unsafe.sh Open in urlscan Pro
2606:4700:3032::6815:1558  Public Scan

22 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request go-103435.html Show response unsafe.sh/	23 KB 9 KB	291ms 220ms	Document text/html	2606:4700:3032::6815:1558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6fa976a3bb8c3ba5bececf394c0a68b7663b55f79c7b348184a70c910311a24 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 80682c00ea4368f5-FRA content-encoding br content-type text/html; charset=utf-8 date Thu, 14 Sep 2023 11:08:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXyeEMbLo1b8twMtivo43DUuEgIAoUU5VGSy3tMETEeWpMZf0jeLxp78YBcxaWfxCdl5nC3haMhpUDmeGc162BnO6eBhsMSuu%2B0tHGKUSLz%2B90ZOxvAx2v4P1NRF4G4OhNhEabzK7mY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	bootstrap.min.css unsafe.sh/static/dist/css/	160 KB 25 KB	130ms 122ms	Stylesheet text/css	2606:4700:3032::6815:1558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unsafe.sh/static/dist/css/bootstrap.min.css Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/go-103435.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:25 GMT content-encoding br cf-cache-status HIT last-modified Sun, 25 Dec 2022 05:54:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gL%2FtsroC2wgwc67jXdfYZ7yi1Dnq07dNPE8oqQorJ27PEA%2Fd0jzR44qK4wudMw2VfyxCrAtFz%2F6OQP0AdMFPiu136I20E0lNARSojjf%2FOLunZnM%2Fo1vUhKYJrpM4%2BSbzDUJYkjR7K3Y%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 cf-ray 80682c029c1568f5-FRA alt-svc h3=":443"; ma=86400
GET H2	200	bootstrap.bundle.min.js Show response unsafe.sh/static/dist/js/	76 KB 24 KB	458ms 450ms	Script application/javascript	2606:4700:3032::6815:1558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unsafe.sh/static/dist/js/bootstrap.bundle.min.js Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3 Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/go-103435.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:25 GMT content-encoding br cf-cache-status HIT last-modified Sun, 25 Dec 2022 05:54:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2S3x1UiPu04e38nxFG%2B%2FVJoCRH7QgkCC79fOARqBY9TpUoWpl6nAQbMHAAuJqbgBqplP6Gt24VnM4DnahxKwUBIDkeFjnVvmnY6zDcL1uLVXj5NQsx3fdiv%2BmgHbKubHNpNdMUJALc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 80682c029c1b68f5-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	61ms 8ms	Script application/javascript	2001:4de0:ac18::1:a:1a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers Referer https://unsafe.sh/ Origin https://unsafe.sh accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:25 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-15d9d" vary Accept-Encoding x-hw 1694689705.dop223.fr8.t,1694689705.cds325.fr8.hn,1694689705.cds144.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET H2	200	content.css unsafe.sh/static/css/	2 KB 960 B	135ms 127ms	Stylesheet text/css	2606:4700:3032::6815:1558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unsafe.sh/static/css/content.css Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d869491434bb01e5ed929066e8a3bf3f2c6d6282c4649c837fed48110f399c9 Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/go-103435.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:25 GMT content-encoding br cf-cache-status HIT last-modified Sun, 25 Dec 2022 05:54:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbceCe9uD7Mzx4Wg%2BorufOEtCDMR2%2BrDkLZXnLmShXWXvl10Q3ScR%2FUaFHOrZbMSJouXmSgZqA5%2F6MmbYSc6YYt3QTgJyT36YNnc8Em5mMutvffnaYVAWMzGr471A%2FpaWHexwMMSg2c%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 cf-ray 80682c029c1868f5-FRA alt-svc h3=":443"; ma=86400
GET H2	200	imagebox.css unsafe.sh/static/css/	10 KB 3 KB	134ms 126ms	Stylesheet text/css	2606:4700:3032::6815:1558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unsafe.sh/static/css/imagebox.css Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c8750264db5673b91394a4a632e848704b1dec4809c1d50ae67e089f5f1fb51 Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/go-103435.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:25 GMT content-encoding br cf-cache-status HIT last-modified Sun, 25 Dec 2022 05:54:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCakHvCjVqL3z4IeeB9UY59oidnLw3XlRbm%2FHDgVURKaw%2Fbem1OkdmoMgn5Co0Zfg5VAN%2BL1qL50CURdcQ8vzugdBteq6ZQi3uddN9a82zH4kASu5ZrHWJjuFEWSIag5pAaNxgQH0Qc%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 cf-ray 80682c029c1a68f5-FRA alt-svc h3=":443"; ma=86400
GET H2	200	client.js Show response utteranc.es/	2 KB 2 KB	86ms 23ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://utteranc.es/client.js Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f36e0332898e1f23f085fb5da06939f26b2fd57e99c306e9c1f4ad3b17efcf34 Request headers Referer https://unsafe.sh/ Origin https://unsafe.sh accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers x-fastly-request-id d81e542d39c0feb00dd40e892af6246c8ca5539e date Thu, 14 Sep 2023 11:08:25 GMT via 1.1 varnish content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expires Tue, 05 Sep 2023 03:52:08 GMT x-cache HIT x-proxy-cache MISS alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230062-FRA last-modified Fri, 11 Feb 2022 15:29:47 GMT server cloudflare x-github-request-id 6D3A:5266:83EA93:86D478:64F6A38C x-timer S1694689705.445746,VS0,VE0 etag W/"620680eb-8d2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTrkTJHtSFGiibiQaJyg8o6GsEZf900JCNNrXpHmiiTLLWSjx4YayWBLrQK6%2FGagEvwzP9vBNGZM6Cking7k%2BxjHBZmqQyAfi0bX8C8DgCiapvWR2UKjCCyekhf6XsKjkKm%2FXtwglq5lPQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 80682c02f9e7697f-FRA x-cache-hits 4
GET H2	200	imagebox.js Show response unsafe.sh/static/js/	36 KB 12 KB	136ms 128ms	Script application/javascript	2606:4700:3032::6815:1558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unsafe.sh/static/js/imagebox.js Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9adbe4058414e8c08bffc8cbe1454c422f6152c1488237d290a08ffe5f65400 Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/go-103435.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:25 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Sun, 25 Dec 2022 05:53:50 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=36657 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tl9g0f5P9O83ZPYQZfCFu3Cdh%2FfyMVT%2FUVhDYhfrpkNUmR8C9UCaQjDRr%2Bk14GpcB4hc%2Bi8a5RpkEz3U%2BW2gV7qy2LGhI95QDtAA3AQ%2BBT5IqrjG1RcUzOt29A%2FqxJlq8Pn6ad6QxVo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 80682c029c1e68f5-FRA alt-svc h3=":443"; ma=86400
GET H2	200	js.js Show response unsafe.sh/static/	706 B 649 B	131ms 98ms	Script application/javascript	2606:4700:3032::6815:1558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unsafe.sh/static/js.js?ver=1.0 Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash becf4735a5cc67e08fa8d74c6f333b7d78d0cf9209e6415451435336d28495e9 Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/go-103435.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:25 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Sun, 25 Dec 2022 05:54:02 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=1086 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZwudb3I9QtD%2B4xSD4VIirB1nPQUgYP8Xuve%2FMAAfR4ibhfu92A7ylCxLedscjrTfJj2O27672TySYWOwmh1gU9knDS2rF0N5%2FULKkpATTqfZAGMScKhKApg9zlDQTAEKtLeHceC4rU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 80682c029c2a68f5-FRA alt-svc h3=":443"; ma=86400
GET H2	200	solarized_dark.min.css unsafe.sh/static/css//	1 KB 892 B	136ms 103ms	Stylesheet text/css	2606:4700:3032::6815:1558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unsafe.sh/static/css//solarized_dark.min.css Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a2fe5669ce5196d02b5faa73b22225a3858a1e31422e8bb3324744f19671ecb Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/go-103435.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:25 GMT content-encoding br cf-cache-status HIT last-modified Sun, 25 Dec 2022 05:54:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2LY2b9%2Bs3EjA81Z2BsIHv6X%2FjoTGEbeMe9L1Mso9tuITBfyva4nFNeJPM24LKSTEu5T1Satuu09k5aYflGp89EOZgq4a4RGuGTELVBAUGzxzbONGmyj4eEcwibzHEt0WVQmpQMzKyo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 cf-ray 80682c029c2568f5-FRA alt-svc h3=":443"; ma=86400
GET H2	200	highlight.min.js Show response unsafe.sh/static/js/	41 KB 18 KB	167ms 135ms	Script application/javascript	2606:4700:3032::6815:1558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unsafe.sh/static/js/highlight.min.js Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b54296ee0f649e3e92bbd8ceebccf8e88f6cab5bf188bd2f8f0ecd4734f94e60 Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/go-103435.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:25 GMT content-encoding br cf-cache-status HIT last-modified Sun, 25 Dec 2022 05:53:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdRkDxPtTT2%2FMimw8WMDkdKg0fgx40gzBx1oaGuTVey8AmdtEra6oL%2FmLz5m5WJwT%2FwyMiF%2BlKZZbl5VFg7YD1Cz%2BL6WyKK3pNxCmgm8TJMLpsR6HUr24Qeql82FGJvlniKyr0x6xEo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 80682c029c2c68f5-FRA alt-svc h3=":443"; ma=86400
GET H2	200	content.js Show response unsafe.sh/static/js/	3 KB 1 KB	131ms 99ms	Script application/javascript	2606:4700:3032::6815:1558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unsafe.sh/static/js/content.js?ver=1.0516 Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4113b9e3f6f31774a00a7715e01a756d4c816292f35da56f89ad04bdbeed2a2 Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/go-103435.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:25 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Sun, 25 Dec 2022 05:53:55 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=3815 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbrC3bj6NQtHqNufiRd3JEBJj8uCtOWsPo4pr4TeSFrjJ8k3E2u5qwmOWcbscBUr%2FvEWdgZkc2wYKNgQiWMNhIZ5w5dSXz3LOc8yUvxqD4PqwOGWVfB73HypjWSkLvwQJvofuwDqQl4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 80682c029c2e68f5-FRA alt-svc h3=":443"; ma=86400
GET H2	200	addview Show response unsafe.sh/	0 256 B	129ms 98ms	Script text/plain	2606:4700:3032::6815:1558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unsafe.sh/addview?id=103435 Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/go-103435.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:25 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xeBfUy1jDQouNt%2FbPLVTqEyDG8Gtn0KkI%2FqvN1eLLY7yo4NIN0QrxVE2c3FXF%2F2rI6MyTQPt0WyRRxYn5GNRuqvLKHG2aCBvQxlo9fxV5Q%2FsZLy3c0cghXlsuhUZrR7PBtGkgKnvxQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 80682c029c3168f5-FRA alt-svc h3=":443"; ma=86400 content-length 0
GET DATA	200 OK	truncated /	108 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8f27b2160255b0a3bbe960f0af6a1772a8514e2b3ba0acbeea1e622ebb5f3e4a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	1124ms 364ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?d7825adf12943cb1a605f0ede6c31ce8 Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cacb306a77c19c8f96b319d7d8e2046cff66e80a3704b21d4b698b48b1ebe7f0 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Thu, 14 Sep 2023 11:08:26 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag d577094247bec68d709d288e602aaa94 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11319
GET H3	200	dark_content.css unsafe.sh/static/css/	3 KB 2 KB	120ms 120ms	Stylesheet text/css	2606:4700:3032::6815:1558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unsafe.sh/static/css/dark_content.css?ver=0.03 Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e834a13ac986a3310a46e82f10f1c4d55d1c9bc44b695f4251d1e60c18004ec3 Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/go-103435.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:26 GMT content-encoding br cf-cache-status HIT last-modified Sun, 25 Dec 2022 05:54:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4wFjj48%2BZk4jMF8u%2F1oExSHpP%2BJ5pqxvDbDfUBgbFPWi%2BXAVa3Nte%2FgnWhe8U83gvWjz6sm6ZLgj1lVH8VmZAUtIjfDox6%2FJoTwTFeUEHsSv%2BKyyXvdMR3jP27sSuziws1SujmEG7Q%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 cf-ray 80682c05dfd21909-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	93 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	a6a68fbaf083fb74a4c8252a03ff07fb.jpg 8aqnet.cdn.bcebos.com/	15 KB 0	4435ms 271ms	Image image/jpeg	157.148.65.35
General Check archive.org Show headers Download Go to Show image Full URL https://8aqnet.cdn.bcebos.com/a6a68fbaf083fb74a4c8252a03ff07fb.jpg Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.148.65.35 -, , ASN (), Reverse DNS Software JSP3/2.0.14 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers ohc-file-size 32573 date Thu, 14 Sep 2023 11:08:30 GMT content-md5 IaT+yjuwHxwdb805DKCZFQ== age 171176 x-cache-status HIT x-bce-storage-class STANDARD x-bce-is-transition false content-length 32573 x-bce-flow-control-type -1 ohc-cache-hit gz4un56 [4], xiangyix146 [1] last-modified Sat, 24 Dec 2022 16:04:04 GMT server JSP3/2.0.14 etag "21a4feca3bb01f1c1d6fcd390ca09915" x-bce-request-id 2210a781-6623-4815-a855-e3aa0f943524 content-type image/jpeg x-bce-debug-id P6E2X7oKVY6gN0pzA0AJH+YvakT8I+GokdoErY9fzt9K7jRw0t43DZ6kURc63/JjJV88BWy1OHgbRfHdL/Wl4w== accept-ranges bytes ohc-global-saved-time Tue, 12 Sep 2023 11:35:34 GMT x-bce-content-crc32 749212570 expires Fri, 15 Sep 2023 11:35:34 GMT
GET H3	200	utterances.html Show response utteranc.es/ Frame FD3F	481 B 956 B	46ms 27ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-103435.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-103435&title=FreeBuf%E6%97%A9%E6%8A%A5+%7C+%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7&description=FreeBuf%E6%97%A9%E6%8A%A5+%7C+%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7&og%3Atitle=FreeBuf%E6%97%A9%E6%8A%A5+%7C+%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7&session= Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff4ac8ed78f1c8cd424a31a787358344930077150c7aed42c1fdcd35749aec3a Request headers Referer https://unsafe.sh/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 286 alt-svc h3=":443"; ma=86400 cache-control max-age=600 cf-cache-status DYNAMIC cf-ray 80682c068cdf0404-FRA content-encoding br content-type text/html; charset=utf-8 date Thu, 14 Sep 2023 11:08:26 GMT expires Thu, 07 Sep 2023 02:36:16 GMT last-modified Fri, 11 Feb 2022 15:29:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ho9CuQ0i%2BECpSneQj6OXsdO%2FeMXLXXawmouzNM36itgYomKBBSwFkqLZIsAOHhAyt3TWuDkYkNW%2FOUiu5HByKbNKuytCfzd%2Beg%2F1OZtCsKGlLm7BUNJMC%2BzeSWeL%2FN%2FrVGTep%2FeOLEnzIA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 1 x-fastly-request-id a085275428c1b2ccb897ca600441fe535af76423 x-github-request-id 5F2C:54C0:15CD4B2:164D819:64F934C8 x-proxy-cache MISS x-served-by cache-fra-eddf8230122-FRA x-timer S1694689706.018232,VS0,VE2
GET H3	200	utterances.6ec01640.js Show response utteranc.es/ Frame FD3F	23 KB 9 KB	26ms 26ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://utteranc.es/utterances.6ec01640.js Requested by Host: utteranc.es URL: https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-103435.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-103435&title=FreeBuf%E6%97%A9%E6%8A%A5+%7C+%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7&description=FreeBuf%E6%97%A9%E6%8A%A5+%7C+%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7&og%3Atitle=FreeBuf%E6%97%A9%E6%8A%A5+%7C+%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7&session= Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 373c79e86c94f0c31424633e5b225a4e9c537b8106e570835f2522f3542109a3 Request headers Referer https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-103435.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-103435&title=FreeBuf%E6%97%A9%E6%8A%A5+%7C+%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7&description=FreeBuf%E6%97%A9%E6%8A%A5+%7C+%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7&og%3Atitle=FreeBuf%E6%97%A9%E6%8A%A5+%7C+%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7&session= Origin https://utteranc.es accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers x-fastly-request-id 830f4cdff0b62e8a95efc8d0ee3554a1914cc7c8 date Thu, 14 Sep 2023 11:08:26 GMT via 1.1 varnish content-encoding br expires Tue, 12 Sep 2023 01:48:01 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 538 x-cache HIT x-proxy-cache HIT alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230069-FRA last-modified Fri, 11 Feb 2022 15:29:47 GMT server cloudflare x-github-request-id 4CDA:7EE3:370854E:38CC359:6487FD93 x-timer S1687959657.085338,VS0,VE0 etag W/"620680eb-5ae2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8621jjrSliiqvGz8HQzmSw0SaMXljbI9I8qiXqXoShge3awi2f4oaJo2R5JnRTz0KQqzCwbxxkPs%2FyVliZBhPlZMbht8yHuUiF8wZVvOmsizRM7aPBSqcupo1ejYHa3k1Vw6adf7cIaLNQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 80682c06bd3e0404-FRA x-cache-hits 2
GET H2	200	issues Show response api.github.com/search/ Frame FD3F	73 B 1 KB	221ms 143ms	Fetch application/json	140.82.121.5 GITHUB
General Check archive.org Show headers Download Go to Full URL https://api.github.com/search/issues?q=%22go-103435%22%20type%3Aissue%20in%3Atitle%20repo%3Acode-scan%2Futteranc&sort=created&order=asc Requested by Host: utteranc.es URL: https://utteranc.es/utterances.6ec01640.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 140.82.121.5 Frankfurt am Main, Germany, ASN36459 (GITHUB, US), Reverse DNS lb-140-82-121-5-fra.github.com Software GitHub.com / Resource Hash 08c082fdf7ca87ba911a2aabb0f0cf2d3e482a6feeaac9713e4578c20b2600b2 Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 0 Request headers Accept application/vnd.github.v3+json Referer https://utteranc.es/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 11:08:26 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff content-security-policy default-src 'none' content-encoding gzip x-ratelimit-used 1 x-github-api-version-selected 2022-11-28 x-github-media-type github.v3; format=json content-length 82 x-xss-protection 0 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin server GitHub.com x-github-request-id 87F0:0EF9:28A2B09:2914F7D:6502E9AA vary Accept, Accept-Encoding, Accept, X-Requested-With x-frame-options deny content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset cache-control no-cache x-ratelimit-resource search x-ratelimit-reset 1694689766 x-ratelimit-limit 10 accept-ranges bytes x-ratelimit-remaining 9
GET H3	200	utterances.css utteranc.es/stylesheets/themes/github-light/ Frame FD3F	38 KB 9 KB	20ms 19ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://utteranc.es/stylesheets/themes/github-light/utterances.css Requested by Host: utteranc.es URL: https://utteranc.es/utterances.6ec01640.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4be56c4af49082f20845d665dfc0051dcad7e28c9d766060b4265c00da7ef025 Request headers Referer https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-103435.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-103435&title=FreeBuf%E6%97%A9%E6%8A%A5+%7C+%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7&description=FreeBuf%E6%97%A9%E6%8A%A5+%7C+%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7&og%3Atitle=FreeBuf%E6%97%A9%E6%8A%A5+%7C+%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7&session= Origin https://utteranc.es accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers x-fastly-request-id e1d82c7a59d7e4765604414d7962e1d6b2376262 date Thu, 14 Sep 2023 11:08:26 GMT via 1.1 varnish content-encoding br expires Wed, 23 Aug 2023 02:10:23 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 538 x-cache HIT x-proxy-cache MISS alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230090-FRA last-modified Fri, 11 Feb 2022 15:29:47 GMT server cloudflare x-github-request-id F3A0:1E63:701593:728582:64E56837 x-timer S1693560003.496241,VS0,VE0 etag W/"620680eb-98b5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMD2CaD9B6gQC22H8iTIuuVITuxl5RHI23Kkyek1WxsLxPsbPoT9PEYWVKCJinnSi%2Fq3ozZP8K2PDRx6IdXpuUH660QUsGjznkr8%2FikeDCqwSdSY4VkqpRTk9IvvIp8VTUMwIsvP1V9%2FMQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 80682c06fd930404-FRA x-cache-hits 3
GET DATA	200 OK	truncated / Frame FD3F	386 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1fe0342a2e41fc9d12f43964cd18eb8a40af90ea98854b1c27537f859384f842 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	359ms 359ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1977203146&si=d7825adf12943cb1a605f0ede6c31ce8&v=1.3.0&lv=1&sn=20143&r=0&ww=1600&u=https%3A%2F%2Funsafe.sh%2Fgo-103435.html&tt=FreeBuf%E6%97%A9%E6%8A%A5%20%7C%20%E7%BE%8E%E5%9B%BD%E7%A7%B0%E4%BF%84%E7%BD%97%E6%96%AF%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E5%A4%9A%E4%B8%AA%E5%9B%BD%E9%98%B2%E9%83%A8%E6%89%BF%E5%8C%85%E5%95%86%EF%BC%9BTrickbot%E9%92%88%E5%AF%B960%E5%AE%B6%E5%90%8D%E4%BC%81%E5%AE%A2%E6%88%B7 Requested by Host: unsafe.sh URL: https://unsafe.sh/go-103435.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://unsafe.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 Sep 2023 11:08:27 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture number| uidEvent object| bootstrap function| $ function| jQuery object| _hmt string| uri number| hour function| includeCss function| switchmode function| AutoMode function| switchmodeBtn object| banners object| errImage function| randomImage string| noteId function| Viewer function| AutoSize object| hljs function| CacheImages object| img object| links object| link object| linkImgs function| addCollect object| imgs function| deleteContent boolean| _bdhm_loaded_d7825adf12943cb1a605f0ede6c31ce8 object| mini_tangram_log_5s60i7

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			unsafe.sh/	1969-12-31 23:59:59	Name: beegosessionID Value: 7f85422b8328dbbbac780b49d53166dc
			.hm.baidu.com/	1970-01-21 00:20:49	Name: HMACCOUNT_BFESS Value: C55AE3C1728F210F
			.unsafe.sh/	1970-01-20 23:30:25	Name: Hm_lvt_d7825adf12943cb1a605f0ede6c31ce8 Value: 1694689708
			.unsafe.sh/	1969-12-31 23:59:59	Name: Hm_lpvt_d7825adf12943cb1a605f0ede6c31ce8 Value: 1694689708

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8aqnet.cdn.bcebos.com
api.github.com
code.jquery.com
hm.baidu.com
unsafe.sh
utteranc.es
103.235.46.191
140.82.121.5
157.148.65.35
2001:4de0:ac18::1:a:1a
2606:4700:3032::6815:1558
2a06:98c1:3120::3
0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657
08c082fdf7ca87ba911a2aabb0f0cf2d3e482a6feeaac9713e4578c20b2600b2
1fe0342a2e41fc9d12f43964cd18eb8a40af90ea98854b1c27537f859384f842
373c79e86c94f0c31424633e5b225a4e9c537b8106e570835f2522f3542109a3
4a2fe5669ce5196d02b5faa73b22225a3858a1e31422e8bb3324744f19671ecb
4be56c4af49082f20845d665dfc0051dcad7e28c9d766060b4265c00da7ef025
4d869491434bb01e5ed929066e8a3bf3f2c6d6282c4649c837fed48110f399c9
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
8c8750264db5673b91394a4a632e848704b1dec4809c1d50ae67e089f5f1fb51
8f27b2160255b0a3bbe960f0af6a1772a8514e2b3ba0acbeea1e622ebb5f3e4a
b54296ee0f649e3e92bbd8ceebccf8e88f6cab5bf188bd2f8f0ecd4734f94e60
becf4735a5cc67e08fa8d74c6f333b7d78d0cf9209e6415451435336d28495e9
c6fa976a3bb8c3ba5bececf394c0a68b7663b55f79c7b348184a70c910311a24
cacb306a77c19c8f96b319d7d8e2046cff66e80a3704b21d4b698b48b1ebe7f0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e834a13ac986a3310a46e82f10f1c4d55d1c9bc44b695f4251d1e60c18004ec3
f36e0332898e1f23f085fb5da06939f26b2fd57e99c306e9c1f4ad3b17efcf34
f4113b9e3f6f31774a00a7715e01a756d4c816292f35da56f89ad04bdbeed2a2
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f9adbe4058414e8c08bffc8cbe1454c422f6152c1488237d290a08ffe5f65400
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff4ac8ed78f1c8cd424a31a787358344930077150c7aed42c1fdcd35749aec3a