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 4BED 20 KB
21 KB 101ms
33ms Image
image/jpeg 142.250.31.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQrjMOmurJdv1s-1RNVvmUPkxbeyHiY-VBfpiw3UnuWRHfdY5k7VppPhDDYdg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.102 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f102.1e100.net

Software

sffe /

Resource Hash

a796a7be7e1e37f36b5aa5c6a2533486fbc360e5412bf78580ea314b02f9fa5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 07:45:12 GMT
x-content-type-options: nosniff
age: 34754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20647
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 03:28:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 04 Feb 2025 07:45:12 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4BED 21 KB
21 KB 122ms
54ms Image
image/jpeg 172.253.62.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRg7LMcw8CVMr1MiXLIyl1OeXhsKXNtkNdddChyjQaSzX9605DfitkxtaFE_g&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f102.1e100.net

Software

sffe /

Resource Hash

2c3aca021fa7ff4be15339b000f1dff9ae500526ac6fb55b14389e3c4597a527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:52:21 GMT
x-content-type-options: nosniff
age: 426725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21310
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 20:16:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 30 Jan 2025 18:52:21 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 4BED 28 KB
29 KB 127ms
59ms Image
image/jpeg 172.253.122.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQQFpKp2qzJEHmWmx9e4wHB8DbA4we0SMEICSsPNglR50UwJ4U_4zLmMAZowAs&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f100.1e100.net

Software

sffe /

Resource Hash

0013ab49ce6bce3ffcb7100f9f9351a3847be2be13eb6aad6f2826a543ad34f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 16:50:42 GMT
x-content-type-options: nosniff
age: 174824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29106
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 10:26:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 02 Feb 2025 16:50:42 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4BED 18 KB
18 KB 117ms
49ms Image
image/jpeg 172.253.122.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR0g5ZoepAaz9qOvZr46KF9JSvXDQU145a_tuMOUwsX5-RpP6L9Hpaos91q2N4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f113.1e100.net

Software

sffe /

Resource Hash

5ce06d12476fe2c3efd8981fb2e0d1cedb9bb8a8da1c377540dae2e3e8f40aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 14:36:50 GMT
x-content-type-options: nosniff
age: 10056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18619
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 03:50:35 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 04 Feb 2025 14:36:50 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 4BED 36 KB
36 KB 101ms
33ms Image
image/jpeg 172.253.122.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR9dVbGsfkMCT9b8TFC5pUwt5iVYCHRBEDmp3rJs0WLiwunWs77Cb5_wLBdDw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f100.1e100.net

Software

sffe /

Resource Hash

fe2c455eee1ad0eba39bae086fb949347a3d3a0f2d70c8065d5c7863fbfc5c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 16:33:34 GMT
x-content-type-options: nosniff
age: 3052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36359
x-xss-protection: 0
last-modified: Tue, 12 Mar 2024 08:06:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 04 Feb 2025 16:33:34 GMT

GET
H3

200

8698539365504761701
tpc.googlesyndication.com/simgad/ Frame 4BED
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODqg_3XQRCwCRiwCTIIkmDQmvwj6IE
https://tpc.googlesyndication.com/simgad/8698539365504761701

77 KB
77 KB

33ms
33ms

Image
image/png

142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8698539365504761701

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Sun, 02 Feb 2025 18:08:00 GMT
date: Sat, 03 Feb 2024 18:08:00 GMT
x-content-type-options: nosniff
age: 170186
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 12:31:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Sun, 04 Feb 2024 23:24:16 GMT
x-content-type-options: nosniff
server: cafe
age: 64810
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/8698539365504761701
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Mar 2024 23:24:16 GMT

GET
H3 200 AGSKWxVdlr3yLG7prEf4ucZvRziDAtdpf0jBAFZlxHPKCLAqTb_5DS7AJ_n7iT8RYaavhQb3X-nG7rJWp_i1sPMv7V8RDpQjcTdoiQP4eXGIQxNQLVekuWe6_oRw5VvhOindacVmAx6XNg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 66ms
66ms Script
application/javascript 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVdlr3yLG7prEf4ucZvRziDAtdpf0jBAFZlxHPKCLAqTb_5DS7AJ_n7iT8RYaavhQb3X-nG7rJWp_i1sPMv7V8RDpQjcTdoiQP4eXGIQxNQLVekuWe6_oRw5VvhOindacVmAx6XNg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MTUzODY2LDkyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZ2JoYWNrZXJzLmNvbS9oYWNrZXJzLWV4cGxvaXRpbmctbGludXgtcHJpdmlsZWdlLWVzY2FsYXRpb24tZmxhdy8iLG51bGwsW1s4LCJSVXJaQmprQU9SayJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

cc26bcdb45c5477d27d9a242e920c612ef7ee9f7b123993b1e7e0ea3d197420a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DC24UgTgsi7tqrlsgUe9YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-DC24UgTgsi7tqrlsgUe9YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6a1zddNYCIOZbN53VcP101i1nprPuAeKY59NZU4B4MesM1tVAPCVwBuscIHZKn8EaAsSfM2ew_gbistvnWOuAWFjuPKs0EAvxcJza3LKOTWDG8RUXmAE-tVFa"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4BED 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26f9361658996433b85b0c6e19f62dd5bee557c4adf357a8c2777bd558feccd5

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame E69D 0
234 B 143ms
45ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ls97c27b&c=4406108212461&slotId=2203054106230.5&qqid=CPad5t3blIQDFYUGTwgdWI8PFw&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bc7f7aad4239fe322274bd94f062aab7.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 17:24:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mqdefault.jpg
i1.ytimg.com/vi/iRDcaY9LaI8/ Frame E69D 10 KB
11 KB 168ms
91ms Image
image/jpeg 172.253.122.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/iRDcaY9LaI8/mqdefault.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f139.1e100.net

Software

sffe /

Resource Hash

b1840fc0cfeb4d664ad494add82f7f4fc1c45c852a375834db47c0d1ba49d19b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:27 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10498
x-xss-protection: 0
server: sffe
etag: "1689964530"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Feb 2024 19:24:27 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 4BED 21 KB
21 KB 32ms
32ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 07:38:40 GMT
x-content-type-options: nosniff
age: 35147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 07:38:40 GMT

GET
H/1.1 206
Partial Content videoplayback
rr2---sn-ab5l6nk6.googlevideo.com/ Frame E69D 856 KB
856 KB 84ms
28ms Media
video/mp4 74.125.0.135
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-ab5l6nk6.googlevideo.com/videoplayback?expire=1707182666&ei=yhnBZfK6D4m0y_sP3LKfyAw&ip=185.193.64.57&id=8910dc698f4b688f&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=De&mm=31&mn=sn-ab5l6nk6&ms=au&mv=m&mvi=2&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=16.671&lmt=1699459091256254&mt=1707153666&cpn=kuqzcjPWskkIJlwv&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRQIhAMvZ-qjoCNIf-IslK-baYfXkmfNlGmNgm54FFFeXPKO6AiBhq5esGtjMcuBrfV17ZKGTh58SXtbN-AuyGqLbIR_R6w==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRgIhALbzBFsK79Acmt0zLSrOOggPh24bvcQFrPgsksL5AbfiAiEApTDa9aibAix3yfx9BziyKFZ76Rps4Jf48tFaNjISp9Y=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.125.0.135 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s75-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

d5f5733f89f35abbee3368b4d72b28ad60a628e236452479feeec3444acb6695

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 05 Feb 2024 17:24:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 08 Nov 2023 15:58:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-876201/876202
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 876202
Expires: Mon, 05 Feb 2024 17:24:27 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4BED
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CorYgyRnBZbiVGYWNvPIP2J6-uAGukY3ddePaz_qWErnu8MiqARABIIqq9kJg_eiigfADoAGhwJjxKMgBCagDAcgDywSqBLACT9D4woeowMfP9hNbwvvekGJ24Wdi5GnVz3wkDyuBxSa3GCp...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x804bbe4b7674e21a0000000000000000%22,%222%22:%220x91d26f93e99141630000000000000000%22,%223%22:%220xb44fd7...

0
0

155ms
88ms

Fetch
text/css

142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x804bbe4b7674e21a0000000000000000%22,%222%22:%220x91d26f93e99141630000000000000000%22,%223%22:%220xb44fd79da95ea1a10000000000000000%22,%224%22:%220x2cf4a524323d8b3f0000000000000000%22,%225%22:%220x531c4f15b456db6b0000000000000000%22},%22debug_key%22:%227491419296154664116%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225433924358560222657%22}&andc=true

Protocol

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x804bbe4b7674e21a0000000000000000","2":"0x91d26f93e99141630000000000000000","3":"0xb44fd79da95ea1a10000000000000000","4":"0x2cf4a524323d8b3f0000000000000000","5":"0x531c4f15b456db6b0000000000000000"},"debug_key":"7491419296154664116","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["02-05"],"6":["true"]},"priority":"500","source_event_id":"5433924358560222657"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Feb 2024 17:24:27 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Feb 2024 17:24:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x804bbe4b7674e21a0000000000000000","2":"0x91d26f93e99141630000000000000000","3":"0xb44fd79da95ea1a10000000000000000","4":"0x2cf4a524323d8b3f0000000000000000","5":"0x531c4f15b456db6b0000000000000000"},"debug_key":"7491419296154664116","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["02-05"],"6":["true"]},"priority":"500","source_event_id":"5433924358560222657"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 2840 51 KB
19 KB 34ms
33ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: gbhackers.com
URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 426585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jan 2025 18:54:42 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 152ms
87ms Preflight
text/html 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 05 Feb 2024 17:24:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame B88D 51 KB
19 KB 33ms
32ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 426585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jan 2025 18:54:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E25B 4 KB
632 B 44ms
43ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5372786174760228&output=html&h=280&adk=1606071286&adf=430874041&pi=t.aa~a.1711906059~i.14~rp.4&w=702&fwrn=4&fwrnh=100&lmt=1707153866&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9720455393&ad_type=text_image&format=702x280&url=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=176&rw=702&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707153866552&bpp=2&bdt=1813&idt=-M&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6827351143638&frm=20&pv=1&ga_vid=1967591128.1707153865&ga_sid=1707153865&ga_hid=1628165602&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1924&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42532523%2C44809005%2C44809530%2C31080825%2C95321957%2C95324155%2C95324161%2C95324266&oid=2&pvsid=2104204338625840&tmod=841211714&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=115

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 17:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 15:54:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 17:24:27 GMT

GET
H3 200 adiframetop. Show response
fundingchoicesmessages.google.com/f/AGSKWxWkunWq7Bty18DmLodkL_oCclIbTJz8hEan0ekp8YKdMr7AB3qzEPutkCKfrqOCvl00GwPrMQrkeT-3i0UoCg0qCkpIe_p4LteltQBxpUAM_zhB3GEiF7VGI9GBfWNcG2jVIhoL0icfr3xgiBpzIRVdODkKZ... 54 B
110 B 64ms
63ms Script
application/javascript 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkunWq7Bty18DmLodkL_oCclIbTJz8hEan0ekp8YKdMr7AB3qzEPutkCKfrqOCvl00GwPrMQrkeT-3i0UoCg0qCkpIe_p4LteltQBxpUAM_zhB3GEiF7VGI9GBfWNcG2jVIhoL0icfr3xgiBpzIRVdODkKZOiwk80nIv2d7NIe_wWxqSdzE1FrOOg2/_/adiframetop.?wpproads--load-ads.-ad2._120_600.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.RUrZBjkAORk.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxOHLYb6NgJOIaPTH6d9W4NVL5YRw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

9cc6b1b4d88116073306ad5148bcf012c713c589c04e1b991a9035676dcd3296

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-reTmeeAF9hbGR0lTGg-09w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-reTmeeAF9hbGR0lTGg-09w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6a1zddNYCIOZbN53VcP101i1nprPuAeKY59NZU4B4MesM1tVAPCVwBuscIHZKn8EaAsSfM2ew_gbistvnWOuAWFjuPKs0EAvxcJze3LKOTaDh6aIZzABDcFEq"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 61ms
60ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

460b4ad2ef98c1b9b54dee09e81194927c3c7207460d07ac1b34e82ddcb7fd51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51390
x-xss-protection: 0
server: cafe
etag: 2293954743965599674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 05 Feb 2024 17:24:27 GMT

POST
H3 204 AGSKWxWMMfBnAIwkAlX_rG3_1FGLAu7Qk0gNcgk5wgRZz-rZwWSKPUyrMWPx2g9N2HVOvySIwgRvKt-P_az58QoGPTsGYfwVHL6SNwxuNI1CZ1d_d9p7R38IbU43x9bF2FyY63d4I1C8hQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 116ms
51ms XHR
text/html 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWMMfBnAIwkAlX_rG3_1FGLAu7Qk0gNcgk5wgRZz-rZwWSKPUyrMWPx2g9N2HVOvySIwgRvKt-P_az58QoGPTsGYfwVHL6SNwxuNI1CZ1d_d9p7R38IbU43x9bF2FyY63d4I1C8hQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VPYF4xRC78ikKM-JDcxwAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 17:24:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VPYF4xRC78ikKM-JDcxwAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcJze3LKOTWDHrb9bmQHqWCLm"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gbhackers.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame E25B 2 KB
822 B 33ms
32ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 08:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 08:36:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame E25B 23 KB
9 KB 33ms
32ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 00:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 00:21:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame E25B 3 KB
1 KB 33ms
33ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 08:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 08:10:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BD66 1 KB
643 B 35ms
32ms Document
text/html 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 9084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 14:53:03 GMT
etag: 48472445140208031
expires: Tue, 06 Feb 2024 14:53:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame E25B 20 KB
8 KB 32ms
32ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:45:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 15:45:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E25B 0
0 52ms
49ms Image
text/html 172.253.115.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8dNy3IbGwCemK7Cq3nBVKD-KMvj3gpH_O3aXYiQQ1PEtSyy6JTQi5c_K-ktCihoRb7uEofsPG7Aa3WgosYEo2Siljng
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5372786174760228&output=html&h=280&adk=1606071286&adf=430874041&pi=t.aa~a.1711906059~i.14~rp.4&w=702&fwrn=4&fwrnh=100&lmt=1707153866&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9720455393&ad_type=text_image&format=702x280&url=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rh=176&rw=702&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707153866552&bpp=2&bdt=1813&idt=-M&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6827351143638&frm=20&pv=1&ga_vid=1967591128.1707153865&ga_sid=1707153865&ga_hid=1628165602&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1924&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C42532523%2C44809005%2C44809530%2C31080825%2C95321957%2C95324155%2C95324161%2C95324266&oid=2&pvsid=2104204338625840&tmod=841211714&uas=0&nvt=2&ref=https%3A%2F%2Fgbhackers.com%2Fhackers-exploiting-linux-privilege-escalation-flaw%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.115.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f105.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E25B 205 KB
62 KB 35ms
33ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:19:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 18:19:58 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame E25B 37 KB
15 KB 34ms
32ms Script
text/javascript 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 13:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 May 2024 13:09:34 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E25B 45 KB
45 KB 40ms
36ms Image
image/jpeg 172.253.122.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTj7hH9pMzdAj6UVA4t6FY3c88NRIkvF4hDZF0V59u_q8c3Y_VXkzOhexNf524&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f113.1e100.net

Software

sffe /

Resource Hash

e166d7455768ebd8035cc264787c07f1d83f66460c8a72282b257291fa7d6029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 18:11:45 GMT
x-content-type-options: nosniff
age: 169962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45627
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 01:22:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 02 Feb 2025 18:11:45 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E25B 24 KB
24 KB 43ms
40ms Image
image/jpeg 142.250.31.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSvP0twukXJ6MrqDFEhIoLwtz2YYbOSZavoCELzOldqBDOLb779wSSJJVFKkaE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.102 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f102.1e100.net

Software

sffe /

Resource Hash

c9838fd134535cb0ecefeff3c961124b177b26237ca298f6422ce5ae8efdeb0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:32:11 GMT
x-content-type-options: nosniff
age: 6736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24839
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 10:12:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 04 Feb 2025 15:32:11 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E25B 15 KB
15 KB 33ms
31ms Image
image/jpeg 172.253.122.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRRgUhTeKZ0q7HBZ4oixLN8zFm6iO75oDu4roIJ2BZ4HgiVyx9ht3SibejNmA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f113.1e100.net

Software

sffe /

Resource Hash

81d76fcdf0d55900823bb819c83102bb12f01ff1a69f8fb28b011d4fe36b9876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 13:03:34 GMT
x-content-type-options: nosniff
age: 361253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15215
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 09:17:59 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 31 Jan 2025 13:03:34 GMT

GET
H3

200

8698539365504761701
tpc.googlesyndication.com/simgad/ Frame E25B
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODqg_3XQRCwCRiwCTIIkmDQmvwj6IE
https://tpc.googlesyndication.com/simgad/8698539365504761701

77 KB
77 KB

33ms
32ms

Image
image/png

142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8698539365504761701

Requested by

Protocol

Server

142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Sun, 02 Feb 2025 18:08:00 GMT
date: Sat, 03 Feb 2024 18:08:00 GMT
x-content-type-options: nosniff
age: 170187
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 12:31:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Sun, 04 Feb 2024 23:24:16 GMT
x-content-type-options: nosniff
server: cafe
age: 64811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/8698539365504761701
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Mar 2024 23:24:16 GMT

GET
DATA 200
OK truncated
/ Frame E25B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd4f05dd39c287aa86804cbfc1426f4e085d4b06c8880ec8a83f7d73e0fd32b9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame BD66
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELOrNGF4rsmB2zRhUyEC4L8&google_cver=1&google_push=AXcoOmSgX9X4-1g3UVLSWqP2j3B2W3loXtoWYMOcfyd1rnap6S_kZ1IROaFlH3Ixi6TMeC0C0KiSXKpxXKIbHhutN2pHXzLCV88QJEH2
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTIxNTY1OTg3NDU4MTk2NDUzNg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELOrNGF4rsmB2zRhUyEC4L8&google_cver=1

43 B
398 B

147ms
51ms

Image
image/gif

50.116.194.21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELOrNGF4rsmB2zRhUyEC4L8&google_cver=1
Protocol: H2
Server: 50.116.194.21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS: presentation-atl1.turn.com
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 05 Feb 2024 17:24:28 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 17:24:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELOrNGF4rsmB2zRhUyEC4L8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BD66
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIVy2Lr1ZuV2YTllKfQQGpU&google_cver=1&google_push=AXcoOmQPddxBkKRgLUjrVpEk3_wiQZUvKMvnn8Ind92WrlTaHSayepXMT4MVo2RhoWj79P3bCL27tw9mfIimHAaIPJk1HqqUVchkNhl-
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11EBE8E2B1A64B8B92292226676F7C09&google_push=AXcoOmQPddxBkKRgLUjrVpEk3_wiQZUvKMvnn8Ind92WrlTaHSayepXMT4MVo2RhoWj79P3bCL27tw9mfIimHAa...

170 B
232 B

49ms
49ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11EBE8E2B1A64B8B92292226676F7C09&google_push=AXcoOmQPddxBkKRgLUjrVpEk3_wiQZUvKMvnn8Ind92WrlTaHSayepXMT4MVo2RhoWj79P3bCL27tw9mfIimHAaIPJk1HqqUVchkNhl-

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 17:24:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Feb 2024 17:24:27 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11EBE8E2B1A64B8B92292226676F7C09&google_push=AXcoOmQPddxBkKRgLUjrVpEk3_wiQZUvKMvnn8Ind92WrlTaHSayepXMT4MVo2RhoWj79P3bCL27tw9mfIimHAaIPJk1HqqUVchkNhl-
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 04 Feb 2024 17:24:27 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BD66
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIGi9GBlb6xHGJASAh6VKD4&google_cver=1&google_push=AXcoOmSN3Py22gl6K7JaU0tVfd_6FI0ABFLYQ05cJ8GTtnuq-SUFxgZ3asu-lgWpBaRMjkyX6cJ0l...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSN3Py22gl6K7JaU0tVfd_6FI0ABFLYQ05cJ8GTtnuq-SUFxgZ3asu-lgWpBaRMjkyX6cJ0lRTF5dszVPqeHkPrKtSzldTjGpTF

170 B
329 B

48ms
47ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSN3Py22gl6K7JaU0tVfd_6FI0ABFLYQ05cJ8GTtnuq-SUFxgZ3asu-lgWpBaRMjkyX6cJ0lRTF5dszVPqeHkPrKtSzldTjGpTF

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 17:24:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Feb 2024 17:24:27 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5340BAF96BDC4698B11B15BB029A78DC Ref B: YMQ01EDGE0313 Ref C: 2024-02-05T17:24:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSN3Py22gl6K7JaU0tVfd_6FI0ABFLYQ05cJ8GTtnuq-SUFxgZ3asu-lgWpBaRMjkyX6cJ0lRTF5dszVPqeHkPrKtSzldTjGpTF
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQpbvf7dmM78H1BXgjnw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD66
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEPpciaWYh58R1moMMdJzEeA&google_cver=1&google_push=AXcoOmSh3jn62Po6-FshBxeAHwTJWKtfXcJrgZrVsPad0GSbE9H3ZezKqCb-wLRgZyzwbfgnruQJ9TScoTmt0Xm3LBHGNKwGnRac91gm
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WGtoaEZDMmFDVnFNWnB5RHpCbkJaUQ%3D%3D&google_push=AXcoOmSh3jn62Po6-FshBxeAHwTJWKtfXcJrgZrVsPad0GSbE9H3ZezKqCb-wLRgZyzwbfgnruQJ9TScoTmt0...

170 B
188 B

48ms
48ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WGtoaEZDMmFDVnFNWnB5RHpCbkJaUQ%3D%3D&google_push=AXcoOmSh3jn62Po6-FshBxeAHwTJWKtfXcJrgZrVsPad0GSbE9H3ZezKqCb-wLRgZyzwbfgnruQJ9TScoTmt0Xm3LBHGNKwGnRac91gm

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 17:24:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Feb 2024 17:24:28 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WGtoaEZDMmFDVnFNWnB5RHpCbkJaUQ%3D%3D&google_push=AXcoOmSh3jn62Po6-FshBxeAHwTJWKtfXcJrgZrVsPad0GSbE9H3ZezKqCb-wLRgZyzwbfgnruQJ9TScoTmt0Xm3LBHGNKwGnRac91gm
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 247

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame BD66 43 B
363 B 98ms
32ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT8sBoILi0GScKmcSzV6x6Axvlbg4mg6_MFchFaE94bUE61r7nFG7cyKCO8o9iMFokl0t6h3Cfp5AfKYidEZMkSeO6pRa8Mf4U&google_gid=CAESELE9D2CwqA44tKzKj-J4g5g&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 17:24:27 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 516523
expires: Mon, 05 Feb 2024 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BD66
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECb-mkZb6zpXVzyXcxpsI5I&google_cver=1&google_push=AXcoOmTcNcUqjJJQGNpV8xBeHX3NHg6DJsJHZTvZsbsJ58hwhtvs10MjFn7aGQn9iSrk3qcRr1ZcwprJ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECb-mkZb6zpXVzyXcxpsI5I&google_cver=1&google_push=AXcoOmTcNcUqjJJQGNpV8xBeHX3NHg6DJsJHZTvZsbsJ58hwhtvs10MjFn7aGQn9iSrk3qcRr1Z...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQyNTc0OTE2OTMwMTg4MjUwMQ&google_push=AXcoOmTcNcUqjJJQGNpV8xBeHX3NHg6DJsJHZTvZsbsJ58hwhtvs10MjFn7aGQn9iSrk3qcRr1Zcwp...

170 B
232 B

48ms
47ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQyNTc0OTE2OTMwMTg4MjUwMQ&google_push=AXcoOmTcNcUqjJJQGNpV8xBeHX3NHg6DJsJHZTvZsbsJ58hwhtvs10MjFn7aGQn9iSrk3qcRr1ZcwprJrXlMX8zLtBjlOmzT-YVfbe8J

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 17:24:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 17:24:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQyNTc0OTE2OTMwMTg4MjUwMQ&google_push=AXcoOmTcNcUqjJJQGNpV8xBeHX3NHg6DJsJHZTvZsbsJ58hwhtvs10MjFn7aGQn9iSrk3qcRr1ZcwprJrXlMX8zLtBjlOmzT-YVfbe8J
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

cm
ams.creativecdn.com/adx/ Frame BD66
Redirect Chain

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEENpOXQhpvCAWOL3vUvK7C0&google_cver=1&google_push=AXcoOmSiPDZhGS4xM6QVP4t62J21SVTEUpczyBNn6GjwtIvvWKROddwF9DHXTaBXd2_jrhKproEuqqDepOXhePR42...
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEENpOXQhpvCAWOL3vUvK7C0&google_cver=1&google_push=AXcoOmSiPDZhGS4xM6QVP4t62J21SVTEUpczyBNn6GjwtIvvWKROddwF9DHXTaBXd2_jrhKproEuqqDepOXhePR42...
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=2isVxo51js7LV-47ey4EhG-IlbKBy2gdBVOhxrQ52dI&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEENpOXQhpvCAWOL3vUvK7C0&googl...
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
https://ams.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5

42 B
243 B

103ms
102ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 05 Feb 2024 17:24:28 GMT, Mon, 05 Feb 2024 17:24:28 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ams.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
date: Mon, 05 Feb 2024 17:24:28 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BD66 0
130 B 113ms
45ms Image
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjincGx_HMwznAY65LDo5WePop6fyKp48fe5IP4cV8VQEgad3_FZu_tiFUZCob2U1FTizMnQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWMMfBnAIwkAlX_rG3_1FGLAu7Qk0gNcgk5wgRZz-rZwWSKPUyrMWPx2g9N2HVOvySIwgRvKt-P_az58QoGPTsGYfwVHL6SNwxuNI1CZ1d_d9p7R38IbU43x9bF2FyY63d4I1C8hQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_aZATYfjYdyOQnRVBdMWig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 17:24:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_aZATYfjYdyOQnRVBdMWig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcJze3LKOTeDBpZPnmQHsnCLy"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gbhackers.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWMMfBnAIwkAlX_rG3_1FGLAu7Qk0gNcgk5wgRZz-rZwWSKPUyrMWPx2g9N2HVOvySIwgRvKt-P_az58QoGPTsGYfwVHL6SNwxuNI1CZ1d_d9p7R38IbU43x9bF2FyY63d4I1C8hQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ds-9ujmi7HdZoshWoQHYwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 17:24:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-Ds-9ujmi7HdZoshWoQHYwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcJze3LKOTeDHxjdXmAHsrSMQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gbhackers.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWMMfBnAIwkAlX_rG3_1FGLAu7Qk0gNcgk5wgRZz-rZwWSKPUyrMWPx2g9N2HVOvySIwgRvKt-P_az58QoGPTsGYfwVHL6SNwxuNI1CZ1d_d9p7R38IbU43x9bF2FyY63d4I1C8hQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UacZxT3R6rAgIYqgYIGWAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 17:24:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-UacZxT3R6rAgIYqgYIGWAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcJze3LKOTeDAmdarzADr0CKQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gbhackers.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWxE6L0_fF_uQyaEPH0U2suqcto_lLWHkJDXGO_biotmrV73x4kzSzq7hJ9oH9W4PWIOONPuiNs59hEl_lwv56S8iuaSTq5UxrdcCty4kMfvmu_NcTYDwLFPFzf7wRPpY_91dVUMA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 71ms
71ms Script
application/javascript 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWxE6L0_fF_uQyaEPH0U2suqcto_lLWHkJDXGO_biotmrV73x4kzSzq7hJ9oH9W4PWIOONPuiNs59hEl_lwv56S8iuaSTq5UxrdcCty4kMfvmu_NcTYDwLFPFzf7wRPpY_91dVUMA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MTUzODY3LDk1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9nYmhhY2tlcnMuY29tL2hhY2tlcnMtZXhwbG9pdGluZy1saW51eC1wcml2aWxlZ2UtZXNjYWxhdGlvbi1mbGF3LyIsbnVsbCxbWzgsIlJVclpCamtBT1JrIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

b46efb6afcdc0f88f1085ff5e83aae54b0d15fdf98489a4796f9f9378a2eaee1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iC6NOjYkWbAmUy73kAM-ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gbhackers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-iC6NOjYkWbAmUy73kAM-ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6a1zddNYCIOZbN53VcP101i1nprPuAeKY59NZU4B4MesM1tVAPCVwBuscIHZKn8EaAsSfM2ew_gbistvnWOuAWFjuPKs0EAtxc5zZ3LKOTaBjXgMjAPXQUDY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E25B 0
20 B 92ms
92ms Ping
image/gif 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20240131&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/load_preloaded_resource_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 17:24:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame E25B 21 KB
21 KB 32ms
32ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 07:38:40 GMT
x-content-type-options: nosniff
age: 35147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 07:38:40 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame E25B 20 KB
20 KB 38ms
36ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:28:58 GMT
x-content-type-options: nosniff
age: 374129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:28:58 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E25B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CP5N1yhnBZc2_K_vGvPIPpcy3oA-ukY3ddePaz_qWErnu8MiqARABIIqq9kJg_eiigfADoAGhwJjxKMgBCagDAcgDywSqBLgCT9A8AH6ZK1sM-cmDRcEE7XIEo12dfSLfaD4a3F7okMRsNWw...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x804bbe4b7674e21a0000000000000000%22,%222%22:%220x91d26f93e99141630000000000000000%22,%223%22:%220xb44fd7...

0
0

100ms
99ms

Fetch
text/css

142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x804bbe4b7674e21a0000000000000000%22,%222%22:%220x91d26f93e99141630000000000000000%22,%223%22:%220xb44fd79da95ea1a10000000000000000%22,%224%22:%220x2cf4a524323d8b3f0000000000000000%22,%225%22:%220x531c4f15b456db6b0000000000000000%22},%22debug_key%22:%2216014411165118801108%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227901755299727304673%22}&andc=true

Protocol

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:24:28 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x804bbe4b7674e21a0000000000000000","2":"0x91d26f93e99141630000000000000000","3":"0xb44fd79da95ea1a10000000000000000","4":"0x2cf4a524323d8b3f0000000000000000","5":"0x531c4f15b456db6b0000000000000000"},"debug_key":"16014411165118801108","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["02-05"],"6":["true"]},"priority":"500","source_event_id":"7901755299727304673"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Feb 2024 17:24:28 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Feb 2024 17:24:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x804bbe4b7674e21a0000000000000000","2":"0x91d26f93e99141630000000000000000","3":"0xb44fd79da95ea1a10000000000000000","4":"0x2cf4a524323d8b3f0000000000000000","5":"0x531c4f15b456db6b0000000000000000"},"debug_key":"16014411165118801108","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["02-05"],"6":["true"]},"priority":"500","source_event_id":"7901755299727304673"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame B355 51 KB
19 KB 32ms
32ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 426586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jan 2025 18:54:42 GMT

POST
H3 204 AGSKWxX2M0QXE5ZZ2vWCBNrWp2Ou4B6qrFQRR770hRmRWH4JIFwRID_qRH_o58udBvV7h931-AL2lMO1aNPgLjcqnnDVn2GmIQyOq8XF0vTOVGY_q9xPUkMgxDcozC4gve8kgmBlkfLsaQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 57ms
56ms XHR
text/html 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX2M0QXE5ZZ2vWCBNrWp2Ou4B6qrFQRR770hRmRWH4JIFwRID_qRH_o58udBvV7h931-AL2lMO1aNPgLjcqnnDVn2GmIQyOq8XF0vTOVGY_q9xPUkMgxDcozC4gve8kgmBlkfLsaQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_cWgZ5jiJVV9SoPK7D79xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 17:24:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_cWgZ5jiJVV9SoPK7D79xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAtxc5zZ3LKOTeDEzdlKAMf_IgI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gbhackers.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWMMfBnAIwkAlX_rG3_1FGLAu7Qk0gNcgk5wgRZz-rZwWSKPUyrMWPx2g9N2HVOvySIwgRvKt-P_az58QoGPTsGYfwVHL6SNwxuNI1CZ1d_d9p7R38IbU43x9bF2FyY63d4I1C8hQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3Cr1gCiEvE1s0dzEmt1xZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbhackers.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 17:24:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-3Cr1gCiEvE1s0dzEmt1xZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAtxc5zZ3LKOTeDD-y3yAMe8IlI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gbhackers.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 88ms
87ms Preflight
text/html 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x804bbe4b7674e21a0000000000000000%22,%222%22:%220x91d26f93e99141630000000000000000%22,%223%22:%220xb44fd79da95ea1a10000000000000000%22,%224%22:%220x2cf4a524323d8b3f0000000000000000%22,%225%22:%220x531c4f15b456db6b0000000000000000%22},%22debug_key%22:%2216014411165118801108%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227901755299727304673%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 05 Feb 2024 17:24:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4BED 42 B
64 B 96ms
96ms Fetch
image/gif 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDGb1ugEQcDVFMP2c3RW2xFWFsGnUjgQfrkTAMkekytb15GKoMp8mcsW_5uSUtLYi90tnNnkfz6DANg9gqzceuMHFWx1QsLXSQhrEKgYGZOLzZ4knknfoyA9J-gQlYxdR5rxFRpTh4Awn9dZkVDBQzqqr5&sai=AMfl-YQaoic9TsqBkjOuud6dElv97DdW4GW8qxx1cDk50B2wLvXXvQjlkBguQydRi4SSj_qKibdRLDSgIxJLUDQOr569uo7-OisakT3UllarMZ0_eTzOMg3Ln0hQeJJl0JepRy1iT_O_kd8aQ0jnDlR6&sig=Cg0ArKJSzGxCsC_LFEZuEAE&cid=CAQSTgAvHhf_uHtqqfZqzsvhIPJKdRyob3N7DZVpnbA2CQo0Y1O1lFrp7QGpJZSdJOBgLEuGNt_78gOeugq9CFUOk1dIAaCVhf3CQme-7zTxURgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=181,863,1001,1001,1001&tos=181,682,138,0,0&v=20240201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=308666600&rst=1707153866752&rpt=386&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 17:24:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E69D 0
54 B 45ms
44ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ls97c27j&c=4406108212461&slotId=2203054106230.5&qqid=CPad5t3blIQDFYUGTwgdWI8PFw&umsem=0&ple=1&ape=1&met.4=vfl.ls97c2e2~vil.ls97c2ee
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bc7f7aad4239fe322274bd94f062aab7.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 17:24:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: staging.gbhackers.com
URL: https://staging.gbhackers.com/wp-content/uploads/2023/08/2020072771408f81-31a7-403e-59dd-d687f193fc7d.jpg

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2e3UhFjK6kw096Xrt8MoJYffOOHdoQvN8fZL5YkegZxCPAWLieu5mAfk1OX-vOAJfrqS_ub7892zyU-4kJoKlbpsWTeQcPZsSEpaDPn3nQMx1jdbolvIO6eMEhduZwxMD7fQ2v5XL3xNedgYB-XvBZCX7inRa4V8GO86YaAOoS2wiuSnEAlp4HFgpyH5g/s1600/Hackers%20Actively%20Exploiting%20Linux%20Privilege%20Escalation%20Flaw%20to%20Attack%20Cloud%20Environments.webp

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggxrET8rL53qWvxNg0ojgbDwhKZUmlLqGRzzfXePO67o4NYLh0rAXrh94aQcN0k8EB1cge5SlSrZ42GgQgjwsxqYAEkfzyYPTOtaQzOjdx4grNJfxFnnp7ei-h6DN35p1Jx3I6LKIO33fXMa31b1WDSmqshyN3cEpkEprhl3kNt-zagtkffvumEVFf4tkD/s16000/gbhackers-waf-banner-300x600.png

Domain: staging.gbhackers.com
URL: https://staging.gbhackers.com/wp-content/uploads/2023/08/2020072771408f81-31a7-403e-59dd-d687f193fc7d.jpg

Domain: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=13218263&counter=bottom&xdOrigin=https%3A%2F%2Fgbhackers.com&xdChannel=86caf750-1801-498b-ba95-2a1b5ebb5123&xd_origin_host=https%3A%2F%2Fgbhackers.com

Verdicts & Comments Add Verdict or Comment

230 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gbhackers.com/	1970-01-20 18:15:26	Name: _lscache_vary Value: 9e59cab51106babe21d610b1d21d0b3a
.gbhackers.com/	1970-01-21 02:58:09	Name: cf_clearance Value: 5BUKJmukj4qlI.TNDyYn8_wI8rvkZR468mE4Tj6P1kk-1707153864-1-AbP4adl/iYFv9s39AlofKJ/m+j2YkRZsjylyaAxhM4L6BTX6emtW8dZAQasANLJ323nQpg29OZV9FotGgqMawvY=
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-21 02:58:09	Name: bcookie Value: "v=2&99130983-9dd0-4cb0-8d07-7a1b8489cb97"
.www.linkedin.com/	1970-01-21 02:58:09	Name: bscookie Value: "v=1&202402051724256684b9c9-0820-4228-8a37-305e0384d1c1AQGaVvfJyW7car-KWBlrxJOrHJ89MvxI"
.linkedin.com/	1970-01-20 18:14:00	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3187:u=1:x=1:i=1707153865:t=1707240265:v=2:sig=AQGlRRFon6jWLjJHX89f7aUuiaYqU91Y"
.www.linkedin.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: ajax:1538559766082836317
.gbhackers.com/	1970-01-21 03:34:09	Name: __gads Value: ID=2b0d3e865991fe58:T=1707153865:RT=1707153865:S=ALNI_MZY41WfvDETAL4nMww04cjupGETOw
.gbhackers.com/	1970-01-21 03:34:09	Name: __gpi Value: UID=00000a0b8ebe44ec:T=1707153865:RT=1707153865:S=ALNI_MZObBBq2zGSmSbp-8KfUltphiiV9A
.gbhackers.com/	1970-01-20 22:31:45	Name: __eoi Value: ID=52252ab16cd8042a:T=1707153865:RT=1707153865:S=AA-AfjZpMm4dh8YoUUGgSungn_AC
.googleadservices.com/	1970-01-20 20:22:09	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 03:48:33	Name: IDE Value: AHWqTUmVwAXmDP46Icnf8WDxKDS2NqQAI9X4jLG0u8skNZr7IRZ-Od4cmd5FRaAb90Y
.simpli.fi/	1970-01-21 02:59:36	Name: suid Value: 11EBE8E2B1A64B8B92292226676F7C09
.adform.net/	1970-01-20 18:54:19	Name: C Value: 1
.gbhackers.com/	1970-01-21 02:58:09	Name: FCNEC Value: %5B%5B%22AKsRol9khVY6qOy4iYEet5To8kqdmS9yxiMjp_F9WdBMfgon0IjrByRdTHeA7NJbnmXPiGvgqtEGT73p6X19FoMfQSU8EZGSpxGq2lG09C9dKe0onrusiswUCCduLjyavT7EqMv--0iXCogW62jrqiSUYd41btjBMQ%3D%3D%22%5D%5D
.adform.net/	1970-01-20 19:38:57	Name: uid Value: 6425749169301882501
.creativecdn.com/	1970-01-21 02:58:09	Name: g Value: WBXNGmnuHTq6IwQGT7vk_1707153868153
.creativecdn.com/	1970-01-21 02:58:09	Name: ts Value: 1707153868
.turn.com/	1970-01-20 22:31:45	Name: uid Value: 9215659874581964536
.c.appier.net/	1970-01-21 02:58:09	Name: _auid Value: XkhhFC2aCVqMZpyDzBnBZQ
.c.appier.net/	1970-01-20 18:55:45	Name: _gu Value: CAESEPpciaWYh58R1moMMdJzEeA

57 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://staging.gbhackers.com/wp-content/uploads/2023/08/2020072771408f81-31a7-403e-59dd-d687f193fc7d.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://staging.gbhackers.com/wp-content/uploads/2023/08/2020072771408f81-31a7-403e-59dd-d687f193fc7d.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gbhackers.com/hackers-exploiting-linux-privilege-escalation-flaw/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
ad.turn.com
ams.creativecdn.com
blogger.googleusercontent.com
c1.adform.net
cm.creativecdn.com
cm.g.doubleclick.net
creativecdn.com
csi.gstatic.com
dis.criteo.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gbhackers.com
googleads.g.doubleclick.net
i1.ytimg.com
pagead2.googlesyndication.com
pixel.wp.com
platform.linkedin.com
px.ads.linkedin.com
r.turn.com
rr2---sn-ab5l6nk6.googlevideo.com
staging.gbhackers.com
static.licdn.com
stats.wp.com
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googleadservices.com
www.gstatic.com
www.linkedin.com
blogger.googleusercontent.com
staging.gbhackers.com
www.linkedin.com
104.21.34.223
13.107.42.14
142.250.31.102
142.250.31.132
142.251.163.155
142.251.163.94
142.251.167.157
142.251.167.95
152.199.24.163
152.199.5.152
172.105.213.147
172.253.115.105
172.253.115.156
172.253.115.94
172.253.122.100
172.253.122.113
172.253.122.139
172.253.62.102
172.253.62.132
172.253.63.102
172.253.63.154
185.167.164.52
185.184.10.30
185.184.8.90
192.0.76.3
216.239.32.3
34.150.170.96
50.116.194.21
74.119.119.150
74.125.0.135
0013ab49ce6bce3ffcb7100f9f9351a3847be2be13eb6aad6f2826a543ad34f5
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
029933e9acffa3d306253574c7f69ca044b74f625bac6392b06e2dc84a0358bd
046717d70366ca33bb3789d121ca3e84583e66c783b6dd879da77994cc77a16d
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0a04a6b477324ec10bc1322c568e6fe5d061ae803e1db827e38d05ca2e604f1c
0b17e07b3111c0378867cf2f79a0f7c0f348afdc4288de08a7b2b63663eef207
0b26b0225d7bf884e8a9429959b5cf63e31e5e7d0c9fc5a88cfcfe59671c2b6c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fc4360c0a29af7e975e2ad9dc76f951e49628535a6de8003b5675d428e353c4
126491ca5eb371eda925bbc0bfc5880354f4f0ef46fc05a53cb08e611526dde1
12caed2c3b74424afad5b326b244f89bb46e00ecda6eed633e08a2654afbbe18
15c1fa3b178d31c3daed27a4cff7b61ea8073060df1c5b3c5aed99ede66bda74
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
1fcf6fe53e66f96bcb2ea0880cd46f587d94cb50ce0eeae6782c27a406ad18b1
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
233f2b2d1dc2196f93c236a30a61cbea0a794a1241fc50a85baac3720a95d65d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26f9361658996433b85b0c6e19f62dd5bee557c4adf357a8c2777bd558feccd5
275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37
2796e1361ce7a2f174509e99243965f1e0917601d10f2aead6fc7f9251019c04
2917d90e5e1d1ce32a0753b48bcadb8c98c4a2a7e0f060f3bee0d45d51373b2a
2a31a33fc31ae7a9514ac25ccd3288f9ee2fbfbbd33b07f58f694e207876bdf1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c3aca021fa7ff4be15339b000f1dff9ae500526ac6fb55b14389e3c4597a527
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d0c65d57cea07c651bd80f7165d8ec50a1c09884db8c911cc5a3a45cd46390b
2d4d1908b557d4c21b1023a4a43ed10373f89bd070d3029005572b7f41809764
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2eef46dddc1cd02fd80cd4b37cffbe963ebfda495cb316937805be4595d2e112
307e1a72eca0e7c2e8a53eccc42fc2d5e7216f4be4885be44f5e7be00e628d10
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32ae247e879a3b1b2405758e18afb6c4d3b4ff120090ade83f320df4681c1ce3
340924ac682298d8171157183f263c3d23c29b099cb7a6b30569dcd86e75bf6c
36973c14c4ec99c8a2628f8e69399425dd0a55518755792533569d763b1a654e
36fa7ec483adc206a0b0ec5e6aa360d6889efffaa0655729b36513ca6aa28dec
37552f69514fecd835ff9c729be34b76f064fd722ce5bdeea316015fde5ac027
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ea33bb1565c64b033be9f6e65ebeff13d03459f6d8d3fe0568cf14913b74bcd
3fe1e827ec6e0faf05d0559b2bc49a2d2f07edb09b82e09c7adb6bff173f69d2
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4609c06d6b3f68810684ff17043090a96ca190ae3188afe1206ed2f5f62f4a77
460b4ad2ef98c1b9b54dee09e81194927c3c7207460d07ac1b34e82ddcb7fd51
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4885ee1310b7a3cecb308f62e86872f0cee6921d408977e3a1397c139e5b0b0a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d18cfa356d72232e56f78c9c1c299008a79639e5a6b63a9fa56e57f289193bf
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec2e0a9621a04369a540c5621200689817f754b76c2a86489afe64c00811b88
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5101fa4f35f9e33fae7d6df0ecba0dbf0e8805fe9d234bbf005a4fe3a9991865
53661e1472a669c228222922fbf39f8c593c539e488241b50966070b51ed9f0d
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b76ef3be622129f9c57937fcd6759c3844f0da47e254bacc5de7d563c2e95a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ce06d12476fe2c3efd8981fb2e0d1cedb9bb8a8da1c377540dae2e3e8f40aa5
5fec1a8748b07be2a01cd128a1ce84efdfc175c6e6c55c1c4b80eb44300fbb4b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64567c5e8d41579ae3c9358f526fb612045b2b0411081cca6767dc75f096cbd1
64bb36fdc546d5ea64141508b7b43fae8946731fef83a203a6643e103744aa03
64bde18d8671690f9141375afac90d608da3a4e3f55403ce2fcdab5b507006e1
7368db93c924a10e3af9e7b9428e107894f598686b83b2153439a581b3fa4176
73f5ed5132b2f16e83906cdafeb4b12d5d047e7474527c9020df0312df6ba816
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
7d707172ce856c4ce5413ba9adb35483106a2f1ad9b4fdd285f3b1540cb4f7e4
7d7d4f44241056aefd35b0bb8e10c33f889e865abb6378e124b5da0d9b0c6acf
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
81d76fcdf0d55900823bb819c83102bb12f01ff1a69f8fb28b011d4fe36b9876
83f7bfce8835fecb5302bfc1fe5ecca789506beaaceff69aa097629f9739221f
84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b
84c0fa68ee2db40f022744b0df40c9642364978814babe80631ee14649c57a3c
86bf766865ae129b5f6eb788f265a19bc6a1d21fb88e3289e3955e2f4f89d5f9
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8aa739bb859941d2f12e90c188858b7cf127d3c7dda07f70b171e981076b8660
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
8cd1aa3320ac7c4b14118aa9ea4d422041f089d53cb3ddbc61dbad69eb1fd12e
8cec0568b8c5294b0ae8b686b0803c9ded43d2c8bef916e8e72def00d89af188
8dc26caf0d8fc5f38e3b7768563088dafa8faf717d2f8ef6fa67f35749aae4dd
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9465d6fafd12f6f026d97e9583c5e5e7a87cf1f565b4e59da4911e7c354de5be
9681064cc0d41b9f603de6b0b6ce684bf6c448387bfd377441faf3286aead8b9
98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e
98a9871b1d3a0a44ad7e7de96d6af7a365c9c86f7524358189169ba2724ed6a4
99fda8b2abb0af6ab90ee32a785a3908a8c07a7ba29491fcef044795b0360995
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1748d8cea8b7f3eeace07cef59dfb618e116d46b2a1bd8cdab1bdbcf716590
9cb148fbeef424f88bde406f8ed5af4f0156ebb3c7373a1fe3edb34cf06396a2
9cc6b1b4d88116073306ad5148bcf012c713c589c04e1b991a9035676dcd3296
9fda5ff8910b86411087b7c4c614e66b41eea77a892c9e816840f46c5fb8e9d2
a434645a17775460704ad54d90577539689a282832d60ea857183d70366a427d
a796a7be7e1e37f36b5aa5c6a2533486fbc360e5412bf78580ea314b02f9fa5a
aca18420bb327f094672d6ec8ea12a9ef0eb947ed1015b296f44e5cc95845ae8
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
adb65669c9ada12a5c7a102979d8bf26cb39baeb296e836bc06ea6f0c8ed4f4f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1840fc0cfeb4d664ad494add82f7f4fc1c45c852a375834db47c0d1ba49d19b
b46efb6afcdc0f88f1085ff5e83aae54b0d15fdf98489a4796f9f9378a2eaee1
b9bec247813fe14c962c6478d9c1e4d521be73d4261aa6e63adca81f873a5564
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbd85d9238e9e46bc45da79f2814000dd43b574f2cbcd4533bf005899b214bdd
bc915c1f3bb527c0ad9c102c5f6004c9e5a84a5ba637a76b13611e66eb6487f2
bf2defb9660abeee3ab31471e8ef505caeedae433761e78398015fff073073ef
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c9838fd134535cb0ecefeff3c961124b177b26237ca298f6422ce5ae8efdeb0f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb978b753755834b23783cb48a512f099cee571a35418efdac64ed162049617d
cc26bcdb45c5477d27d9a242e920c612ef7ee9f7b123993b1e7e0ea3d197420a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cebeb638f6380a3fa66e608729ebc1c3465ca44015908222c0722e81502261cf
d1fed9652886febb863676496730bcd839a9c435fa6f72c015c0ee171a9430d2
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d32442891dcae36d8ca84ef307be3534ec1bb25f0b72a290446e50560a877692
d5542c4510ca401b310518148c408ba1c52a97e35ac3a0dde456230b6894a6ed
d5f5733f89f35abbee3368b4d72b28ad60a628e236452479feeec3444acb6695
d7e1116c00141cde70eb79551330c376c31db0cd5df2d1cc9dd64c68ef727c3c
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
db77d20346c56fbaf9f4b750d4512a840642da768191d9c83cbc7ee56eba83d9
dd4f05dd39c287aa86804cbfc1426f4e085d4b06c8880ec8a83f7d73e0fd32b9
de8d1a36548513388d01d1beec6c499dd22220af87eb93e5ce0ce562d0ad5690
e0d49a8f03d0407fedabe49d6db487ad62e4d387c595bcf2a88b623de11fa0e1
e166d7455768ebd8035cc264787c07f1d83f66460c8a72282b257291fa7d6029
e22c46011b6b9a23b7219e2ed6a78aa06e0d6fb0c274166ecc7ba412f020b12c
e25e62add9112517afe60b0717ae615a60807a3da37223234084b694e42e723c
e308c1328ae3042d14022fdea1e3d37d7ec24a019b4612ff6eec495f8ce55749
e3474d77e56176d1b865553eee382eaeea05dd8ab5c6579d1b2412988c530506
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e4a37cd111f96d393d31dcba0f281b16903bf1a7b7c916aab33a5bdd198ae890
e4eb1181801bbf483c630b0b4ea7e478584de25bb5ebc68343f370b420f36fe8
e5688319ea093a91c367a5f64f22b2012affd2a2bf80a8e31a6f4e02c67fb1ce
e8bb46d80302efabc7c4e63a92161bf286d14ff7ae3931127fd6cd6cb4428b27
eb2427a244934b7e1f0439dd1320bfb2a899cbfb9b8fd1e4ad28b53dfe2b07be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f415830f6275ca6bdc6320ede47f22d39205a727d282f9fddcbe3ced7666c26b
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5a19169357b9ffe3b21c07af6a32d873741ae7b3f9755657d9b5cde2c3b145c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdc6769a72ebf95f9891d967d25c16b60389dd84518e63a634cf1229f99012cb
fe2c455eee1ad0eba39bae086fb949347a3d3a0f2d70c8065d5c7863fbfc5c92
ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

gbhackers.com Open in urlscan Pro 104.21.34.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

227 Requests

93 %HTTPS

0 %IPv6

19 Domains

35 Subdomains

27 IPs

6 Countries

13651 kBTransfer

19956 kBSize

21 Cookies

11 Outgoing links

Page URL History

Redirected requests

227 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 22 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gbhackers.com Open in urlscan Pro
104.21.34.223 Public Scan

Screenshot
Live screenshot

Full Image

227
Requests

93 %
HTTPS

0 %
IPv6

19
Domains

35
Subdomains

27
IPs

6
Countries

13651 kB
Transfer

19956 kB
Size

21
Cookies

227 HTTP transactions
22 data transactions