shop.hak5.org Open in urlscan Pro
23.227.38.74 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://shop.hak5.org/blogs/payloads/everything-password-stealer
Submission: On January 12 via manual (January 12th 2024, 2:59:19 am UTC) from PH — Scanned from CA

Summary HTTP 236 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 57 IPs in 6 countries across 47 domains to perform 236 HTTP transactions. The main IP is 23.227.38.74, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is shop.hak5.org.
TLS certificate: Issued by R3 on December 1st 2023. Valid for: 3 months.

This is the only time shop.hak5.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.253.122.95 172.253.122.95	15169 (GOOGLE) (GOOGLE)
1 3	172.253.122.99 172.253.122.99	15169 (GOOGLE) (GOOGLE)
57	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
1 2	104.16.125.175 104.16.125.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.26.4.219 104.26.4.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.104.173.243 172.104.173.243	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	142.250.31.138 142.250.31.138	15169 (GOOGLE) (GOOGLE)
1	54.243.238.66 54.243.238.66	14618 (AMAZON-AES) (AMAZON-AES)
5	142.251.16.94 142.251.16.94	15169 (GOOGLE) (GOOGLE)
9	172.253.62.94 172.253.62.94	15169 (GOOGLE) (GOOGLE)
1	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
2	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
2	185.146.173.20 185.146.173.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.167.155 142.251.167.155	15169 (GOOGLE) (GOOGLE)
1	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1	142.251.163.139 142.251.163.139	15169 (GOOGLE) (GOOGLE)
1 1	142.251.163.154 142.251.163.154	15169 (GOOGLE) (GOOGLE)
1	142.251.111.94 142.251.111.94	15169 (GOOGLE) (GOOGLE)
2	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
1	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
12 19	104.22.68.95 104.22.68.95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	95.216.147.64 95.216.147.64	24940 (HETZNER-AS) (HETZNER-AS)
8	104.197.53.66 104.197.53.66	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	13.33.165.53 13.33.165.53	16509 (AMAZON-02) (AMAZON-02)
1	159.89.51.155 159.89.51.155	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	13.226.139.67 13.226.139.67	16509 (AMAZON-02) (AMAZON-02)
2	169.150.236.99 169.150.236.99	60068 (CDN77 ^_^) (CDN77 ^_^)
1	104.21.36.65 104.21.36.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.192.153.252 34.192.153.252	14618 (AMAZON-AES) (AMAZON-AES)
1	18.67.21.187 18.67.21.187	16509 (AMAZON-02) (AMAZON-02)
1	172.64.160.31 172.64.160.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	18.245.96.11 18.245.96.11	16509 (AMAZON-02) (AMAZON-02)
2	13.226.139.18 13.226.139.18	16509 (AMAZON-02) (AMAZON-02)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	104.18.29.199 104.18.29.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.224.34.30 54.224.34.30	14618 (AMAZON-AES) (AMAZON-AES)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	54.156.145.102 54.156.145.102	14618 (AMAZON-AES) (AMAZON-AES)
1	34.195.54.46 34.195.54.46	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.42.177 104.18.42.177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	44.237.176.20 44.237.176.20	16509 (AMAZON-02) (AMAZON-02)
1	13.226.139.36 13.226.139.36	16509 (AMAZON-02) (AMAZON-02)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.88.26.53 52.88.26.53	16509 (AMAZON-02) (AMAZON-02)
2	142.251.163.93 142.251.163.93	15169 (GOOGLE) (GOOGLE)
3	18.67.17.24 18.67.17.24	16509 (AMAZON-02) (AMAZON-02)
1	35.175.40.141 35.175.40.141	14618 (AMAZON-AES) (AMAZON-AES)
3	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	104.26.4.247 104.26.4.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.139.27 13.226.139.27	16509 (AMAZON-02) (AMAZON-02)
6	104.18.33.45 104.18.33.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
236	57

44 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com

shop.hak5.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.122.99 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 23.227.60.200 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.125.175 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.26.4.219 (None, )

ASN13335 (CLOUDFLARENET, US)

reorder-master.hulkapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.173.243 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1764-243.members.linode.com

spa.spicegems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.31.138 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f138.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.238.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-238-66.compute-1.amazonaws.com

preorder-now.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.253.62.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.146.173.20 (Sweden)

ASN13335 (CLOUDFLARENET, US)

forms.shopifyapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.139 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f139.1e100.net

www.merchant-center-analytics.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.111.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.22.68.95 (None, ) 12 redirects

ASN13335 (CLOUDFLARENET, US)

shy.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.216.147.64 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.64.147.216.95.clients.your-server.de

app.easyquote.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.197.53.66 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.53.197.104.bc.googleusercontent.com

social-login.oxiapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.33.165.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-165-53.yto50.r.cloudfront.net

cdn.hextom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.51.155 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

app-easy-product-downloads.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.139.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-139-67.yto50.r.cloudfront.net

cdn.richpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.150.236.99 (Chicago, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-236-99.datapacket.com

gallery.cevoid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.36.65 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.verifypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.153.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-153-252.compute-1.amazonaws.com

services.nofraud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.21.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-21-187.yto50.r.cloudfront.net

d1liekpayvooaz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.160.31 (United States)

ASN13335 (CLOUDFLARENET, US)

app.backinstock.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

spcdn.incartupsell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.96.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-96-11.yto50.r.cloudfront.net

shopify-widget.route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.139.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-139-18.yto50.r.cloudfront.net

cdn.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.72.113 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.29.199 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sdk.postscript.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.224.34.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-34-30.compute-1.amazonaws.com

gdpr-mm-geolocation.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.145.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-145-102.compute-1.amazonaws.com

fsb.hextom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.54.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-54-46.compute-1.amazonaws.com

epb.hextom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.42.177 (None, )

ASN13335 (CLOUDFLARENET, US)

d-ipv6.mmapiws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.237.176.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-176-20.us-west-2.compute.amazonaws.com

api.richpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.139.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-139-36.yto50.r.cloudfront.net

pub-355091c9c4a36690e083.tracking.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.88.26.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-26-53.us-west-2.compute.amazonaws.com

ws-prod.richpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.93 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f93.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.67.17.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-17-24.yto50.r.cloudfront.net

api.postscript.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.175.40.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-40-141.compute-1.amazonaws.com

lsc.hextom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.26.4.247 (None, )

ASN13335 (CLOUDFLARENET, US)

files.elfsightcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

hakshop.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.139.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-139-27.yto50.r.cloudfront.net

assets-app.richpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.33.45 (None, )

ASN13335 (CLOUDFLARENET, US)

tracking.refersion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o142330.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2157	1 MB
44	hak5.org shop.hak5.org	466 KB
19	elfsight.com 12 redirects shy.elfsight.com — Cisco Umbrella Rank: 54658 static.elfsight.com — Cisco Umbrella Rank: 21843 files.elfsight.com — Cisco Umbrella Rank: 177122	442 KB
15	elfsightcdn.com files.elfsightcdn.com — Cisco Umbrella Rank: 89806	94 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	736 KB
9	refersion.com cdn.refersion.com — Cisco Umbrella Rank: 38925 pub-355091c9c4a36690e083.tracking.refersion.com tracking.refersion.com — Cisco Umbrella Rank: 45046	51 KB
9	richpanel.com cdn.richpanel.com — Cisco Umbrella Rank: 125453 api.richpanel.com — Cisco Umbrella Rank: 154920 ws-prod.richpanel.com — Cisco Umbrella Rank: 78472 assets-app.richpanel.com — Cisco Umbrella Rank: 144403	104 KB
8	postscript.io 1 redirects sdk.postscript.io — Cisco Umbrella Rank: 16692 api.postscript.io — Cisco Umbrella Rank: 24465	145 KB
8	oxiapps.com social-login.oxiapps.com — Cisco Umbrella Rank: 46616	26 KB
7	hextom.com cdn.hextom.com — Cisco Umbrella Rank: 17934 fsb.hextom.com — Cisco Umbrella Rank: 41629 epb.hextom.com — Cisco Umbrella Rank: 36282 lsc.hextom.com	56 KB
4	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3600 ekr.zdassets.com — Cisco Umbrella Rank: 4357	277 KB
4	easyquote.pw app.easyquote.pw	14 KB
3	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4303	22 KB
3	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1771	27 KB
3	hulkapps.com reorder-master.hulkapps.com — Cisco Umbrella Rank: 213954	15 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 6	9 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	3 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	69 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 597	7 KB
2	zendesk.com 1 redirects assets.zendesk.com — Cisco Umbrella Rank: 17246 hakshop.zendesk.com	1 KB
2	incartupsell.com spcdn.incartupsell.com — Cisco Umbrella Rank: 72447	51 KB
2	cevoid.com gallery.cevoid.com — Cisco Umbrella Rank: 168370	54 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	16 KB
2	shopifyapps.com forms.shopifyapps.com — Cisco Umbrella Rank: 88413	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	146 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	91 KB
2	herokuapp.com preorder-now.herokuapp.com — Cisco Umbrella Rank: 58477 gdpr-mm-geolocation.herokuapp.com — Cisco Umbrella Rank: 98406	27 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1326	2 KB
2	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 7773	20 KB
1	sentry.io o142330.ingest.sentry.io — Cisco Umbrella Rank: 28694	324 B
1	mmapiws.com d-ipv6.mmapiws.com — Cisco Umbrella Rank: 30948	266 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	2 KB
1	route.com shopify-widget.route.com — Cisco Umbrella Rank: 42361	13 KB
1	backinstock.org app.backinstock.org — Cisco Umbrella Rank: 17825	27 KB
1	cloudfront.net d1liekpayvooaz.cloudfront.net	55 KB
1	nofraud.com services.nofraud.com — Cisco Umbrella Rank: 44287	7 KB
1	verifypass.com cdn.verifypass.com — Cisco Umbrella Rank: 61801	2 KB
1	app-easy-product-downloads.fr app-easy-product-downloads.fr — Cisco Umbrella Rank: 246748	10 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 894	15 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 8688	455 B
1	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	1 KB
1	merchant-center-analytics.goog www.merchant-center-analytics.goog — Cisco Umbrella Rank: 5878	244 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173	2 KB
1	shop.app shop.app — Cisco Umbrella Rank: 5219	2 KB
1	spicegems.com spa.spicegems.com — Cisco Umbrella Rank: 499782	36 KB
236	47

	Domain	Requested by
57	cdn.shopify.com	shop.hak5.org cdn.shopify.com social-login.oxiapps.com
44	shop.hak5.org	shop.hak5.org
15	files.elfsightcdn.com
12	files.elfsight.com	12 redirects
8	social-login.oxiapps.com	shop.hak5.org social-login.oxiapps.com
6	tracking.refersion.com	shop.hak5.org
6	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
5	sdk.postscript.io	1 redirects cdn.shopify.com sdk.postscript.io
5	www.gstatic.com	www.google.com www.recaptcha.net www.gstatic.com
4	cdn.richpanel.com	shop.hak5.org cdn-shopify-script tracking-script-2
4	cdn.hextom.com	shop.hak5.org cdn.hextom.com
4	app.easyquote.pw	shop.hak5.org
4	shy.elfsight.com	shop.hak5.org shy.elfsight.com
3	stackpath.bootstrapcdn.com	social-login.oxiapps.com sdk.postscript.io
3	api.postscript.io	shop.hak5.org sdk.postscript.io
3	www.recaptcha.net	social-login.oxiapps.com www.gstatic.com www.recaptcha.net
3	static.elfsight.com	shy.elfsight.com
3	static.zdassets.com	assets.zendesk.com static.zdassets.com
3	reorder-master.hulkapps.com	shop.hak5.org
3	www.google.com	1 redirects shop.hak5.org www.gstatic.com
3	fonts.googleapis.com	shop.hak5.org sdk.postscript.io
2	www.youtube.com	shy.elfsight.com www.youtube.com
2	ws-prod.richpanel.com	shop.hak5.org
2	api.richpanel.com	shop.hak5.org
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	cdn.refersion.com	shop.hak5.org pub-355091c9c4a36690e083.tracking.refersion.com
2	spcdn.incartupsell.com	shop.hak5.org
2	gallery.cevoid.com	shop.hak5.org gallery.cevoid.com
2	cdn.jsdelivr.net	spa.spicegems.com cdn-shopify-script
2	forms.shopifyapps.com	shop.hak5.org
2	www.googletagmanager.com	shop.hak5.org www.googletagmanager.com
2	connect.facebook.net	shop.hak5.org connect.facebook.net
2	www.google-analytics.com	shop.hak5.org
2	unpkg.com	1 redirects shop.hak5.org
2	vjs.zencdn.net	shop.hak5.org
1	o142330.ingest.sentry.io	sdk.postscript.io
1	assets-app.richpanel.com
1	hakshop.zendesk.com	static.zdassets.com
1	lsc.hextom.com	shop.hak5.org
1	ekr.zdassets.com	assets.zendesk.com
1	pub-355091c9c4a36690e083.tracking.refersion.com	cdn.refersion.com
1	d-ipv6.mmapiws.com	shop.hak5.org
1	epb.hextom.com	shop.hak5.org
1	fsb.hextom.com	shop.hak5.org
1	gdpr-mm-geolocation.herokuapp.com	shop.hak5.org
1	assets.zendesk.com	1 redirects
1	cdnjs.cloudflare.com	shop.hak5.org
1	shopify-widget.route.com	shop.hak5.org
1	app.backinstock.org	shop.hak5.org
1	d1liekpayvooaz.cloudfront.net	shop.hak5.org
1	services.nofraud.com	shop.hak5.org
1	cdn.verifypass.com	shop.hak5.org
1	app-easy-product-downloads.fr	shop.hak5.org
1	static.criteo.net	shop.hak5.org
1	www.google.ca	shop.hak5.org
1	googleads.g.doubleclick.net	1 redirects
1	www.merchant-center-analytics.goog	www.googletagmanager.com
1	www.facebook.com	shop.hak5.org
1	www.googleadservices.com	www.googletagmanager.com
1	shop.app	shop.hak5.org
1	preorder-now.herokuapp.com	shop.hak5.org
1	spa.spicegems.com	shop.hak5.org
236	62

This site contains links to these domains. Also see Links.

Domain
www.pandectes.io
hak5.customerdesk.io
docs.hak5.org
downloads.hak5.org
payloadhub.com
payloadstudio.hak5.org
www.youtube.com
hak5.org
twitter.com
facebook.com
youtube.com
instagram.com
github.com
c2.hak5.org
payloads.hak5.org
www.facebook.com
pinterest.com
hakshop.com
account.shop.hak5.org

Subject Issuer	Validity	Valid
shop.hak5.org R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.shopify.com E1	`2024-01-06` - `2024-04-05`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-03` - `2024-07-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-23` - `2024-02-23`	a year	crt.sh
spa.spicegems.com R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.herokuapp.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
shop.app E1	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-21` - `2024-01-19`	3 months	crt.sh
forms.shopifyapps.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
merchant-center-analytics.goog GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
elfsight.com Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
app.easyquote.pw R3	`2023-12-28` - `2024-03-27`	3 months	crt.sh
oxiapps.com R3	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.hextom.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh
app-easy-product-downloads.fr R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
richpanel.com Amazon RSA 2048 M01	`2023-03-18` - `2024-04-15`	a year	crt.sh
gallery.cevoid.com R3	`2023-12-12` - `2024-03-11`	3 months	crt.sh
verifypass.com GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.nofraud.com Amazon RSA 2048 M02	`2023-03-13` - `2024-04-10`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
backinstock.org Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
spcdn.incartupsell.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.route.com Amazon RSA 2048 M01	`2023-04-23` - `2024-05-21`	a year	crt.sh
*.refersion.com Amazon RSA 2048 M01	`2023-03-13` - `2024-04-09`	a year	crt.sh
sdk.postscript.io GTS CA 1P5	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.tracking.refersion.com Amazon RSA 2048 M01	`2023-08-12` - `2024-09-08`	a year	crt.sh
zdassets.com E1	`2024-01-04` - `2024-04-03`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
postscript.io Amazon RSA 2048 M03	`2023-11-20` - `2024-12-17`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
files.elfsightcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
hakshop.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Frame ID: C910E45B49DE866F9610E3F98C1CA17F
Requests: 195 HTTP requests in this frame

Frame: https://shop.hak5.org/wpm@c3e06decw4db1e3a6p9888f859mdcd2346e/web-pixel-shopify-custom-pixel@0570/sandbox/modern/blogs/payloads/everything-password-stealer
Frame ID: 6130D230942115261F0FD9964550B578
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: E266126BC4E02F37370783F7CCF3030E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=shop.hak5.org&origin=onetag
Frame ID: 6D1C4BBDADBDC05C3070D28A3FBD70D6
Requests: 2 HTTP requests in this frame

Frame: https://pub-355091c9c4a36690e083.tracking.refersion.com/r.html
Frame ID: 252991A3B8C3F8FC21DC13182156F6F9
Requests: 2 HTTP requests in this frame

Frame: https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer
Frame ID: 56F35CF5A2EC346A3C0E4CE3DEAF6C6B
Requests: 5 HTTP requests in this frame

Frame: https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer
Frame ID: 1ECF82A517D4867A54082944077C8F3B
Requests: 5 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Frame ID: 5DD62B09A3327C0625924EEBF5EF8C77
Requests: 3 HTTP requests in this frame

Frame: https://sdk.postscript.io/desktop?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%2Cpopup_new_compliance_text&disclaimer=%7B%22privacy_policy%22%3A%7B%22text%22%3A%22Privacy+Policy%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fprivacy-policy%22%7D%2C%22terms_of_service%22%3A%7B%22text%22%3A%22Terms+of+Service%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fterms-of-service%22%7D%2C%22text%22%3A%22*By+providing+your+phone+number%2C+you+agree+to+receive+recurring+automated+marketing+text+messages+%28e.g.+cart+reminders%29+from+this+shop+and+third+parties+acting+on+its+behalf.+Consent+is+not+a+condition+to+obtain+goods+or+services.+Msg+%26+data+rates+may+apply.+Msg+frequency+varies.+Reply+HELP+for+help+and+STOP+to+cancel.+You+also+agree+to+the+%7Bterms_of_service%7D+and+%7Bprivacy_policy%7D.%22%7D&origin=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer
Frame ID: 4624EAB7A403DBAC074211AAE98C47FD
Requests: 7 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcCR2cUAAAAANS1Gpq_mDIJ2pQuJphsSQaUEuc9&co=aHR0cHM6Ly9zaG9wLmhhazUub3JnOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=vsmu2hrycikx
Frame ID: EF653A1D2396C595F70C49768B4942DA
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Everything Password Stealer - Hak5

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

236
Requests

94 %
HTTPS

0 %
IPv6

47
Domains

62
Subdomains

57
IPs

6
Countries

4689 kB
Transfer

11117 kB
Size

49
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pandectes.io/poweredbypandectes
Title: Powered by Pandectes

Search URL Search Domain Scan URL

URL: https://hak5.customerdesk.io/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://docs.hak5.org/
Title: Product Documentation

Search URL Search Domain Scan URL

URL: https://downloads.hak5.org/
Title: Software Downloads

Search URL Search Domain Scan URL

URL: https://payloadhub.com/

Search URL Search Domain Scan URL

URL: https://payloadstudio.hak5.org/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLW5y1tjAOzI26Hf-Z7mnhvuykaB2nstn4

Search URL Search Domain Scan URL

URL: https://hak5.org/blogs/payloads/tagged/usb-rubber-ducky
Title: USB Rubber Ducky

Search URL Search Domain Scan URL

URL: https://hak5.org/blogs/payloads/tagged/bash-bunny
Title: Bash Bunny

Search URL Search Domain Scan URL

URL: https://hak5.org/blogs/payloads/tagged/omg
Title: OMG

Search URL Search Domain Scan URL

URL: https://hak5.org/blogs/payloads/tagged/key-croc
Title: Key Croc

Search URL Search Domain Scan URL

URL: https://hak5.org/blogs/payloads/tagged/shark-jack
Title: Shark Jack

Search URL Search Domain Scan URL

URL: https://hak5.org/blogs/payloads/tagged/packet-squirrel
Title: Packet Squirrel

Search URL Search Domain Scan URL

URL: https://hak5.org/blogs/payloads/tagged/lan-turtle
Title: LAN Turtle

Search URL Search Domain Scan URL

URL: https://twitter.com/hak5

Search URL Search Domain Scan URL

URL: https://facebook.com/technolust

Search URL Search Domain Scan URL

URL: https://youtube.com/hak5

Search URL Search Domain Scan URL

URL: https://instagram.com/hak5gear

Search URL Search Domain Scan URL

URL: https://github.com/hak5/omg-payloads/tree/master/payloads/library/exfiltration/Everything-Password-Stealer
Title: Download

Search URL Search Domain Scan URL

URL: https://c2.hak5.org/
Title: Cloud C²

Search URL Search Domain Scan URL

URL: https://payloads.hak5.org/
Title: Submit

Search URL Search Domain Scan URL

URL: https://hak5.org/collections/mischief-gadgets?utm=payload-article

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Everything%20Password%20Stealer&url=https://shop.hak5.org/blogs/payloads/everything-password-stealer&via=hak5

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://shop.hak5.org/blogs/payloads/everything-password-stealer

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://shop.hak5.org/blogs/payloads/everything-password-stealer&description=https://github.com/hak5/omg-payloads/tree/master/payloads/library/exfiltration/Everything-Password-Stealer&media=//shop.hak5.org/cdn/shop/articles/omg-exfiltration_f4c541f8-5b19-4203-ae10-b1ded73b2b07_grande.png?v=1686077928

Search URL Search Domain Scan URL

URL: https://github.com/hak5
Title: payload repository

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=H6z9BXevsZg
Title: Hak5 tutorial video

Search URL Search Domain Scan URL

URL: https://hak5.org/pages/community
Title: Hak5 Community

Search URL Search Domain Scan URL

URL: https://hakshop.com/apps/tracktor/
Title: Track your Order

Search URL Search Domain Scan URL

URL: https://account.shop.hak5.org/
Title: B2B Login

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://unpkg.com/@videojs/themes@1/dist/forest/index.css HTTP 302
https://unpkg.com/@videojs/themes@1.0.1/dist/forest/index.css

Request Chain 93

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/630457502/?random=223114727&cv=11&fst=1705028352954&bg=ffffff&guid=ON&async=1&gtm=45be41a0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer&label=RpYMCOHM9JkYEJ6J0KwC&tiba=Everything%20Password%20Stealer%20-%20Hak5&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=1468863781.1705028353&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2Fblogs%2Fpayloads%2Feverything-password-stealer&fmt=3&ct_cookie_present=false&ocp_id=AaugZZOfA7qb6toPk4-LmAI&sscte=1&crd=&pscrd=Ek5DaEFJZ01ELXJBWVE4TVNTM095cjFKQVhFaVlBTU1ueHB3UUpOSTJDWHFTcURDSGdvd0t2Y0hVSWJ1eDU0NGVrT2lYa3NhVTltTXNSd3caWENoQUlnTUQtckFZUWpyYUdxSUxCb0pJakVpNEFrMXBtQ2c1UmxnUll5OEVYNzllX0dydGJ4U25hTDBpbkxPZXc1YUg3SFFYYjdDUEdyemFKUVFVQWhpd0EiEwjTo8PK7daDAxW6jVoFHZPHAiM HTTP 302
https://www.google.com/pagead/1p-conversion/630457502/?random=223114727&cv=11&fst=1705028352954&bg=ffffff&guid=ON&async=1&gtm=45be41a0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer&label=RpYMCOHM9JkYEJ6J0KwC&tiba=Everything%20Password%20Stealer%20-%20Hak5&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=1468863781.1705028353&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2Fblogs%2Fpayloads%2Feverything-password-stealer&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ01ELXJBWVE4TVNTM095cjFKQVhFaVlBTU1ueHB3UUpOSTJDWHFTcURDSGdvd0t2Y0hVSWJ1eDU0NGVrT2lYa3NhVTltTXNSd3caWENoQUlnTUQtckFZUWpyYUdxSUxCb0pJakVpNEFrMXBtQ2c1UmxnUll5OEVYNzllX0dydGJ4U25hTDBpbkxPZXc1YUg3SFFYYjdDUEdyemFKUVFVQWhpd0EiEwjTo8PK7daDAxW6jVoFHZPHAiM&is_vtc=1&ocp_id=AaugZZOfA7qb6toPk4-LmAI&cid=CAQSGwAvHhf_aNNdQlGpbfo_99Guzdb55D44MGPvsQ&random=3282367815 HTTP 302
https://www.google.ca/pagead/1p-conversion/630457502/?random=223114727&cv=11&fst=1705028352954&bg=ffffff&guid=ON&async=1&gtm=45be41a0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer&label=RpYMCOHM9JkYEJ6J0KwC&tiba=Everything%20Password%20Stealer%20-%20Hak5&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=1468863781.1705028353&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2Fblogs%2Fpayloads%2Feverything-password-stealer&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ01ELXJBWVE4TVNTM095cjFKQVhFaVlBTU1ueHB3UUpOSTJDWHFTcURDSGdvd0t2Y0hVSWJ1eDU0NGVrT2lYa3NhVTltTXNSd3caWENoQUlnTUQtckFZUWpyYUdxSUxCb0pJakVpNEFrMXBtQ2c1UmxnUll5OEVYNzllX0dydGJ4U25hTDBpbkxPZXc1YUg3SFFYYjdDUEdyemFKUVFVQWhpd0EiEwjTo8PK7daDAxW6jVoFHZPHAiM&is_vtc=1&ocp_id=AaugZZOfA7qb6toPk4-LmAI&cid=CAQSGwAvHhf_aNNdQlGpbfo_99Guzdb55D44MGPvsQ&random=3282367815&ipr=y

Request Chain 124

https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 180

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/aa4aa023-c569-4a2d-9ca2-60c25a132074.png HTTP 301
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/aa4aa023-c569-4a2d-9ca2-60c25a132074.png

Request Chain 181

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/2aa8cfe8-0d9a-41b4-a9b3-72bae79bd521.png HTTP 301
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/2aa8cfe8-0d9a-41b4-a9b3-72bae79bd521.png

Request Chain 182

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/8eb4f26a-2adb-4bdb-b554-5e73f6d3069e.png HTTP 301
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/8eb4f26a-2adb-4bdb-b554-5e73f6d3069e.png

Request Chain 183

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/9b970a4b-23ae-492a-9c7f-38560d189ba0.png HTTP 301
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/9b970a4b-23ae-492a-9c7f-38560d189ba0.png

Request Chain 184

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/4fb9058b-642a-4802-a59c-f3668d0ce6be.png HTTP 301
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/4fb9058b-642a-4802-a59c-f3668d0ce6be.png

Request Chain 185

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/0a63d417-249d-447b-a2a2-af2575e7108b.png HTTP 301
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/0a63d417-249d-447b-a2a2-af2575e7108b.png

Request Chain 187

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/37f388ec-29b8-433a-9d5c-dee3d0a08e9c.png HTTP 301
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/37f388ec-29b8-433a-9d5c-dee3d0a08e9c.png

Request Chain 188

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/cd0e5cd7-3888-4b48-b65e-f15e3bccf1b9.png HTTP 301
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/cd0e5cd7-3888-4b48-b65e-f15e3bccf1b9.png

Request Chain 189

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/8ace2100-fcc3-46ba-a949-b44c7c98a01a.png HTTP 301
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/8ace2100-fcc3-46ba-a949-b44c7c98a01a.png

Request Chain 190

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/f8345d5a-b7a3-45a0-a9f6-8b1e975f57a4.png HTTP 301
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/f8345d5a-b7a3-45a0-a9f6-8b1e975f57a4.png

Request Chain 191

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/c44cad5f-ac9c-4537-b269-b37e1b718a84.png HTTP 301
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/c44cad5f-ac9c-4537-b269-b37e1b718a84.png

Request Chain 192

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/d9fe5457-c435-4e01-861d-557dfccb08e0.png HTTP 301
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/d9fe5457-c435-4e01-861d-557dfccb08e0.png

Request Chain 198

https://sdk.postscript.io/desktop.html?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%2Cpopup_new_compliance_text&disclaimer=%7B%22privacy_policy%22%3A%7B%22text%22%3A%22Privacy+Policy%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fprivacy-policy%22%7D%2C%22terms_of_service%22%3A%7B%22text%22%3A%22Terms+of+Service%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fterms-of-service%22%7D%2C%22text%22%3A%22*By+providing+your+phone+number%2C+you+agree+to+receive+recurring+automated+marketing+text+messages+%28e.g.+cart+reminders%29+from+this+shop+and+third+parties+acting+on+its+behalf.+Consent+is+not+a+condition+to+obtain+goods+or+services.+Msg+%26+data+rates+may+apply.+Msg+frequency+varies.+Reply+HELP+for+help+and+STOP+to+cancel.+You+also+agree+to+the+%7Bterms_of_service%7D+and+%7Bprivacy_policy%7D.%22%7D&origin=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer HTTP 308
https://sdk.postscript.io/desktop?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%2Cpopup_new_compliance_text&disclaimer=%7B%22privacy_policy%22%3A%7B%22text%22%3A%22Privacy+Policy%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fprivacy-policy%22%7D%2C%22terms_of_service%22%3A%7B%22text%22%3A%22Terms+of+Service%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fterms-of-service%22%7D%2C%22text%22%3A%22*By+providing+your+phone+number%2C+you+agree+to+receive+recurring+automated+marketing+text+messages+%28e.g.+cart+reminders%29+from+this+shop+and+third+parties+acting+on+its+behalf.+Consent+is+not+a+condition+to+obtain+goods+or+services.+Msg+%26+data+rates+may+apply.+Msg+frequency+varies.+Reply+HELP+for+help+and+STOP+to+cancel.+You+also+agree+to+the+%7Bterms_of_service%7D+and+%7Bprivacy_policy%7D.%22%7D&origin=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer

236 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request everything-password-stealer Show response
shop.hak5.org/blogs/payloads/ 245 KB
52 KB 171ms
105ms Document
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

a3f06ab6cec04a6290ab7282fa2b74f48cd73ff12e19c7dd5ee31b06be696f0f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8442245e8c26713f-YUL
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Fri, 12 Jan 2024 02:59:11 GMT
etag: W/"cacheable:610a3c384422ebe9023121786326ae51"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Z4OmPLaC2VKgNIn%2F3aUfXMOT2yuIcOa1LZe7j8UnENGTcmBLtZ%2BnnJeSTBptv97VKuyhPuyq%2B1bMKFPvoWWa34tZT%2FBjXjer7bGg3f6IkLRjW0Z2OY54nSzHMegDXM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=22, db;dur=8, asn;desc="212238", edge;desc="YUL", country;desc="CA", theme;desc="120632574065", pageType;desc="article", servedBy;desc="hk2n", requestID;desc="ba379b14-d896-4b25-9615-f8cfe5eb9a0a" cfRequestDuration;dur=81.000090, earlyhints
strict-transport-security: max-age=7889238
vary: Accept
x-cache: hit, server
x-content-type-options: nosniff
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: ba379b14-d896-4b25-9615-f8cfe5eb9a0a
x-shardid: 112
x-shopid: 682142
x-shopify-stage: production
x-sorting-hat-podid: 112
x-sorting-hat-shopid: 682142
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

GET
H2 200 easylockdown-1.0.5.min.js Show response
shop.hak5.org/apps/easylockdown/ 114 KB
40 KB 218ms
212ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/apps/easylockdown/easylockdown-1.0.5.min.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4a334d2153866ad7109f9d07b18565cf99c878c1820b399c7e9b1cd0df24e380

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-northamerica-northeast2,gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
server-timing: cfRequestDuration;dur=190.999985
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: fcb18c04-575f-40eb-accc-17939462af69
last-modified: Fri, 12 Jan 2024 02:59:12 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcCHAq70tBghXMnA87WYsFFdsLUPo8OeSY%2BgV1Qg%2Fc8NCpTKfCpUAo%2BtFwcqBkgDuiAxxBHFQVd9UqDVD6RQ%2BQoZeVU5oNEK2Y2gYEWRleNlLE3wXZw%2B4Wvlk4pbAKC%2BzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8442245f9d96713f-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0675/3543/8059/files/easylockdown-1.0.5.min.js>; rel="canonical"
x-sorting-hat-podid: 112

GET
H2 200 css
fonts.googleapis.com/ 11 KB
917 B 216ms
51ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

c7da790b85b438239398e46c9872bf2771a48a8d30885286425e13dec3946133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 02:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 02:59:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 02:59:12 GMT

GET
H2 200 styles.scss.css
shop.hak5.org/cdn/shop/t/57/assets/ 155 KB
30 KB 45ms
38ms Stylesheet
text/css 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cdn/shop/t/57/assets/styles.scss.css?v=39121934190423622991700362668

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

a68d5cdbe7e2978bfad30044a9521c7bed561cd62a300ac1fdc6d37c5d02efa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 1930629
content-encoding: br
server-timing: imagery;dur=1049.833, imageryFetch;dur=62.531, imageryProcess;dur=961.374;desc="scss", cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 3d7a8af2-a07f-44c8-9327-d08534e2b7e4
last-modified: Wed, 29 Nov 2023 07:09:40 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tudDas0H%2FfWEl1v8K0E49Vl8AgJPAOQiZ8Ts53fnjO1wUvcTT%2FKzGw4QpAdIQuHpaUOXdYDj8FDjf9UcU7mWEfoIl6XVDzueL%2FT1RwkZNbMs9y1v34zYd1K4nxxsfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8442245f9dac713f-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/57/assets/styles.scss.css>; rel="canonical"
x-sorting-hat-podid: 112

GET
H3 200 preloads.js Show response
shop.hak5.org/checkouts/internal/ 3 KB
2 KB 45ms
44ms Script
application/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

540039b18a51e4ea1dc906b958f5af212d13fa30cd4fd2b8c76f9f5d61b7b69a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmCj1EWIJqenUkmfZZH6%2FmN3ukALZU%2Br6xivkTd7eMjP3eQQ1Pam8JiivrclNQEXsAP2OHyxeoDeeI5FF6DZbdnTEAps49KJIyqWH278MN9iiB2fDSZna39btUNFBRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; encoding=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
server-timing: cfRequestDuration;dur=18.999815
timing-allow-origin: *
cf-ray: 8442246118267133-YUL
alt-svc: h3=":443"; ma=86400

GET
H3 200 load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js Show response
shop.hak5.org/cdn/shopifycloud/shopify/assets/storefront/ 12 KB
4 KB 44ms
36ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 7760
content-encoding: br
server-timing: imagery;dur=21.921, imageryFetch;dur=21.235, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 581b3ddd-fe05-4b44-95ba-5423be3c1cf1
last-modified: Fri, 12 Jan 2024 00:49:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2w3M1qILO4KnzQRHHdu8MdzFUYP6OPhk5xuUXrLnO6Bwd7WiTekEA%2B3K0y3%2FSD3p%2F9RAs4hu2dskoL7ptehtgP6%2F4B4tqknCRuzckarRzoBaoG5Rwqi71yHA7%2FExBYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 8442246158817133-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js Show response
shop.hak5.org/cdn/shopifycloud/shopify/assets/shopify_pay/ 49 KB
19 KB 71ms
62ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 16485
content-encoding: br
server-timing: imagery;dur=106.470, imageryFetch;dur=27.660, cfRequestDuration;dur=11.000156
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 629d54d5-1e7a-4125-b007-e2c6fafab053
last-modified: Thu, 16 Nov 2023 20:27:35 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVOPBeQgqIX3MbfS53t6Z3M1xeGeLighaVyxLEuxB%2BtLfd6GUa1zlrreeFg%2BE6E5EO9TWecRR55QST6AKvijkzzol9E34ZQHWNddcWM5PnX%2FN8Pl42WH9M7AcrFAn7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 8442246158827133-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js Show response
shop.hak5.org/cdn/shopifycloud/shopify/assets/storefront/ 37 KB
14 KB 95ms
87ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 12115
content-encoding: br
server-timing: imagery;dur=151.511, imageryFetch;dur=26.945, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 06335951-4c27-4ccc-8dfd-8614c00b4041
last-modified: Thu, 11 Jan 2024 23:37:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0VcCosChJ8%2FYcbWI8hwH5rZpahqWmoshyyfCN95gdCU%2Bts3oheTch5BhCvi20yUnsuICCkzlSooLnwgH8gMtXRTxdItCf366oZQnBaDpBEAQWa0gQ%2FynSoJ3anqZig%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 8442246158837133-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 218ms
54ms Script
text/javascript 172.253.122.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f99.1e100.net

Software

GSE /

Resource Hash

c0a8f2cd747b6b9cd15d4007388817291906a6b8b1c70b2bc39a64e603809b77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 02:59:12 GMT

GET
H2 200 jquery.mCustomScrollbar.css
cdn.shopify.com/s/files/1/0068/2142/t/32/assets/ 42 KB
5 KB 57ms
51ms Stylesheet
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/32/assets/jquery.mCustomScrollbar.css

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

1397ad083167363d53f45b76986491251b67b23c2a0e081a5afe752d56b264fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 6108346
content-encoding: br
server-timing: imagery;dur=25.256, imageryFetch;dur=20.583, cfRequestDuration;dur=14.999866
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 92a43ee2-1762-45c8-95da-deda3eb3291b
last-modified: Thu, 02 Nov 2023 10:11:30 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clTTagobXmuWnGqBFjVEDyKwaPq%2BaQ%2FDNgvYt11lyKXUUwrXgXAnXD9K75GK6uWAyeDpU1n7UkTPz2HaSlY%2FVgrQIb4RhkfYyvl9dk9bKgndGNjLHKAS0w4%2B%2BepOupcguw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/32/assets/jquery.mCustomScrollbar.css>; rel="canonical"
cf-ray: 8442245f9dcb39f8-YYZ

GET
H2 200 playlist_bottom.css
cdn.shopify.com/s/files/1/0068/2142/t/32/assets/ 3 KB
1 KB 39ms
32ms Stylesheet
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/32/assets/playlist_bottom.css

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

bf8228700ceab203fba24c97e18efa5fdb37cbdbb0d258164f47e760ab36b6bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 119550
content-encoding: br
server-timing: imagery;dur=54.312, imageryFetch;dur=53.074, cfRequestDuration;dur=14.999866
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8d5b5c07-c847-422d-ae55-46b8e28354e4
last-modified: Wed, 29 Nov 2023 08:58:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1x2noydMp94in2cAzaBP0hqKzqw7UfXAh1yyQWd%2FaE3Jw8UaQN7B5spihuhSmr%2BxPCSgbI1%2BAg%2BHh%2B3I%2BtsyqtBzH%2FgN1Fqi3nwYPciikGJpcjzeX1vjAPgVKsimROhAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/32/assets/playlist_bottom.css>; rel="canonical"
cf-ray: 8442245f9dce39f8-YYZ

GET
H2 200 jquery.mCustomScrollbar.concat.min.js Show response
cdn.shopify.com/s/files/1/0068/2142/t/32/assets/ 44 KB
13 KB 63ms
57ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/32/assets/jquery.mCustomScrollbar.concat.min.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 15971
content-encoding: br
server-timing: imagery;dur=111.148, imageryFetch;dur=84.805, cfRequestDuration;dur=16.999960
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 454f9370-0ea9-485d-a289-08b1e4567d95
last-modified: Thu, 11 Jan 2024 22:31:58 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKMrftNfkBBCfEOhOUQ72CLkB8hCs3mAvatN5FSX%2F5A0E2itV9txIWeGKhkBkvXkoCWbtULXed2HJXgL5HstY2rnFkyDGTItDOCU70mSlw5lhtddDeTwvpG2Mgydf6O0BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/32/assets/jquery.mCustomScrollbar.concat.min.js>; rel="canonical"
cf-ray: 8442245f9dd639f8-YYZ

GET
H2 200 jquery.dotdotdot.min.js Show response
cdn.shopify.com/s/files/1/0068/2142/t/32/assets/ 6 KB
3 KB 63ms
57ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/32/assets/jquery.dotdotdot.min.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

a0bb8cec018f9f3fb84eea9cf2559b224ed8b9dfba4e61e290af509500174962

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 11659
content-encoding: br
server-timing: imagery;dur=69.335, imageryFetch;dur=68.594, cfRequestDuration;dur=15.999794
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b0003c4f-73c7-4297-988d-7cf1726051a3
last-modified: Thu, 11 Jan 2024 23:27:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWpp2IhrWJdH3akqRxbvk7bNDmkHEjnHQf1kfLzf8A26FxTD97LSHKyVQlE9Sg7Lqg%2Fk1EkGLafdtkVDLzEooSBKKxhocJJ3ugiEQsZLbfuS945ykxicYyhzFQRQhOetFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/32/assets/jquery.dotdotdot.min.js>; rel="canonical"
cf-ray: 8442245f9dd739f8-YYZ

GET
H2 200 new.js Show response
cdn.shopify.com/s/files/1/0068/2142/t/32/assets/ 32 KB
11 KB 37ms
32ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/32/assets/new.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

09c8ce1a6512d65da04c187053a1b8f845834fa58085a75db69581c06e732768

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 17968
content-encoding: br
server-timing: imagery;dur=75.275, imageryFetch;dur=65.137, cfRequestDuration;dur=12.999773
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9b96d05d-7bf2-46f2-985c-27a02ff36b64
last-modified: Thu, 11 Jan 2024 21:42:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpEf%2F%2BTSmIMeTVcSYQAW%2F84zUclqWChuAuM%2FApND2tpBeJMOEEBKeQmED6ugeh4%2FACMiGu1%2FPsCxEP4gzpguSBjx%2F9u2BcR%2FVxadVx67Rge6UHvbH0m0LQbLGJlpOrGT1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/32/assets/new.js>; rel="canonical"
cf-ray: 8442245f9dd939f8-YYZ

GET
H2 200 video-js.css
vjs.zencdn.net/7.8.4/ 44 KB
11 KB 175ms
17ms Stylesheet
text/css 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.8.4/video-js.css
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5ead814b213a977667a2d801ed60313d28ad913178384faf945b4b9859a6cccc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by: cache-yyz4541-YYZ
date: Fri, 12 Jan 2024 02:59:12 GMT
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 20:29:36 GMT
etag: "397a94bb87dfd0a64ba4d3d502912e4a"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 10738
x-cache-hits: 66

GET
H2 200 videojs-ie8.min.js Show response
vjs.zencdn.net/ie8/1.1.2/ 27 KB
9 KB 175ms
18ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/ie8/1.1.2/videojs-ie8.min.js
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by: cache-yyz4541-YYZ
date: Fri, 12 Jan 2024 02:59:12 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2016 20:27:09 GMT
etag: "2ff9bb22f0b1789ac170247b0825488f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 8924
x-cache-hits: 1807

GET
H2

200

index.css
unpkg.com/@videojs/themes@1.0.1/dist/forest/
Redirect Chain

https://unpkg.com/@videojs/themes@1/dist/forest/index.css
https://unpkg.com/@videojs/themes@1.0.1/dist/forest/index.css

5 KB
1 KB

28ms
27ms

Stylesheet
text/css

104.16.125.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@videojs/themes@1.0.1/dist/forest/index.css

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Server

104.16.125.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85ea9da0a74f01fd6b4d7949be984a901049af62bf5d84208310f506dd3fab79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3782874
last-modified: Wed, 28 Oct 2020 04:24:35 GMT
fly-request-id: 01HGD23R7B97EQ17SR7J8M7CCE-yyz
server: cloudflare
etag: W/"1261-TREtap8czYudjMboZWzHkoZFOgs"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84422460c82139f8-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HKXSF493TSCHS5EPXZHCFGC2-yyz
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 289
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@videojs/themes@1.0.1/dist/forest/index.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 844224609fc139f8-YYZ

GET
H2 200 css
fonts.googleapis.com/ 25 KB
2 KB 207ms
45ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Manjari:400,700|Nunito:300,400,600,700,800|Roboto:300,400,500,700,900&display=swap

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

d48e730d486442e62bffc6a3f974a1dc471aed6aabb79a34319fa4ef749d12e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 02:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 02:43:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 02:59:12 GMT

GET
H2 200 re-order.css
reorder-master.hulkapps.com/css/ 10 KB
3 KB 191ms
30ms Stylesheet
text/css 104.26.4.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://reorder-master.hulkapps.com/css/re-order.css?v=2022-11-18%2023:02:07

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98a40cf80aa5bfade5c0dc85598b1764f38307c556763460075beaf7933991af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2753
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Wed, 10 Jan 2024 11:25:52 GMT
server: cloudflare
etag: W/"659e7ec0-28f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfKP5xHMIW6R0CRus0bCuU4q1dNsteDL3dS0oGcH97HdlQGRuPr0ZaoaWtw8DiSLri4z4UWH79b58ZV6Ra58RuQek4UDypI71c4XWaZ2%2B%2BQLwCzxZjgq87DzHIC7l8lSLbl7%2FP2capLFwwNmbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84422460989ca24c-YYZ

GET
H2 200 scriptTag.js Show response
spa.spicegems.com/js/src/latest/hakshop.myshopify.com/ 152 KB
36 KB 787ms
258ms Script
application/javascript 172.104.173.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://spa.spicegems.com/js/src/latest/hakshop.myshopify.com/scriptTag.js?shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.104.173.243 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1764-243.members.linode.com
Software: nginx /
Resource Hash: 9471209acb1fa53c10480ba192b56b2729a3ba5cfe0c78934c7cc3bc404b09e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
content-encoding: gzip
last-modified: Wed, 13 Sep 2023 23:09:33 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
expires: Fri, 12 Jan 2024 03:04:12 GMT

GET
H2 200 revicons.woff
cdn.shopify.com/s/files/1/0068/2142/t/60/assets/ 6 KB
7 KB 35ms
31ms Font
font/woff2 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/revicons.woff?5510888

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

7571376bf98e89037bb1158983f35eeab3f4f449cb970a6809d7100230004afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 3765166
server-timing: imagery;dur=103.347, imageryFetch;dur=61.626, imageryProcess;dur=41.178;desc="font", cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
content-length: 6252
x-xss-protection: 1; mode=block
x-request-id: 971bdb65-0edd-41c5-a998-1bd25c4e05c7
last-modified: Fri, 10 Nov 2023 12:47:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFlUJHzZ8G124U2Gh4DWEg4o2egKEOxivznep5%2B0w%2BjOtrj%2FSHk9RbooV0tfizW0C%2F1QA81HbD210t%2FFkee5rTM1IitcGGjBiSEMFwqmDiZ2lITkFwj%2By%2BvmbD13K5sRcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/revicons.woff>; rel="canonical"
cf-ray: 8442245f9dcc39f8-YYZ

GET
H2 200 fontawesome-webfont.woff2
cdn.shopify.com/s/files/1/0068/2142/t/60/assets/ 75 KB
76 KB 39ms
36ms Font
font/woff2 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 3608852
server-timing: imagery;dur=43.938, imageryFetch;dur=43.626, cfRequestDuration;dur=16.999960
alt-svc: h3=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
x-request-id: 7ffa128d-7cc4-4a84-b5cb-c96728a41b07
last-modified: Tue, 28 Nov 2023 11:56:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIpCllb1EJ6XDr3V6EdWO5CkqDjj1sH7wd4L8ygBdUDqfhO8gllK7Q0RAx%2FxH0d0w2WHn0y2uILsjRxxa6Rj%2BB34ZN0FsBuu4ohv3h5hXergENjf00ZzEOhPGq%2B6fFSUww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/fontawesome-webfont.woff2>; rel="canonical"
cf-ray: 8442245f9dd039f8-YYZ

GET
H2 200 font-awesome.css
cdn.shopify.com/s/files/1/0068/2142/t/60/assets/ 30 KB
7 KB 37ms
34ms Stylesheet
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/font-awesome.css?6.5.6.10

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

0ec592637d07f43de8601aa80623f3a985e43ee2728c9a4dffe25f4bcd7c3e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 3865046
content-encoding: br
server-timing: imagery;dur=167.454, imageryFetch;dur=161.876, cfRequestDuration;dur=14.999866
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9b0f9f0e-5f27-43ea-88df-ed7d6042ebf6
last-modified: Fri, 10 Nov 2023 11:12:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yYi2XrqdUMXtFscSU%2BdVYmAjz8tGuoTH3YlqhFf8%2FZax5jrpLP88oV7ePs8toUfbClRXw%2Bsih%2FFzT%2FZazG1D7xcTeUMlwcuU77cQd74akLYCBqBnZhJiLS9FhqitDLReQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/font-awesome.css>; rel="canonical"
cf-ray: 8442245f9dd139f8-YYZ

GET
H2 200 pe-icon-7-stroke.css
cdn.shopify.com/s/files/1/0068/2142/t/60/assets/ 8 KB
2 KB 36ms
33ms Stylesheet
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/pe-icon-7-stroke.css?6.5.6.10

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

b42e5c574240c0ad0e7586afcf6082367079ee8a684ac011c243cdf8e499f2c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 3696664
content-encoding: br
server-timing: imagery;dur=72.055, imageryFetch;dur=69.547, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 423cea91-b184-4d73-aadb-4ff46741b99a
last-modified: Thu, 02 Nov 2023 07:09:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbhWnxsOZAY58xRbi8TkY3L3rzmcy95npvzIfrnM%2FHVaznEaWxt2tBWlz0a4P%2B2ZIyE%2Bngm8VVjCQtDBGohts1QaBvmsiFp4Y%2B94ZmUEPjTE5Kb5YG50r59I%2BD%2FwzwxLMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/pe-icon-7-stroke.css>; rel="canonical"
cf-ray: 8442245f9dd239f8-YYZ

GET
H2 200 rs6.css
cdn.shopify.com/s/files/1/0068/2142/t/60/assets/ 48 KB
10 KB 55ms
53ms Stylesheet
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/rs6.css?6.5.6.10

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

9b43d97dfc62108ca01bffeb8601e812ef9fa6c2355ff53af29d66903ed8bd95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 3683846
content-encoding: br
server-timing: imagery;dur=89.701, imageryFetch;dur=83.145, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: cd3f0088-34ef-4336-98b9-41292d51deef
last-modified: Thu, 02 Nov 2023 03:12:55 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvsTg7AlqNhON8yqPJi9wBf3HnyQZ%2FFm9QLhydNBNCXR0e9Wuqic8Oxcye56OP0MypmxVR0O8EgqBiSsa9GNZRGeWaM3hVsaU91TlaU6Yh%2FtaD1YkZke8BzE2wITH7GlGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/rs6.css>; rel="canonical"
cf-ray: 8442245f9dd539f8-YYZ

GET
H2 200 loader.js Show response
cdn.shopify.com/extensions/109e66ff-7302-4a9f-a7b2-d08bd1d84b8d/forms-312/assets/ 1 KB
1 KB 52ms
41ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/109e66ff-7302-4a9f-a7b2-d08bd1d84b8d/forms-312/assets/loader.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

009912a961c667c55dec13ee2dd8865f78a337ca5ae3b1b4f6843d59d59b5046

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 19242
content-encoding: br
server-timing: imagery;dur=23.864, imageryFetch;dur=23.271, cfRequestDuration;dur=22.000074
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: db385027-ba4a-49af-8cf6-347cb45663a3
last-modified: Thu, 11 Jan 2024 21:38:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hw4RMlj68HL1mQHPoK%2FSCDBGP9opDhWL9zUKbgJyFYlE72fcBgkDxX3xyY8L8%2BNd%2FPeS%2FW2QvQGwCAXHLS%2FdGf10Na7jCfFMPQxobXrWCqFeh%2FXDvf7B3M4MpzRls3iOKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/extensions/109e66ff-7302-4a9f-a7b2-d08bd1d84b8d/forms-312/assets/loader.js>; rel="canonical"
cf-ray: 84422461593639f8-YYZ

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 123ms
37ms Script
text/javascript 142.250.31.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.138 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jan 2024 01:47:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4324
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 12 Jan 2024 03:47:08 GMT

GET
H2 200 logo2_mobile_hak5_410x.png
shop.hak5.org/cdn/shop/files/ 3 KB
4 KB 49ms
47ms Image
image/avif 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/files/logo2_mobile_hak5_410x.png?v=1613786566

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

ceb2c756a101dce483659e2e6113db2ea54dcc03f23b0cd65a2b42771b88c2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 2358688
source-type: image/png
server-timing: imagery;dur=161.623, imageryFetch;dur=68.462, imageryProcess;dur=92.397;desc="image", cfRequestDuration;dur=19.000053
source-length: 6196
content-length: 3540
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: db8d0871-95a8-434c-9818-6da5f05f7f52
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 11:13:05 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80IAdd5AA%2FAl%2Bp2Z0dpuNCj6IwPBbwrferm7YIM%2BXC0ruTLugfkW8q4Y79Xym2atGRDiYllnxi2Maw6pBQy2ud3junyZi6TJ5Z3xhzs4t7Bnd5UZNTxwKe5qufOnF8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8442245f9dae713f-YUL
x-sorting-hat-podid: 112

GET
H2 200 logo_b_hak5_410x.png
shop.hak5.org/cdn/shop/files/ 9 KB
9 KB 40ms
39ms Image
image/avif 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/files/logo_b_hak5_410x.png?v=1613786565

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

5b68208c4636faea00d93ea7ae55d5a127f4c16b9ad58ee90309bde4db0c89c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 4219503
source-type: image/png
server-timing: imagery;dur=927.044, imageryFetch;dur=27.852, imageryProcess;dur=898.369;desc="image", cfRequestDuration;dur=13.999939
source-length: 22840
content-length: 9112
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 4ef34379-31ec-4c9d-aec0-a18a49512603
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 12:45:11 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u73qLMTjdYysT2Ik4sNTnEVguM12zZD1ODSTgHYPl9HSZ4g%2Btb8RER1hH7cPxNN8w%2BWQlLqXgnzHkQJ4TJmQimCHoWkPYCvC0wc1qHIKLUksrOo8aPx4frTU2g%2BTAok%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8442245f9daf713f-YUL
x-sorting-hat-podid: 112

GET
H2 200 logo1_hak5_410x.png
shop.hak5.org/cdn/shop/files/ 4 KB
4 KB 39ms
38ms Image
image/avif 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/files/logo1_hak5_410x.png?v=1613786565

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

689d6a2049d211c9d87edf8398c44685443eab718c3fb6e6c18898ba4f8103e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 4386198
source-type: image/png
server-timing: imagery;dur=476.851, imageryFetch;dur=42.332, imageryProcess;dur=433.528;desc="image", cfRequestDuration;dur=13.999939
source-length: 7442
content-length: 3839
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: c0eb947d-1897-4565-bfcb-cc995b9de4e9
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 11:17:13 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWsb2Uzx50VwGDdYmbl1yPzluw4mCzGJMl1SvhaSVAXYWwz68WjcxOEA5vJ%2FIVuEoYkxKAi7RTFKDmYfN76kYU%2Bsy7AhV0BqkzhiACE2jVr2rrw3Qy2aYOoN%2BcUCXYU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8442245fde08713f-YUL
x-sorting-hat-podid: 112

GET
H2 200 logo1_hak5_410x-png_500x.png
shop.hak5.org/cdn/shop/files/ 4 KB
4 KB 39ms
38ms Image
image/avif 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/files/logo1_hak5_410x-png_500x.png?v=1667700144

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

c6db6f9ad903738eb506d549986c6a0298335ce1501ee3eb7989f078b64d60f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 2358689
source-type: image/png
server-timing: imagery;dur=414.136, imageryFetch;dur=80.336, imageryProcess;dur=333.032;desc="image", cfRequestDuration;dur=13.000011
source-length: 5554
content-length: 3842
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 2aba468e-1f4a-44ac-bf76-151419ad950f
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 11:01:58 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvW3Z7CmK7o6EfC%2BF71ifmwkbgwudus7SG3%2FkMshFoGX2%2F8qDILhw6LLBELEDDHoc%2FMEcWGBA2BVT8i1u5WSbwIPcU1OJZqSBqhKua3bMblORis%2BMu2WBpqvhjhhMWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8442245fee1d713f-YUL
x-sorting-hat-podid: 112

GET
H3 200 payloadhub_ebc9a8ff-ef10-429b-aceb-34aeb597e099_500x.png
shop.hak5.org/cdn/shop/files/ 1 KB
2 KB 95ms
88ms Image
image/png 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/files/payloadhub_ebc9a8ff-ef10-429b-aceb-34aeb597e099_500x.png?v=1671652978

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

66b76a09eaeeeae1266ba2f0d9a851fce89d3fa70459d3c0e76523a3019b2658

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 598885
source-type: image/png
server-timing: imagery;dur=67.090, imageryFetch;dur=39.447, imageryProcess;dur=26.659;desc="image", cfRequestDuration;dur=11.999846
source-length: 1187
content-length: 1298
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: b81bdabc-796f-4976-8198-0b7e6fb98657
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 08:58:11 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhQshhmksOUGxd5tAldoYyRPHvbEib0tqMSH5UhGulKhoymf4jDqkgoPf8mjt6JCBMgdlq35Bbts6mg6CNxFYP6NftAz5zlLr5ab%2BmOXg%2Fk6Pnh2%2B50QuS6aOtwpZZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8442246158847133-YUL
x-sorting-hat-podid: 112

GET
H3 200 payloadstudio_500x.png
shop.hak5.org/cdn/shop/files/ 1 KB
2 KB 95ms
88ms Image
image/png 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/files/payloadstudio_500x.png?v=1671652943

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

6555c9df5b1656f9dc3dc70ff21a8becc0d2cb34d5b051541726ee62dcf871c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 4376254
source-type: image/png
server-timing: imagery;dur=69.586, imageryFetch;dur=32.545, imageryProcess;dur=35.302;desc="image", cfRequestDuration;dur=13.000011
source-length: 1154
content-length: 1265
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 8621ae4c-f8dc-4f74-87d1-467ae2a8af8f
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 07:28:15 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yd3olBifHrEDnx6%2Bmpfsec75kXjOz9lan4RnJQG3Z9IZh0dJuFmcQJD2UzvECKxCRERXrkinkkwAfncpu%2B%2F58QDEX5d2lDpBf5OU9zhpCGRzQGrjYe%2BYpCx6byiLOns%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8442246158857133-YUL
x-sorting-hat-podid: 112

GET
H3 200 award2_500x.png
shop.hak5.org/cdn/shop/files/ 900 B
2 KB 95ms
88ms Image
image/png 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/files/award2_500x.png?v=1671652725

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

88b2bee2a31cadca5cdf0d64a403ace4064209a9ae3a1289e22eddac9d485b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 4376254
source-type: image/png
server-timing: imagery;dur=83.976, imageryFetch;dur=67.162, imageryProcess;dur=16.089;desc="image", cfRequestDuration;dur=13.999939
source-length: 789
content-length: 900
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 1bc3698c-ba25-4e01-ba7b-63c43ba54b27
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 Nov 2023 07:18:46 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzeaaKlu7xoOyhL9jjg9uzLlmQhnbSc54hlKznRQYKp8n%2FDbG70YFKKf3YXsXLms3eYsNLmmoe7jpF7xDXamyQxHs8uaotf08jauj%2FvyEHlX2cVj3DlPJFD1%2FVILa88%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8442246158867133-YUL
x-sorting-hat-podid: 112

GET
H3 200 onlinecourse_500x.png
shop.hak5.org/cdn/shop/files/ 2 KB
2 KB 95ms
88ms Image
image/png 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/files/onlinecourse_500x.png?v=1671653928

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

1856acd75bfcf49dfb2c8c032430f34e95cbe18544c55f58d126ec38087fb29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 4204968
source-type: image/png
server-timing: imagery;dur=123.396, imageryFetch;dur=67.748, imageryProcess;dur=52.722;desc="image", cfRequestDuration;dur=12.000084
source-length: 1579
content-length: 1690
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 16d7d2b7-b30f-4010-bfb2-9fc7e2d9a074
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 Nov 2023 07:17:03 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cq7%2FrXhNvZK%2Be1iErCNrkrzRsOw80zhBFKCgIN8WnF9Nu9LXYpfhZgTTrtw%2FgM34vpiA5TfygvAuaKId02tADQprmj6UlZ4fAkkTbr%2FCMOPk0vQs%2FoqCaK1hi%2BjfqVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8442246158887133-YUL
x-sorting-hat-podid: 112

GET
H3 200 youtube_500x.png
shop.hak5.org/cdn/shop/files/ 525 B
1 KB 96ms
89ms Image
image/png 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/files/youtube_500x.png?v=1671654225

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

908efc7e1dbea8cfb7cba831698fffb3146b5d9aecb6597991ea1de938547cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 4201664
source-type: image/png
server-timing: imagery;dur=135.102, imageryFetch;dur=96.404, imageryProcess;dur=37.344;desc="image", cfRequestDuration;dur=23.000002
source-length: 414
content-length: 525
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: f3d5a610-67d4-4e04-bb32-e3d1efd703fb
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 10:20:28 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNP%2F4nv%2BIMX53myvoVpBLVjM8RfwIUK9c8JMzz6J7nP0P8hyIzWL2iy%2FKmKtjd53hJ0pdJcNVLsnkY6wbhgqmjEkZl1UpvDnr1lS23l4vtjOC05T6ABSJj%2BolTwqA9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8442246158897133-YUL
x-sorting-hat-podid: 112

GET
H2 200 payloadhub.png
cdn.shopify.com/s/files/1/0068/2142/files/ 3 KB
4 KB 53ms
44ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/files/payloadhub.png?v=1652474600

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

20d5b9348cf1331c646dcad8dfb52165a6a06685e094af5dbcfd347c3805d05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 447077
source-type: image/png
server-timing: imagery;dur=201.560, imageryFetch;dur=81.976, imageryProcess;dur=118.473;desc="image", cfRequestDuration;dur=25.999784
source-length: 5196
content-length: 2880
x-xss-protection: 1; mode=block
x-request-id: 1c638eab-ff4d-40a0-bcbe-84839ffc531d
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 12:09:55 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48jwlIVDyrPZ45w7FkORHr3xrnZZWfDCrlE7fag8B%2BFqs%2FsL70IXgPm%2F8K5%2Fr6jOfBHMx9CTLwKqaElSSHEir%2FiirPa9WP6WwhlrcWiZRxhvp2UWGsGWS903pq0sv14pzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/files/payloadhub.png>; rel="canonical"
cf-ray: 84422461593939f8-YYZ

GET
H3 200 omg-exfiltration_f4c541f8-5b19-4203-ae10-b1ded73b2b07_2048x.progressive.png.jpg
shop.hak5.org/cdn/shop/articles/ 19 KB
20 KB 95ms
89ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/articles/omg-exfiltration_f4c541f8-5b19-4203-ae10-b1ded73b2b07_2048x.progressive.png.jpg?v=1686077928

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

1fce8635ace56ca98846248e9954613b279dafe2d87bdd8028b1406de27ee67f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 129962
source-type: image/png
server-timing: imagery;dur=260.770, imageryFetch;dur=50.625, imageryProcess;dur=209.004;desc="image", cfRequestDuration;dur=13.000011
source-length: 42473
content-length: 19700
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 0cd7c22b-f124-4ed3-9e63-7a30b2f852b2
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Jan 2024 14:53:10 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsfPLVC7Tl7fZLA5EFGe%2FKoDI8n4MtWNZQPaLwI1HWWGIbLF9QvfIH348dQddA5zK68EX3nm%2Bk%2FXcPWWn5%2BR2wORoem6lK3bGfcdglSc8v%2BT8%2BUya0BPIcfjzA5I9c0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84422461588b7133-YUL
x-sorting-hat-podid: 112

GET
H2 200 info.png
cdn.shopify.com/s/files/1/0068/2142/files/ 805 B
1 KB 56ms
48ms Image
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/files/info.png?v=1642184410

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

d98c02bd9e50038d4e94da8a19dd34c9f6443cc310303019eec3a5c8653c8761

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 447077
source-type: image/png
server-timing: imagery;dur=190.579, imageryFetch;dur=96.699, imageryProcess;dur=42.812;desc="image", cfRequestDuration;dur=31.000137
source-length: 1512
content-length: 805
x-xss-protection: 1; mode=block
x-request-id: ebd3d135-5f5b-461e-bb39-6022ae06d2df
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Dec 2023 05:45:34 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oz%2FBFONDGcAnAYUmFjUFLenEyBlnZ8i1zixd%2FzK4LOLr8fPQIZnU8dGiQHcEfG7fsG4rSEEsU76GTsJAVjrHteIwXc00%2BTPmS0LtkBPZh2cnYyy4cZbZzxvMyia30D0OtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/files/info.png>; rel="canonical"
cf-ray: 84422461593b39f8-YYZ

GET
H2 200 OMGCable-Lightning-square_7ae1f633-89e1-4b65-9318-acb59a4555d8_200x.jpg
cdn.shopify.com/s/files/1/0068/2142/products/ 7 KB
8 KB 68ms
60ms Image
image/avif 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/products/OMGCable-Lightning-square_7ae1f633-89e1-4b65-9318-acb59a4555d8_200x.jpg

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

3dc8423242bf24ff2c557603320b50dbc6bb45b24f5d41c5f912356a17319b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
source-type: image/jpeg
server-timing: imagery;dur=479.480, imageryFetch;dur=92.690, imageryProcess;dur=375.491;desc="image", cfRequestDuration;dur=42.000055
source-length: 246860
content-length: 7609
x-xss-protection: 1; mode=block
x-request-id: a27142e6-789e-40fd-b1f5-ed06ae7e4e69
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 10 Nov 2023 14:16:30 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEaae2EgFssNdL7Jz3nBLojT6nMVY4rG7tdI2CrkjBPCY6rGH7J%2Bi0cn%2F%2FRZ0JX%2FhbrAGZMdQ7nmA6VS54Qsx%2Fe1QjRzFTp646oRrOFNDfIhNN%2FdfkyWxbr54IjRBOCdBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/products/OMGCable-Lightning-square_7ae1f633-89e1-4b65-9318-acb59a4555d8_200x.jpg>; rel="canonical"
cf-ray: 84422461593e39f8-YYZ

GET
H3 200 usb_rubber_ducky-exfiltration_ae8aa9f5-fc74-43d0-932a-4144247de1f0_large.png
shop.hak5.org/cdn/shop/articles/ 10 KB
11 KB 114ms
109ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/articles/usb_rubber_ducky-exfiltration_ae8aa9f5-fc74-43d0-932a-4144247de1f0_large.png?v=1686358775

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e5547ed44548a7f30bdc2326fee65cfb3f7a46b70baeb83c26e67ad9f7a484cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 359106
source-type: image/png
server-timing: imagery;dur=192.624, imageryFetch;dur=66.092, imageryProcess;dur=125.528;desc="image", cfRequestDuration;dur=16.999960
source-length: 55734
content-length: 10146
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 2e3433e1-22d4-471f-b684-fe0da461ddc9
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:34:55 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNHAMwotJTsivzY5XDYcwu1KJrbfDYI5MHQpKRQfbJK8abv4yOdce70i8UxVCn6cuykTmXWOYkDflBU1oFLoCpo7ZR7pdpHcRL4%2FwwgXPTl8Ep3L7rkkPtrmQDd0uaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84422461588e7133-YUL
x-sorting-hat-podid: 112

GET
H3 200 usb_rubber_ducky-execution_801d0a46-1a0c-4de2-8ff9-923d15d20e69_large.png
shop.hak5.org/cdn/shop/articles/ 9 KB
10 KB 115ms
110ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/articles/usb_rubber_ducky-execution_801d0a46-1a0c-4de2-8ff9-923d15d20e69_large.png?v=1686356739

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4060461c3907e6aa08db06e724165af7ed8fe7a7fe049ecc1eed72a6ea72b232

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 359106
source-type: image/png
server-timing: imagery;dur=238.059, imageryFetch;dur=105.772, imageryProcess;dur=128.481;desc="image", cfRequestDuration;dur=15.999794
source-length: 56311
content-length: 9374
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: cc6afb19-eb7b-4f35-ad66-0d74b50116fd
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Dec 2023 17:34:57 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lV6EmiVfaeys%2B4bG82fJPC4r6bntk9kg%2FTqljSI%2FdDa%2BsoSVHIOxcShPiI15x01zMwvo8ee8xyNWJmj5vhtboWcKLcO9KowXGH9mldJqxuJ7xr4IAaHs9moRikoEiqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84422461588f7133-YUL
x-sorting-hat-podid: 112

GET
H3 200 usb_rubber_ducky-execution_d99a0d5a-7a1c-4d3c-9c41-f7d5a9f65db2_large.png
shop.hak5.org/cdn/shop/articles/ 9 KB
10 KB 116ms
111ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/articles/usb_rubber_ducky-execution_d99a0d5a-7a1c-4d3c-9c41-f7d5a9f65db2_large.png?v=1686358660

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4060461c3907e6aa08db06e724165af7ed8fe7a7fe049ecc1eed72a6ea72b232

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 334945
source-type: image/png
server-timing: imagery;dur=190.933, imageryFetch;dur=40.007, imageryProcess;dur=150.112;desc="image", cfRequestDuration;dur=15.000105
source-length: 56311
content-length: 9374
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 78326b68-1e08-42eb-8a1d-8a72088e5ff9
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 22:31:38 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOgmMsWuxc7RmsqejZYWbUJsbiaPH81eKdH6OXgIFnrOIunPrD5vHBIHR5sQcw%2Fs%2F51XgD4gT4OlFa0V6uwXSBQHV3hHXVcksqrVhRasgRDT%2Fe44hijYuqevk7TN3Hw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8442246158907133-YUL
x-sorting-hat-podid: 112

GET
H2 200 leaderboard2.png
cdn.shopify.com/s/files/1/0068/2142/files/ 434 B
1 KB 46ms
40ms Image
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/files/leaderboard2.png?v=1652476348

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

40e627d744439b9fe3d856c10032a5c3494a66593f32eb0e9e84da3b956428ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 3395170
source-type: image/png
server-timing: imagery;dur=56.977, imageryFetch;dur=32.314, imageryProcess;dur=23.105;desc="image", cfRequestDuration;dur=22.000074
source-length: 323
content-length: 434
x-xss-protection: 1; mode=block
x-request-id: 95f80c34-3808-422e-95f0-a1ab6e66d0ad
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 10 Nov 2023 07:50:48 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAbtOTWrS2q%2FAeE9lCirYRrcc7JDvlKyLE7YcEHL5XQRPrei9wnuQW%2FKwbkpfHod5EW1ullVsev8SWAAoCRDSPAeWXfAhxLvw0xd6wC1iPlbMtPg%2FpVeoPjSDuAgznTR2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/files/leaderboard2.png>; rel="canonical"
cf-ray: 84422461594039f8-YYZ

GET
H2 200 award_529a31c9-dd20-45ae-9781-90ce5c67a914.png
cdn.shopify.com/s/files/1/0068/2142/files/ 574 B
1 KB 56ms
50ms Image
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/files/award_529a31c9-dd20-45ae-9781-90ce5c67a914.png?v=1652476691

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

7dcaeeb68e985951a2c4333393623a6f8aa09a2342175baeb5961649d15e826b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 553318
source-type: image/png
server-timing: imagery;dur=154.016, imageryFetch;dur=132.669, imageryProcess;dur=19.292;desc="image", cfRequestDuration;dur=32.000065
source-length: 463
content-length: 574
x-xss-protection: 1; mode=block
x-request-id: 07364cdc-f8fc-4158-9836-8417acd73b98
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 14:30:47 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LimxZeITq5t4U8V4RoQx1dL2Sxng6R3lWEFmdAfNimCzcrFInQUOTeqtpheCfdA6pOdihCnn5nxxpiILpq5KtSNikgpjTMU2FGgvisO%2FYCVk7IOX%2FHCfx9mI42fP2UBWyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/files/award_529a31c9-dd20-45ae-9781-90ce5c67a914.png>; rel="canonical"
cf-ray: 84422461594139f8-YYZ

GET
H2 200 crown_b53abe4f-0fcb-42d6-9208-a6f9ad17292c.png
cdn.shopify.com/s/files/1/0068/2142/files/ 459 B
1009 B 47ms
41ms Image
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/files/crown_b53abe4f-0fcb-42d6-9208-a6f9ad17292c.png?v=1652479178

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

6df208545c891a217683b04e0569b7020f7d080d34fde13c601d54b0deb87672

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 3395170
source-type: image/png
server-timing: imagery;dur=90.118, imageryFetch;dur=73.749, imageryProcess;dur=15.682;desc="image", cfRequestDuration;dur=21.999836
source-length: 348
content-length: 459
x-xss-protection: 1; mode=block
x-request-id: fc6dbb34-410f-46ac-b517-76b599d3c6f2
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 13:14:31 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMq07umoSy44v1CKC4hBiiijybtjU2sPtL%2BHFzcOFEuHLkJLmQIkPsdsr6eRIhLm%2FJb1H1fxd7tXRvCLkOEMa2TdDLO4C2yIbJ6jxykVayR%2F9tQ7JrNU9Y%2BxrZx1hXIyWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/files/crown_b53abe4f-0fcb-42d6-9208-a6f9ad17292c.png>; rel="canonical"
cf-ray: 84422461594539f8-YYZ

GET
H2 200 submit.png
cdn.shopify.com/s/files/1/0068/2142/files/ 620 B
1 KB 56ms
51ms Image
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/files/submit.png?v=1652479578

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

ea8a69c92e2670bff1a195017265468009ea7e9e94d13da25ae455aeab8801b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 3395170
source-type: image/png
server-timing: imagery;dur=108.619, imageryFetch;dur=71.810, imageryProcess;dur=35.894;desc="image", cfRequestDuration;dur=26.999712
source-length: 509
content-length: 620
x-xss-protection: 1; mode=block
x-request-id: 9bab9c89-3eb4-4f27-a301-28ef5a673d89
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 04:52:04 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpqkpqqAxhApxao%2BkC%2ByG85O%2BbrrKtDlu1iuEMIMTA6BXLrx2H%2B4rtd1g7Dh3eHoiCoIzBh34a840s816nr7rSkyxTzvzXNdlO5Ad1X6Xzizcar4NtEHTnWDJt7syHIYog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/files/submit.png>; rel="canonical"
cf-ray: 84422461594739f8-YYZ

GET
H2 200 collab.png
cdn.shopify.com/s/files/1/0068/2142/files/ 591 B
1 KB 53ms
47ms Image
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/files/collab.png?v=1652481298

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

b9eb56ce091a3f4cf51cb3fe426b8e39c053f93a3a2fcc31ce45e02866a05d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 100379
source-type: image/png
server-timing: imagery;dur=85.795, imageryFetch;dur=58.227, imageryProcess;dur=26.677;desc="image", cfRequestDuration;dur=26.999950
source-length: 480
content-length: 591
x-xss-protection: 1; mode=block
x-request-id: e179e2e7-6907-4855-bbeb-93dd6f322400
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 Nov 2023 10:58:46 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbWOqEgib3Wjq32nUmdTkoZ6ECGnkCD2tq%2BuFkmxV9YE6FS6SjAHz%2F49XwcacZ5rUI8z%2FI8isE8RZiBp5S2%2FbVmP3jKMnwi0xzjuR6x1Xa4Y%2FXdSCtjAIjh1l3OqovenBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/files/collab.png>; rel="canonical"
cf-ray: 84422461594839f8-YYZ

GET
H2 200 caution2.png
cdn.shopify.com/s/files/1/0068/2142/files/ 507 B
1007 B 57ms
52ms Image
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/files/caution2.png?v=1652481608

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

2856369af033ec2c16ec07a547c9bce6914031103e34c0f5bac4d567161fe9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 3395170
source-type: image/png
server-timing: imagery;dur=132.491, imageryFetch;dur=103.444, imageryProcess;dur=28.172;desc="image", cfRequestDuration;dur=29.999971
source-length: 396
content-length: 507
x-xss-protection: 1; mode=block
x-request-id: 16f5d127-3978-4e3e-a4cd-1339ef8e8798
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 07:31:56 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAVp9xkyy6vZHtrIuVUirzw%2BwzKq4Z4H3NXoNQfUJYnKyoOtcqeTuHsdq4xBOrBrsZyYRENyo79II1mKec%2FFdB3IizpsYKFpap8QMgDnoE6H7lRi7EKPPlWZL5xEbUrUSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/files/caution2.png>; rel="canonical"
cf-ray: 84422461594939f8-YYZ

GET
H2 200 disclaimer.png
cdn.shopify.com/s/files/1/0068/2142/files/ 464 B
1012 B 67ms
62ms Image
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/files/disclaimer.png?v=1652481728

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

4ba9c812b3462f5111905ce5cc32cd9b3fe98731f9a02cc47141bffd502bf309

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 100379
source-type: image/png
server-timing: imagery;dur=69.876, imageryFetch;dur=52.216, imageryProcess;dur=16.907;desc="image", cfRequestDuration;dur=16.000032
source-length: 353
content-length: 464
x-xss-protection: 1; mode=block
x-request-id: 4066056f-8665-43bd-a32a-8f90e8c39471
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 08:54:39 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tk44KLaIkyJFLTLbSjpaCmQVbP%2F0QrV%2FnCTvYrQy16M56kJEd6gnqwjtMaMN2NfJ1%2Btdk7lhUFK8MeijuvsqdyLZDtDtuWbU8HqV89iRIGottrOj56ezV7hDNSq8mTLxgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/files/disclaimer.png>; rel="canonical"
cf-ray: 84422461897d39f8-YYZ

GET
H2 200 stats.png
cdn.shopify.com/s/files/1/0068/2142/files/ 436 B
929 B 68ms
63ms Image
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/files/stats.png?v=1652482005

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

32bac461943f64ec3240b68d96d3c798b30371fae2b1c5cbdd092dc032f0a274

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 100379
source-type: image/png
server-timing: imagery;dur=109.989, imageryFetch;dur=76.249, imageryProcess;dur=32.778;desc="image", cfRequestDuration;dur=16.000032
source-length: 325
content-length: 436
x-xss-protection: 1; mode=block
x-request-id: 691a36d1-069e-4dc2-9e0f-505f3fbc99f6
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 14:30:47 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2F8r9KV%2Bq7MySeBsYGTvv3NysmFHDrf3fGJZ0Rw8pSb9vWGT93rhcf0R1PEnwQh7sMeeKty8XvdhHK6ArKzVDa4PRIZVQ1uGpJ3%2BgdHYITUxv92aeaPos1Z7%2B4gYSZNMVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/files/stats.png>; rel="canonical"
cf-ray: 84422461897e39f8-YYZ

GET
H3 200 logo_b_hak5_100x.png
shop.hak5.org/cdn/shop/files/ 4 KB
5 KB 116ms
112ms Image
image/avif 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.hak5.org/cdn/shop/files/logo_b_hak5_100x.png?v=1613786565

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

6a205a8e69f520c236023de4b5fd035a389249d81935acf5888114c9398fbca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 4133000
source-type: image/png
server-timing: imagery;dur=222.107, imageryFetch;dur=55.846, imageryProcess;dur=112.458;desc="image", cfRequestDuration;dur=19.999981
source-length: 22840
content-length: 3928
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 896118f8-4e6a-4545-99ba-b6ae93d983c5
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 07:50:04 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrawXOkgkM%2BuMu6v3oOuFpw8luwqjD2QEWej7XAbA80TcmctO8hx4nziQKxoNMo2ZRH5lwfMBb9fmdJF4esc4WURJTG2IynkqRjgjYhVWspTB%2F9kPGM7pmskkBgUBU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8442246158927133-YUL
x-sorting-hat-podid: 112

GET
H2 200 app.js Show response
shop.hak5.org/cdn/shop/t/57/assets/ 268 KB
79 KB 39ms
39ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cdn/shop/t/57/assets/app.js?v=58165092932666955681685916278

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

5206cae25b6bb93dab90f3cf445b8b46b99330480b15ebe7d7a80a94bf8ca787

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 7540
content-encoding: br
server-timing: imagery;dur=111.548, imageryFetch;dur=57.769, cfRequestDuration;dur=14.999866
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 0b637868-bfe6-4ca5-8d07-9162b1814686
last-modified: Fri, 12 Jan 2024 00:36:17 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0loirW%2FBJHJeqtJqJgIu%2BEckcF%2FLSmnl%2FOJ5nIGLOWbMaxvTAgr%2BWZqVd7IY%2FjZUkImET7I3ZIFFY4zI4LZerq0T30LmQiHYDir%2FzPKZrhMTfj8lf%2BO2dnnyavFSoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 844224601e66713f-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/57/assets/app.js>; rel="canonical"
x-sorting-hat-podid: 112

GET
H2 200 dummy.png
cdn.shopify.com/s/files/1/0068/2142/t/60/assets/ 179 B
971 B 69ms
64ms Image
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/dummy.png

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

1b8fd5686b812d14990d041f3238908e627a60c28755f751d0465a85ea91213b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 3870576
source-type: image/png
server-timing: imagery;dur=60.130, imageryFetch;dur=55.587, imageryProcess;dur=3.958;desc="image", cfRequestDuration;dur=20.000219
source-length: 68
content-length: 179
x-xss-protection: 1; mode=block
x-request-id: 78796f60-144b-4471-a874-d9c3ff843cf2
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 07:48:02 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vk4zrH2tmxaFDSqf2iSnEKPuPU6LgAM6MyBg3A8wndm5Ubg3Zl8mUx%2BPqdNW4dmddQogFkLe3cd0GbiIHoduNQuk6ui2XFPga5D5e3CyvbtES%2FcbNxETqodSHABJ0NV1Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/dummy.png>; rel="canonical"
cf-ray: 84422461898039f8-YYZ

GET
H2 200 rbtools.min.js Show response
cdn.shopify.com/s/files/1/0068/2142/t/60/assets/ 122 KB
48 KB 81ms
77ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/rbtools.min.js?6.5.6.10

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

4be83638d19a8ce4cf02d462a679714258db21e0509b0dada5eae22b2c52735d

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 9584
content-encoding: br
server-timing: imagery;dur=47.155, imageryFetch;dur=46.963, cfRequestDuration;dur=26.000023
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 62c17ba9-7468-435e-93a8-5b740d13b6e6
last-modified: Fri, 12 Jan 2024 00:09:06 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5F5%2B73DwywRQggbNcir1EtnatOuSBJdztyywQgMu4o%2FYCljdcb7NIOtweb1Ec%2BBZcidojmhxrUoDwIklexZjGSWgDlnLoAOSvlnxDMmqsDA09V6arTEzOV9m3rwtuzrQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/rbtools.min.js>; rel="canonical"
cf-ray: 84422461898239f8-YYZ

GET
H2 200 rs6.min.js Show response
cdn.shopify.com/s/files/1/0068/2142/t/60/assets/ 369 KB
97 KB 76ms
71ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/rs6.min.js?6.5.6.10

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

b7ecbe61323632d6c588f67cae30cc1ea52b8d4ad2e07072dea97bf0511d96d2

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 16455
content-encoding: br
server-timing: imagery;dur=76.290, imageryFetch;dur=76.094, cfRequestDuration;dur=25.000095
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1484539a-ceb9-4bf9-9609-e2bf4680822b
last-modified: Thu, 11 Jan 2024 22:11:41 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtL5jTHJggYCuxVgCkqu5MkkInIEpeIRqgVv0BNBMy9Vd0hS0vAomn%2B%2BJBEqQVYaVcbk80JjFDGVfJfuto4eIZVjkuRhb0bAyQ7ugqnVl0vA4FX0yKqE5DDKCLN4w2Rswg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/rs6.min.js>; rel="canonical"
cf-ray: 84422461898539f8-YYZ

GET
H/1.1 200
OK javascript Show response
preorder-now.herokuapp.com/widget/ 122 KB
26 KB 182ms
65ms Script
text/javascript 54.243.238.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://preorder-now.herokuapp.com/widget/javascript?shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.238.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-238-66.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

85e59040e34e7aa6a14fb04f5da00044d5444210ef4723f567dc9d72036c4cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 02:59:11 GMT
Access-Control-Request-Method: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies: none
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: CP="Not used"
Via: 1.1 vegur
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1705028352&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=wGEDzO0zemucj0k7fCF46487yJa61kODhiUe4RbRHq4%3D
X-Request-Id: 9448d01f-9670-47da-9965-90006e58df5d
X-Runtime: 0.010680
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
Etag: W/"85e59040e34e7aa6a14fb04f5da00044"
X-Download-Options: noopen
Vary: Accept-Encoding, Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705028352&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=wGEDzO0zemucj0k7fCF46487yJa61kODhiUe4RbRHq4%3D"}]}
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Access-Control-Allow-Origin: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 503 KB
202 KB 117ms
36ms Script
text/javascript 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 22:18:18 GMT

GET
H3 200 bc3e06decw4db1e3a6p9888f859mdcd2346em.js Show response
shop.hak5.org/cdn/wpm/ 82 KB
30 KB 115ms
112ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

05f599513ba283daa5b5f6a4eaf2434bd2f11b33d335fddab0348483aa6ef71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 27131
content-encoding: br
server-timing: imagery;dur=34.891, imageryFetch;dur=34.645, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7b925d1e-cb9d-422f-a09a-55e996457ba5
last-modified: Thu, 11 Jan 2024 19:27:01 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdHiuzsdRxDplPU%2Bfad3nwV9CY8CZfDp05VTaVLsXy8u2cSDqcTAeGmIEnEgEeHxJ73umhfetDB440NsrEAoxWJhV8t5DvHo3dpmM6iAlUWR%2BfmxFW6STkU3GYjCM7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8442246158937133-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 trekkie.storefront.f2da2901761ed691d459433ada0e4d90e085713c.min.js Show response
shop.hak5.org/cdn/s/ 116 KB
27 KB 118ms
115ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cdn/s/trekkie.storefront.f2da2901761ed691d459433ada0e4d90e085713c.min.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

a0cc3360f9c8d2084b936b7f8c6bb5612224363ec8a29f5b8519581eef66992c

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 14347
content-encoding: br
server-timing: imagery;dur=42.351, imageryFetch;dur=42.132, cfRequestDuration;dur=11.999846
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ccca7444-015f-4359-a109-3e2abe0b0f13
last-modified: Thu, 11 Jan 2024 23:00:04 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLTFzrshmfAYScJAyf1kUlZ1mp%2BWh5NrGvrCSExS5tTAzWH4qgvTgFIISsoG63HjRrgwje02guc3yPWktGGG2QNjEIqdymd7O16o7leUB9lgIlyo2ImMkOpN1%2BOjabw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
cf-ray: 8442246158947133-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.f2da2901761ed691d459433ada0e4d90e085713c.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js Show response
shop.hak5.org/cdn/shopifycloud/shopify/assets/ 8 KB
4 KB 138ms
135ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 9112
content-encoding: br
server-timing: imagery;dur=48.877, imageryFetch;dur=47.729, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 33f025d5-baf9-402b-9633-310a73485be0
last-modified: Fri, 12 Jan 2024 00:27:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaLBZOwZKfON57MLS2esK%2Fs0VGYjTd4m9N%2BlF7kKSiBDyb%2Fe2KV4CmhVIJxKx%2B5FLq42jAmKgGriLFlxoZ5PT7r1BB8kUWZFLcmi8jdi525BmCig4qgyVU8QSLKMw8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 8442246158957133-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 shopify-boomerang-1.0.0.min.js Show response
shop.hak5.org/cdn/shopifycloud/boomerang/ 58 KB
19 KB 46ms
45ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 21314
content-encoding: br
server-timing: imagery;dur=22.033, imageryFetch;dur=21.781, cfRequestDuration;dur=16.999960
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8f571782-b99e-4384-9fd9-6b888efeacb7
last-modified: Thu, 11 Jan 2024 21:03:58 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMxVNEY0Jj3UMPonBGX7Vnb11yVRwWaJXlwRZIQQ8wS8dVrgDelmpoqX0ziGQxUpJsESfLCjmcTooGoe4GIdd883oaiinJp2SjsDh5YaMwGvSC%2BX3CfElA8T9OyGlg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
cf-ray: 8442246148747133-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 turbo.woff
shop.hak5.org/cdn/shop/t/57/assets/ 3 KB
4 KB 116ms
115ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cdn/shop/t/57/assets/turbo.woff?v=1876293967402835401635364882

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/shop/t/57/assets/styles.scss.css?v=39121934190423622991700362668

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4e98d3738caaaec5edbc05e8a6eea36d3c8fc11919dfae035a1356495defd55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/cdn/shop/t/57/assets/styles.scss.css?v=39121934190423622991700362668
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 4294546
server-timing: imagery;dur=96.855, imageryFetch;dur=80.275, imageryProcess;dur=16.217;desc="font", cfRequestDuration;dur=16.000032
alt-svc: h3=":443"; ma=86400
content-length: 3172
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 3b9c261c-9dd8-41de-bd26-08f555237f40
last-modified: Thu, 02 Nov 2023 04:14:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i6RF1vygyiN%2FojAFaGvzvzERtQXjWU01OaHOq2n%2FFdp5wdG5qDmsJn%2BrumeCy7GknXH46OiNU%2F9FcyXV86E4Mtq2dUtLtXVTfJTfqzIlXd8dZydo0bYg7rdOmTfUYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8442246178b67133-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/57/assets/turbo.woff>; rel="canonical"
x-sorting-hat-podid: 112

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 28 KB
28 KB 135ms
55ms Font
font/woff2 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:02:35 GMT
x-content-type-options: nosniff
age: 150997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28512
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 09:02:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 118ms
39ms Font
font/woff2 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:07:47 GMT
x-content-type-options: nosniff
age: 150685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 09:07:47 GMT

GET
H3 200 consent-tracking-api.js Show response
shop.hak5.org/cdn/shopifycloud/consent-tracking-api/v0.1/ 15 KB
6 KB 62ms
61ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

ef5695392329615991aef82ee880b52c17e6dd36d875c34000975d796a602815

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 1388
content-encoding: br
server-timing: imagery;dur=219.041, imageryFetch;dur=23.890, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ba6ff851-50d3-4d41-9180-8b0ed3e30d15
last-modified: Fri, 12 Jan 2024 02:36:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEkUVRHcmvtt491l%2FhWEjwbopzxvXyzN1rhE2FdwTYQOfEnu2If0JqUGJk9DwjmMWeBrTEtY2t%2Bnku0L4II%2F7Hzbwe%2BXj%2BkBsQBfL59DQuivILpwHzhmsLOFEBytAVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
cf-ray: 84422461d94d7133-YUL
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 session Show response
shop.app/pay/ 18 B
2 KB 166ms
104ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1&token=c7ab150c-8859-4940-b41c-5555ab5a9c44&shop_id=682142

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://.hcaptcha.com; frame-ancestors admin.shopify.com https: .myshopify.com admin.shopify.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors admin.shopify.com https: *.myshopify.com admin.shopify.com
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=80.000162
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shop.hak5.org
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-frame-options: DENY
x-robots-tag: noindex
date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
p3p: CP="Not used"
alt-svc: h3=":443"; ma=86400
content-length: 18
x-xss-protection: 1; mode=block
x-request-id: e71b1d63-9989-4f30-bef4-2c0a245577c3
x-runtime: 0.003687
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEh5RVwJk0uMPhgyQox%2BtexWZPOdOB3ZZSA0essbP61UdOjLAGbCYDNOYNdywX%2B2Sjc%2BAbc4XQksbzbFCW8l7cXyrK5gkBLssJwjJyVFRdYA%2FXFo6YgkeERL"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 844224626bd74bcb-YUL
x-sorting-hat-podid: -1

GET
H2 200 index.js Show response
cdn.shopify.com/extensions/109e66ff-7302-4a9f-a7b2-d08bd1d84b8d/forms-312/assets/ 3 KB
2 KB 34ms
32ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/109e66ff-7302-4a9f-a7b2-d08bd1d84b8d/forms-312/assets/index.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/109e66ff-7302-4a9f-a7b2-d08bd1d84b8d/forms-312/assets/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

ffdc0aba3fb445782fd37aa1367cd4de104b9f735c4ecdc6d624c8064cc49b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 17966
content-encoding: br
server-timing: imagery;dur=56.315, imageryFetch;dur=20.494, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 702763e7-33be-4318-9bb8-f191a75156ae
last-modified: Thu, 11 Jan 2024 21:45:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGvO1ua0hxcXnz9xaUgLjYtuFySVsMylma2uL5ihykkM3r7UGc3EnlqsJs5f%2BnGJBlill92e9%2FT77vrOmFgXzRk8Zorq23Z1Y0P0BppmzK3xcRBIpY0ulBKQxDvKHX%2FgWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/extensions/109e66ff-7302-4a9f-a7b2-d08bd1d84b8d/forms-312/assets/index.js>; rel="canonical"
cf-ray: 844224621a8839f8-YYZ

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 36ms
36ms Font
font/woff2 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:07:54 GMT
x-content-type-options: nosniff
age: 150678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 09:07:54 GMT

GET
H3 200 everything-password-stealer Show response
shop.hak5.org/wpm@c3e06decw4db1e3a6p9888f859mdcd2346e/web-pixel-shopify-custom-pixel@0570/sandbox/modern/blogs/payloads/ Frame 6130 40 KB
17 KB 167ms
167ms Document
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/wpm@c3e06decw4db1e3a6p9888f859mdcd2346e/web-pixel-shopify-custom-pixel@0570/sandbox/modern/blogs/payloads/everything-password-stealer

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

c8c0144f6e39306664e3aea1dd0b3d408509a3a5f325e8da39d2562939e0b355

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000, public
cf-cache-status: MISS
cf-ray: 844224627a547133-YUL
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Fri, 12 Jan 2024 02:59:12 GMT
etag: W/"cacheable:1a251439584e76faf9050486a8deb345"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CurTXyEDJvhSt3eivB7Ww71zMwj0W9H2GOcnlXGeKv88DNz%2FBBnLuruJ%2Ff7IfXy2VhjIyPpWrerybJJUI2HmhqzoI3Vd%2FOSpPDczXfZjWPlCu3YbURsTmGemRI%2FEILQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=19, db;dur=7, asn;desc="212238", edge;desc="YUL", country;desc="CA", theme;desc="120632574065", servedBy;desc="958t", requestID;desc="2c58d40b-90e7-4e5c-b10a-93c5fa6dc3ad" cfRequestDuration;dur=141.000032, earlyhints
strict-transport-security: max-age=7889238
vary: Accept, Accept-Encoding
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 2c58d40b-90e7-4e5c-b10a-93c5fa6dc3ad
x-robots-tag: noindex, nofollow
x-shardid: 112
x-shopid: 682142
x-shopify-stage: production
x-sorting-hat-podid: 112
x-sorting-hat-shopid: 682142
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

GET
H3 200 worker.modern.js
shop.hak5.org/wpm@c3e06decw4db1e3a6p9888f859mdcd2346e/web-pixel-shopify-app-pixel@0570/sandbox/ 40 KB
17 KB 38ms
38ms Other
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/wpm@c3e06decw4db1e3a6p9888f859mdcd2346e/web-pixel-shopify-app-pixel@0570/sandbox/worker.modern.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

05b161010e8fd7058b49cfc5e927ce4251a7fcad922ecf69944b634635a46b98

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding: br
x-permitted-cross-domain-policies: none
age: 209756
server-timing: processing;dur=17, db;dur=7, asn;desc="394430", edge;desc="YUL", country;desc="CA", servedBy;desc="5wtp", requestID;desc="696d9ffb-90c9-452c-a36f-adbd600fee39", cfRequestDuration;dur=12.000084
x-sorting-hat-shopid: 682142
x-shardid: 112
x-storefront-renderer-rendered: 1
etag: W/"cacheable:da096054d542424879b6d2dc6d0c4b93"
x-shopid: 682142
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: text/javascript; charset=utf-8
content-language: en
cache-control: max-age=31536000, public
x-robots-tag: noindex, nofollow
date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
x-cache: miss
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 696d9ffb-90c9-452c-a36f-adbd600fee39
x-shopify-stage: production
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1I%2Bt%2BKYxNVD%2FZqtUdZjkXd%2BroquulQjc%2BV%2BO8QVJMViiUgDhhTFRX8Fu52wxi3tg68hPwh2utrcGFjvi%2BH0afqobxFqZ%2BjxmkJgARvUY5wiF36WohjUJ%2B6R4INnXAY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 844224632b7c7133-YUL
x-sorting-hat-podid: 112

POST
H3 200 produce_batch
shop.hak5.org/.well-known/shopify/monorail/unstable/ 0
731 B 94ms
93ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shop.hak5.org/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/s/trekkie.storefront.f2da2901761ed691d459433ada0e4d90e085713c.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=68.000078
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: cd8b05ce-18b2-4206-946f-13bab52425b3
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8DQS%2Bl9Vx1hcvpIOlCpA%2BNOFBflCMZd5%2BN%2BRwb7MYHwIhJWV9tTeeVPSV1%2FdhEcDUln7nEXdCGCk0IBTsaKlAeWsYN5sW%2FcFhPXeDSvEAUWoPPwceIaycyU4jIMUOc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://shop.hak5.org
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 844224633ba87133-YUL

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 45ms
44ms XHR
text/plain 142.250.31.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1176019227&t=pageview&_s=1&dl=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer&ul=en-us&de=UTF-8&dt=Everything%20Password%20Stealer%20-%20Hak5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=611936702&gjid=1814263580&cid=2059743091.1705028353&tid=UA-81435-10&_gid=829183659.1705028353&_r=1&_slc=1&z=1909196827

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.138 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 02:59:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shop.hak5.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 transparent.png
cdn.shopify.com/s/files/1/0068/2142/t/60/assets/ 233 B
1 KB 36ms
35ms Image
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/transparent.png

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

91d595b324f60e3ab4a03540f3459b043568bc15329809694d2cc7d0aaaa270a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 3681307
source-type: image/png
server-timing: imagery;dur=131.990, imageryFetch;dur=64.936, imageryProcess;dur=65.581;desc="image", cfRequestDuration;dur=15.999794
source-length: 122
content-length: 233
x-xss-protection: 1; mode=block
x-request-id: d725d0d7-a626-4d71-9485-c1f5b8e8600f
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 11:06:10 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6QYERoB7CHYYMWlHOPGyvD3NpEHnQgAWTDvHFybvSQ%2F05NHvMc0fo%2FvEjPFtOgdN%2FH8KpqgS4ZsZqqJAReWD8gUc0%2BhfA0%2Fu%2Fe%2B8vLX0tDvddktA6%2FUn4NlTS1hfhEP3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/60/assets/transparent.png>; rel="canonical"
cf-ray: 844224635e6739e9-YYZ

GET
H3 200 fm_bunny1.jpg
cdn.shopify.com/s/files/1/0068/2142/t/59/assets/ 29 KB
30 KB 37ms
36ms Image
image/jpeg 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/59/assets/fm_bunny1.jpg

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

a79d839fe23ee07176a02010decc3ea2933dddab3f557178073b261ff73cad75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 3696646
source-type: image/jpeg
server-timing: imagery;dur=115.553, imageryFetch;dur=73.928, imageryProcess;dur=40.686;desc="image", cfRequestDuration;dur=16.000032
source-length: 30478
content-length: 29645
x-xss-protection: 1; mode=block
x-request-id: 8577a89a-0a46-49c1-80cb-58dcd8c447aa
alt-svc: h3=":443"; ma=86400
cf-bgj: h2pri
last-modified: Fri, 24 Nov 2023 13:11:58 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHrzYhagG1ZlbNS1RWS%2FJoDEDouW11ZOOc9O%2B9QrJ6yKL%2F5ox88eorXHSppXjc1xWf97mBGpqk6Fj98mfyNeMAn9scd3yyOHvFdAJmf2A5ucB8uNzjnc6Q6YrrIp93sGkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/59/assets/fm_bunny1.jpg>; rel="canonical"
cf-ray: 844224635e6939e9-YYZ

GET
H3 200 dish2-min.png
cdn.shopify.com/s/files/1/0068/2142/t/59/assets/ 53 KB
54 KB 54ms
53ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/59/assets/dish2-min.png

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

7ffa2062443a660004883826c3e2f79fa3a949996ebbdb3619b3683506249429

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 6100419
source-type: image/png
server-timing: imagery;dur=151.154, imageryFetch;dur=30.397, imageryProcess;dur=104.087;desc="image", cfRequestDuration;dur=15.000105
source-length: 76292
content-length: 54628
x-xss-protection: 1; mode=block
x-request-id: 84908915-4916-4695-bb62-cfe24b879d6f
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 11:43:11 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhDNpptMnnv2Av34E4FxqoxQf1PHVGzMABME%2BMGsC3xDA6p0V8uT5fPR4wUUuPi7GO6sbxDZeoLcA4JBsIdg1cf8uf86oh9rQKbitbo8ijhJew7yWOCSoUNlsVLIl3yOQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/59/assets/dish2-min.png>; rel="canonical"
cf-ray: 844224635e6a39e9-YYZ

GET
H3 200 dish6-min.png
cdn.shopify.com/s/files/1/0068/2142/t/59/assets/ 64 KB
65 KB 88ms
88ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/59/assets/dish6-min.png

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

306c5b300f5d6e8178598ff461c179a57ca46e0738e9ebff5197c80e0025a92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 3612436
source-type: image/png
server-timing: imagery;dur=151.709, imageryFetch;dur=59.789, imageryProcess;dur=90.667;desc="image", cfRequestDuration;dur=15.000105
source-length: 95223
content-length: 65312
x-xss-protection: 1; mode=block
x-request-id: 9329f1c8-c0a3-4888-9caa-235a28b4d82f
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 07:24:38 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3u7qMe1%2Fo3xyi5tfgqFYjnj7ry8XAQ4TgGRTw92jmYmtcz0w%2FIhCCbOhUaH2jczLiE0NHCL96dCGTraD9x8A98RxGAQcQoeedHZzlxP1dIPwQMPfWDXDlGGbt4ciE0cgKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/59/assets/dish6-min.png>; rel="canonical"
cf-ray: 844224635e6e39e9-YYZ

GET
H3 200 dish3-min.png
cdn.shopify.com/s/files/1/0068/2142/t/59/assets/ 72 KB
73 KB 104ms
104ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/59/assets/dish3-min.png

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

aca1710e3cb0a30c4fda4b9d7e9cf113ee1d9ff00924c2fbfa0dd4c8560a33dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 3765167
source-type: image/png
server-timing: imagery;dur=151.154, imageryFetch;dur=37.936, imageryProcess;dur=112.298;desc="image", cfRequestDuration;dur=21.999836
source-length: 101031
content-length: 73846
x-xss-protection: 1; mode=block
x-request-id: 6c718d8b-7007-433f-a75a-90eb331dc5d4
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 08:37:40 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoeqqU9t3fhq%2BAbQ79kk9qvK6sseWsTxIhCewUZWTYWHmpzP%2Fxn2ZGDS8fKKYBdH5BsWxjzhBTetzJH1OGGiEQEnHBwGz6gYxs9UAz7LLGBZMjuf%2B%2F%2BPgzoG%2F%2FV5jkcuhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/59/assets/dish3-min.png>; rel="canonical"
cf-ray: 844224635e7439e9-YYZ

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
57 KB 109ms
35ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/s/trekkie.storefront.f2da2901761ed691d459433ada0e4d90e085713c.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Jan 2024 02:59:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: M2noj1FWSlhZp+0xk9QMD53AqWwvOBlSSvSht6H8/98UDNxuBz6avplxuDmr6ibh75CVhkODUCxk2/b3JiBByA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 124ms
49ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-630457502

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/s/trekkie.storefront.f2da2901761ed691d459433ada0e4d90e085713c.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d42b89df784e016a1e0dd30dc66cbe04779f3653c0c368d63b9d319cf3c3a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72795
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jan 2024 02:59:12 GMT

GET
H3 200 chunk-WSM5TMEH.js Show response
cdn.shopify.com/extensions/109e66ff-7302-4a9f-a7b2-d08bd1d84b8d/forms-312/assets/ 34 KB
14 KB 41ms
41ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/109e66ff-7302-4a9f-a7b2-d08bd1d84b8d/forms-312/assets/chunk-WSM5TMEH.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

49b9466e0143c72b2d05f694c218ef05f180a6917ac29a9629c43db4cd64cb49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/extensions/109e66ff-7302-4a9f-a7b2-d08bd1d84b8d/forms-312/assets/index.js
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 19130
content-encoding: br
server-timing: imagery;dur=27.659, imageryFetch;dur=25.124, cfRequestDuration;dur=20.000219
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: e66969a4-bf19-487e-bea7-3505d3e2a390
last-modified: Thu, 11 Jan 2024 21:36:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vvhc4aLJnNu2QC7dUwxgxNu2LFEAVm6dAdn0MzSJFETXzkqSWqh%2FdTGkviM5B%2FBhfdEbrAFs9AkXLI5kNH%2BYDxd57ahxdnkTx5TfVb8OWd%2FiVcYjpXVUw0nGoO6n921dZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/extensions/109e66ff-7302-4a9f-a7b2-d08bd1d84b8d/forms-312/assets/chunk-WSM5TMEH.js>; rel="canonical"
cf-ray: 84422463984936c8-YYZ

POST
H3 200 produce_batch
shop.hak5.org/.well-known/shopify/monorail/unstable/ 0
734 B 73ms
72ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shop.hak5.org/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/s/trekkie.storefront.f2da2901761ed691d459433ada0e4d90e085713c.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=46.999931
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: e413287a-7c58-456e-8bfc-b67fcd75ac0d
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qC1VN8q9ZTm7GDToISO9ywGMrzZDlYjITESlyywln%2By5l7cCtOlDW1tVl%2B3rXP0scgMLoaIgpbGONPQYbrcYhO%2BGCIhRBaRkOu%2BM2wq%2B1He%2Bwg9RmwChL6k8%2F%2B%2BPBPE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://shop.hak5.org
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 84422463bc787133-YUL

POST
H3 200 produce_batch
shop.hak5.org/.well-known/shopify/monorail/unstable/ 0
724 B 80ms
80ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shop.hak5.org/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/s/trekkie.storefront.f2da2901761ed691d459433ada0e4d90e085713c.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=55.000067
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: 89b11518-a9d4-4345-88a1-47bd2bb68da3
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDNsh3n%2Fd1iPty7%2Bhf2aE5Yw3SKGB2N9QVSxCugjpBa0dkJSWib0pcTK3iWCpmq6sZlThXVJr5cDq7MH3Q2Nl9mFusI%2B4iTFFEv9ol7A%2Fn3pFmsLhBlWizLTqFDflf4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://shop.hak5.org
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 84422463bc807133-YUL

POST
H3 200 produce_batch
shop.hak5.org/.well-known/shopify/monorail/unstable/ 0
723 B 73ms
73ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shop.hak5.org/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/s/trekkie.storefront.f2da2901761ed691d459433ada0e4d90e085713c.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=46.999931
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: 60a518ac-4525-4a0b-bb04-57b6a7704315
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZBaNz85yn05hvgF5aeRcHh8i7EdHYYIjiaRQdmlX7XKWX%2B4yN0GyC0X%2BQpSRHsv45AdcmIVnLTyHHNjKLh7qnZP5Nrseybby9aVGIbbCcrwFmDMZaLXP46PT7k2bCc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://shop.hak5.org
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 84422463bc817133-YUL

GET
H3 200 dish5-min.png
cdn.shopify.com/s/files/1/0068/2142/t/59/assets/ 72 KB
73 KB 33ms
33ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/59/assets/dish5-min.png

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

c72c10aa2e734d61df9ea2c6964b2079b682aaa336535edd433be3c31f697fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 3862091
source-type: image/png
server-timing: imagery;dur=157.239, imageryFetch;dur=63.487, imageryProcess;dur=93.091;desc="image", cfRequestDuration;dur=13.000011
source-length: 87826
content-length: 73416
x-xss-protection: 1; mode=block
x-request-id: 6618f424-134d-4fa9-9b17-6d47d9cb23ca
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 24 Nov 2023 07:46:36 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xcul0LzBbMkz61lAbxzcCh850coHqEb7fur3Nhtdmv4qFqV5DbJv%2Fv%2Bc97QNNpiPdZr995SbFcp2wBJqUdMq6FijTrZ9S9DqHqJ3m6p59BRaJ9LnkQ6qVfNTnfX6J4QQUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/59/assets/dish5-min.png>; rel="canonical"
cf-ray: 84422463df2e39e9-YYZ

GET
H2 200 form_instances Show response
forms.shopifyapps.com/api/v2/ 28 KB
7 KB 176ms
175ms Fetch
application/json 185.146.173.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.shopifyapps.com/api/v2/form_instances?shopify_domain=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae494b7e7408640a9a96d20b5d3f7910b7459b075663e846884717e3697a2fc2

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self'; style-src https: 'self' 'unsafe-inline' cdn.shopifycloud.com; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' cdn.shopifycloud.com; connect-src 'self' https:; img-src 'self' https: data: cdn.shopifycloud.com blob:; upgrade-insecure-requests; frame-ancestors hakshop.myshopify.com https: *.myshopify.com admin.shopify.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
content-security-policy: default-src https: 'self'; style-src https: 'self' 'unsafe-inline' cdn.shopifycloud.com; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' cdn.shopifycloud.com; connect-src 'self' https:; img-src 'self' https: data: cdn.shopifycloud.com blob:; upgrade-insecure-requests; frame-ancestors hakshop.myshopify.com https: *.myshopify.com admin.shopify.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: BYPASS
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-countrycode: CA
server-timing: processing;dur=70, socket_queue;dur=6.726, cfRequestDuration;dur=156.999826
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
x-request-id: 022ea18b-c492-4e77-9904-d8fa98b2c4d6
x-runtime: 0.068862
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ae494b7e7408640a9a96d20b5d3f7910"
x-download-options: noopen
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4DDf5Z%2BaKlsNAX0gNsE94g1QirEwbCTta0IpCjmJL7SGQwE2jswxMNbve2UN2pU%2Bf7Fi1vyXAJaDkFKrovTDs1aoQ40lqob9f4kiQ4g4TKjQ%2Bo3ToFm41v%2B%2BHZv0ZwSA3MmtCRmCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept, Origin
cache-control: max-age=0, private, must-revalidate
access-control-expose-headers: X-CountryCode
cf-ray: 844224651d47a20e-YYZ

OPTIONS
H2 200 form_instances
forms.shopifyapps.com/api/v2/ Frame 0
0 149ms
100ms Preflight 185.146.173.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.shopifyapps.com/api/v2/form_instances?shopify_domain=hakshop.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://shop.hak5.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844224647c10a20e-YYZ
content-length: 0
date: Fri, 12 Jan 2024 02:59:12 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjNu7HVwarUpH7JNbkRKlQFNlaCYUn3KUgBTRXdenFhff7xcppytw%2FmQYPKTs2yjiohLZzVCA39DdTT%2FJ7aYBwI8baO4%2BVKstVsLcvEynv2YfH5OGBESO7I1Q6eqJqasJuRfJnYFSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=0, socket_queue;dur=1.172 cfRequestDuration;dur=82.999945
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-dc: gcp-us-central1,gcp-us-east1
x-request-id: d87e7bea-ea2e-4836-bf8c-1abace3ef7c3

GET
H2 200 384728088611591 Show response
connect.facebook.net/signals/config/ 130 KB
34 KB 90ms
90ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/384728088611591?v=2.9.140&r=stable&domain=shop.hak5.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

c6a12e9414c4cc585afff0217ef83507945ee97e3f0fa82c721b677220e7cecd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Jan 2024 02:59:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: LZ6tC0UWULLhvrzIuiFy9lPlt8zcK8ahBdO8KqZCIGdTXTtAAlx9NQsBe/b0ZHF2m+hNgMuPQSXNuHTMPDY1sg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 37ms
36ms Font
font/woff2 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Manjari:400,700|Nunito:300,400,600,700,800|Roboto:300,400,500,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:46:08 GMT
x-content-type-options: nosniff
age: 151984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 08:46:08 GMT

POST
H3 200 produce_batch
shop.hak5.org/.well-known/shopify/monorail/unstable/ 0
728 B 75ms
75ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shop.hak5.org/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=50.000191
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: cc619c6e-9f28-493e-a74e-768fae47e35b
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsvsbn18eX8JrTP%2BC46%2B4rsBTvx1dVPAQSp7AEdb76ZX%2Fcj2%2Bb7iB%2BxrBih9ZzhdDBzX3AGJSWbYkPBQdHtGzwWM99fhC0mMdghrZofvTnYm5iBUws%2F1NuGSGEPjaPs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://shop.hak5.org
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 84422465efd57133-YUL

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 205 KB
75 KB 53ms
52ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=MC-Q91E4THL33&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-630457502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

a3508401efd4064845247dee5743249ceeeebfff8d5a432421e125a098d6a6ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76320
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jan 2024 02:59:12 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/630457502/ 3 KB
2 KB 129ms
55ms Script
text/javascript 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/630457502/?random=1705028352954&cv=11&fst=1705028352954&bg=ffffff&guid=ON&async=1&gtm=45be41a0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer&label=RpYMCOHM9JkYEJ6J0KwC&tiba=Everything%20Password%20Stealer%20-%20Hak5&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=1468863781.1705028353&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2Fblogs%2Fpayloads%2Feverything-password-stealer&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-630457502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

7050e9acf5db39db2e319314bb3faa8bf01390ad10711c26322d6ca14cb00cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 02:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1606
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 103ms
34ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=384728088611591&ev=PageView&dl=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer&rl=&if=false&ts=1705028352966&sw=1600&sh=1200&v=2.9.140&r=stable&a=shopify&ec=0&o=4126&fbp=fb.1.1705028352965.190231387&ler=empty&it=1705028352725&coo=false&eid=sh-fb9bfc13-8CE8-413C-77D0-0D3FCCB6BA6B&rqm=GET

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 Jan 2024 02:59:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
www.merchant-center-analytics.goog/mc/ 0
244 B 117ms
43ms Ping
text/plain 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.merchant-center-analytics.goog/mc/collect?v=2&tid=MC-Q91E4THL33&gtm=45ve41a0v9121418533&_p=1705028352561&gcd=11l1l1l1l1&dma=0&cid=2059743091.1705028353&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fblogs%2Fpayloads%2Feverything-password-stealer&dt=Everything%20Password%20Stealer%20-%20Hak5&dl=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer&sid=1705028353&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1368
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=MC-Q91E4THL33&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.163.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wv-in-f139.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 02:59:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shop.hak5.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.ca/pagead/1p-conversion/630457502/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/630457502/?random=223114727&cv=11&fst=1705028352954&bg=ffffff&guid=ON&async=1&gtm=45be41a0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&ur...
https://www.google.com/pagead/1p-conversion/630457502/?random=223114727&cv=11&fst=1705028352954&bg=ffffff&guid=ON&async=1&gtm=45be41a0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fshop....
https://www.google.ca/pagead/1p-conversion/630457502/?random=223114727&cv=11&fst=1705028352954&bg=ffffff&guid=ON&async=1&gtm=45be41a0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fshop.h...

42 B
455 B

126ms
49ms

Image
image/gif

142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/630457502/?random=223114727&cv=11&fst=1705028352954&bg=ffffff&guid=ON&async=1&gtm=45be41a0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer&label=RpYMCOHM9JkYEJ6J0KwC&tiba=Everything%20Password%20Stealer%20-%20Hak5&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=1468863781.1705028353&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2Fblogs%2Fpayloads%2Feverything-password-stealer&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ01ELXJBWVE4TVNTM095cjFKQVhFaVlBTU1ueHB3UUpOSTJDWHFTcURDSGdvd0t2Y0hVSWJ1eDU0NGVrT2lYa3NhVTltTXNSd3caWENoQUlnTUQtckFZUWpyYUdxSUxCb0pJakVpNEFrMXBtQ2c1UmxnUll5OEVYNzllX0dydGJ4U25hTDBpbkxPZXc1YUg3SFFYYjdDUEdyemFKUVFVQWhpd0EiEwjTo8PK7daDAxW6jVoFHZPHAiM&is_vtc=1&ocp_id=AaugZZOfA7qb6toPk4-LmAI&cid=CAQSGwAvHhf_aNNdQlGpbfo_99Guzdb55D44MGPvsQ&random=3282367815&ipr=y

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 02:59:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 02:59:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ca/pagead/1p-conversion/630457502/?random=223114727&cv=11&fst=1705028352954&bg=ffffff&guid=ON&async=1&gtm=45be41a0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer&label=RpYMCOHM9JkYEJ6J0KwC&tiba=Everything%20Password%20Stealer%20-%20Hak5&hn=www.googleadservices.com&frm=0&gtm_ee=1&auid=1468863781.1705028353&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2Fblogs%2Fpayloads%2Feverything-password-stealer&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ01ELXJBWVE4TVNTM095cjFKQVhFaVlBTU1ueHB3UUpOSTJDWHFTcURDSGdvd0t2Y0hVSWJ1eDU0NGVrT2lYa3NhVTltTXNSd3caWENoQUlnTUQtckFZUWpyYUdxSUxCb0pJakVpNEFrMXBtQ2c1UmxnUll5OEVYNzllX0dydGJ4U25hTDBpbkxPZXc1YUg3SFFYYjdDUEdyemFKUVFVQWhpd0EiEwjTo8PK7daDAxW6jVoFHZPHAiM&is_vtc=1&ocp_id=AaugZZOfA7qb6toPk4-LmAI&cid=CAQSGwAvHhf_aNNdQlGpbfo_99Guzdb55D44MGPvsQ&random=3282367815&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@3.3.7/dist/js/ 36 KB
11 KB 54ms
17ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.3.7/dist/js/bootstrap.min.js

Requested by

Host: spa.spicegems.com
URL: https://spa.spicegems.com/js/src/latest/hakshop.myshopify.com/scriptTag.js?shop=hakshop.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 Jan 2024 02:59:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6573667
x-jsd-version: 3.3.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10608
x-served-by: cache-fra-etou8220021-FRA, cache-yyz4530-YYZ
x-jsd-version-type: version
etag: W/"90b5-QwpEPXSDD+m+Ju/KQx9EjBs3QPk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 zendesk-embeddable.js Show response
cdn.shopify.com/s/files/1/0068/2142/t/29/assets/ 816 B
1 KB 37ms
36ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/29/assets/zendesk-embeddable.js?3890532028372151315&shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

0d89fa55d6697fdc456f94357470800c8bca97fe48aab78ee67ac84f8d2ea8ce

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 9294
content-encoding: br
server-timing: imagery;dur=71.045, imageryFetch;dur=69.545, cfRequestDuration;dur=18.000126
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f6b88321-9ca4-430e-b5e1-e91598032504
last-modified: Fri, 12 Jan 2024 00:13:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qle26rojvaGQTQduJPSyEoF6jlnc9d9VusvgajKk9XaZE5G9Uf2VyqvDlYISS9MDhCNK8pHhuKyMUP1zrFElkPisTzNOHxCyV60WVtj%2BUWyd2bDhzWjbRSQUdKHOhzN5kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/29/assets/zendesk-embeddable.js>; rel="canonical"
cf-ray: 84422468c80239e9-YYZ

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 46 KB
15 KB 125ms
49ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js?shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Oct 2023 15:11:46 GMT
server: nginx
etag: W/"652569b2-b614"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Jan 2024 02:59:13 GMT

GET
H2 200 platform.js Show response
shy.elfsight.com/p/ 10 KB
4 KB 129ms
81ms Script
application/javascript 104.22.68.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shy.elfsight.com/p/platform.js?v=1.5.7&shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7d87832231c0254188f01e9288d261c56e6050e723ed8aebe1d9b4f58cb26a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 13:26:45 GMT
server: cloudflare
strict-transport-security: max-age=0
age: 1211
etag: W/"63987d95-2711"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 844224691f64a1db-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK easyquote.js Show response
app.easyquote.pw/ 11 KB
11 KB 526ms
139ms Script
application/javascript 95.216.147.64
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.easyquote.pw/easyquote.js?url=https://app.easyquote.pw&shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.147.64 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.64.147.216.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 89a7ce51a53cc9b3e867ed81384ab87efc3f506e3796f7453d8426a2338df862

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 02:59:13 GMT
Last-Modified: Mon, 01 Jan 2024 02:32:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "65922454-2bf7"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11255

GET
H3 200 postscript-sdk.js Show response
cdn.shopify.com/s/files/1/0068/2142/t/44/assets/ 3 KB
2 KB 42ms
37ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/t/44/assets/postscript-sdk.js?v=1592432296&shopId=7832&shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

80eb9b628ad554a45cdbcadda2462afbe5bc76c4615de58d2d5150fbd83c0627

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 13484
content-encoding: br
server-timing: imagery;dur=59.998, imageryFetch;dur=57.942, cfRequestDuration;dur=18.999815
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8297c129-ec42-404d-804e-079f22bd21c4
last-modified: Thu, 11 Jan 2024 22:56:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khXUhhAnxhz%2Bvm3GQhSVtRNTWlAB9lLQWLl6Dubdd8OeGToYzyX1gCozR8HyT5f%2B0fZ4k%2FPlkih6DQsAIblauSwzpzoCH5Ir6fo%2BpcbSesIe8jtlQGQpCzokDLeoA7hVCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/t/44/assets/postscript-sdk.js>; rel="canonical"
cf-ray: 84422468d80e39e9-YYZ

GET
H/1.1 200
OK init Show response
social-login.oxiapps.com/api/ 383 B
712 B 217ms
54ms Script
text/javascript 104.197.53.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://social-login.oxiapps.com/api/init?vt=928351&shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.197.53.66 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.53.197.104.bc.googleusercontent.com

Software

nginx/1.12.1 / PHP/5.5.9-1ubuntu4.24

Resource Hash

f392191c7cd93ef056e67a3b9255ec5a854f41b4caa87ec1b9161e6d1aa3fadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: public
Date: Fri, 12 Jan 2024 02:59:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-modified: Fri, 12 Jan 2024 01:01:28 GMT
Server: nginx/1.12.1
X-Powered-By: PHP/5.5.9-1ubuntu4.24
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: max-age=135, public
Connection: keep-alive
Expires: Fri, 12 Jan 2024 03:01:28 GMT

GET
H2 200 re-order.js Show response
reorder-master.hulkapps.com/reorderjs/ 59 KB
11 KB 33ms
28ms Script
application/javascript 104.26.4.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://reorder-master.hulkapps.com/reorderjs/re-order.js?1668989323&shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

093ac2fbf305628d9f4fc147888a027a4152c6ebd2db652b9b84c25ae0eafa19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1210
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 09 Nov 2023 06:18:40 GMT
server: cloudflare
etag: W/"654c79c0-ecd9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xlcyn6y5P%2BaYaJmVqD9E70W91PJIak3MLeAJOTwTJNWkRRfzcfi%2B4AyT5vDAjKbGtfibn1DauKZHbSYnvDbZhiEP6oGh%2BON2%2F711MYNDDNMgo%2Fwu%2B6I8wkbyhetDKzi7BBoihYZxiamEfpyqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84422468df41a24c-YYZ

GET
H2 200 eventpromotionbar.js Show response
cdn.hextom.com/js/ 107 KB
23 KB 151ms
62ms Script
application/javascript 13.33.165.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hextom.com/js/eventpromotionbar.js?shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.165.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-165-53.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18b677c0268f0de166ef3b002ba810aacc46fe0d818db3b0e41bf2a00654c36f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:03:07 GMT
content-encoding: gzip
via: 1.1 e93a60ebfa6b75999bc2059ce06c6526.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 19:30:47 GMT
server: AmazonS3
x-amz-cf-pop: YTO50-C3
age: 28567
etag: "7f443d454b3e6395b20d7992408d042e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 23129
x-amz-cf-id: Asi4nAFsCy3nliDFtvxlEqRgu2Egkv_A0aZMR-EZOdKfm3xV5FfQdQ==

GET
H2 200 freeshippingbar.js Show response
cdn.hextom.com/js/ 63 KB
17 KB 144ms
55ms Script
application/javascript 13.33.165.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hextom.com/js/freeshippingbar.js?shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.165.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-165-53.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80f5f45af20480963e8905994ca649b22ce2c9367d00599820d5d963cfd23d7f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:03:07 GMT
content-encoding: gzip
via: 1.1 e93a60ebfa6b75999bc2059ce06c6526.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jan 2024 18:03:41 GMT
server: AmazonS3
x-amz-cf-pop: YTO50-C3
age: 28567
etag: "4b9e1e79dd74d9efbe8f0bd63c3cb0ac"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16720
x-amz-cf-id: edOqGuTvd7T8NqFo0BHTVckysoYE414S-qMwSjpFxLlhIat553Z_mg==

GET
H2 200 lastsecondcoupon.js Show response
cdn.hextom.com/js/ 33 KB
12 KB 154ms
65ms Script
application/javascript 13.33.165.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hextom.com/js/lastsecondcoupon.js?shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.165.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-165-53.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 102af085a7862126f2483b4a87c131e7ea3f203cab1a31e463eebb7e46fafe1a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:03:09 GMT
content-encoding: gzip
via: 1.1 e93a60ebfa6b75999bc2059ce06c6526.cloudfront.net (CloudFront)
last-modified: Tue, 31 Oct 2023 17:52:06 GMT
server: AmazonS3
x-amz-cf-pop: YTO50-C3
age: 28565
etag: "5faa852be1f2ca809d7adb09cf23421f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 12250
x-amz-cf-id: _sPDs3EFglnUg7sO-ELANZvZilRiAeXta8gNMeom31b3LEMud_J6ag==

GET
H2 200 easy_product_dl_get_product_download.js Show response
app-easy-product-downloads.fr/js/ajax/ 54 KB
10 KB 107ms
35ms Script
application/javascript 159.89.51.155
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app-easy-product-downloads.fr/js/ajax/easy_product_dl_get_product_download.js?shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

159.89.51.155 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9487cc44b6b12f122d1b85752ed59a1a77cb9863d9a4f6132819f56a74623eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Sep 2023 07:37:22 GMT
server: nginx
etag: W/"64fec3b2-d642"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 richpanel_shopify_script.js Show response
cdn.richpanel.com/js/ 25 KB
6 KB 145ms
45ms Script
application/javascript 13.226.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.richpanel.com/js/richpanel_shopify_script.js?appClientId=hak58601&tenantId=hak5860&shop=hakshop.myshopify.com&shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-139-67.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f721a76e7b7d5705065d495a4935c93c988aa14d7b834dd4d01f2565b5fe876

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:36:09 GMT
content-encoding: gzip
via: 1.1 3f97ce77b80aa342632c43cea94d6262.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jan 2024 13:53:25 GMT
server: AmazonS3
x-amz-cf-pop: YTO50-C2
age: 51791
x-amz-server-side-encryption: AES256
etag: W/"e631aaa0cda83521d3ad59d498301b09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -rt1bQgurYaDppAbOjS344kJHerqS7Lke5fli3bzEpsQF100elBpkA==

GET
H2 200 embed.js Show response
gallery.cevoid.com/ 145 B
987 B 143ms
44ms Script
application/javascript 169.150.236.99
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://gallery.cevoid.com/embed.js?shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.236.99 Chicago, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-169-150-236-99.datapacket.com

Software

BunnyCDN-IL1-1069 /

Resource Hash

a9c1185153225c0ffec5c9d8ae4ac9a29301fba1a076f687dc6d0a4180fe98d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cdn-edgestorageid: 871
age: 1067955
cdn-cachedat: 01/03/2024 01:56:03
cdn-pullzone: 827019
content-disposition: inline; filename="embed.js"
server: BunnyCDN-IL1-1069
x-vercel-id: cle1::r2rhk-1704246963534-1708a358d7e9
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"0b4cb224d343afc34a0959e24df8ee40"
x-vercel-cache: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ebdc315b-a275-4912-b034-77e22b8dec79
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
cdn-requestid: d547ccc034994fac1da6c52b9b04aaf5
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 platform.js Show response
shy.elfsight.com/p/ 10 KB
4 KB 102ms
102ms Script
application/javascript 104.22.68.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shy.elfsight.com/p/platform.js?shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7d87832231c0254188f01e9288d261c56e6050e723ed8aebe1d9b4f58cb26a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 13:26:39 GMT
server: cloudflare
strict-transport-security: max-age=0
age: 2605
etag: W/"63987d8f-2711"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 844224692f8da1db-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 variant-description-app.js Show response
cdn.shopify.com/proxy/8ed777bb9319d8665f5b4dee6e36d7fbc9b91005c0a8e7b770dbe12eca26bcd6/variant-description.herokuapp.com/scripts/ 8 KB
4 KB 72ms
69ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/proxy/8ed777bb9319d8665f5b4dee6e36d7fbc9b91005c0a8e7b770dbe12eca26bcd6/variant-description.herokuapp.com/scripts/variant-description-app.js?shop=hakshop.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

9984478a14a7922d107383cf71af4f791ae3381700fc64890b6c654c7c36ee70

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-security-policy: default-src 'none'; sandbox;
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
content-encoding: br
content-disposition: attachment
server-timing: imagery;dur=151.196, imageryFetch;dur=150.422, cfRequestDuration;dur=50.999880
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701337570&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=4uynN1xxxJ%2FfMvcdNeKOGds6o48bHJOFuAjuumpZ3uY%3D
x-request-id: 893b8468-3b8f-4034-a866-5f3de77b9101
last-modified: Tue, 17 Oct 2023 06:50:05 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjxQXVHOeQwDuS2S2QAc%2BXRKwZ52%2FS2VnFoehvz6q9XvnqM5u4KGU167GVaZ9BnuUe9h3%2FkRu8G5XoNDEDxOaPdblXey4bH4XU7OGYP%2Br6Vko1Mkp%2BCyUAQpKL5VsTJikQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600
timing-allow-origin: *
link: <https://cdn.shopify.com/proxy/8ed777bb9319d8665f5b4dee6e36d7fbc9b91005c0a8e7b770dbe12eca26bcd6/variant-description.herokuapp.com/scripts/variant-description-app.js>; rel="canonical"
cf-ray: 84422468d81039e9-YYZ

GET
H3 200 pandectes-core.js Show response
cdn.shopify.com/proxy/5e51f64a286f3ebbcd5fa54e72fd8e9eb6c3001c07c4fe954e7055282f36bf60/s.pandect.es/scripts/ 81 KB
25 KB 75ms
73ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/proxy/5e51f64a286f3ebbcd5fa54e72fd8e9eb6c3001c07c4fe954e7055282f36bf60/s.pandect.es/scripts/pandectes-core.js?shop=hakshop.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

0e6569ac12a1dd83fb0703042365e57e3c6329608bd356ce66997fbc36bb7386

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-security-policy: default-src 'none'; sandbox;
via: 1.1 98b7320b51e0959a196c1c67c329533c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
content-encoding: br
content-disposition: attachment
server-timing: imagery;dur=13.621, imageryFetch;dur=13.261, cfRequestDuration;dur=55.000067
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6bf27b4c-9153-48c5-b0f3-b9b1350547f9
last-modified: Wed, 03 Jan 2024 11:35:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hh33QBRebJ8Am7O%2F%2F%2BkLHVF2TxHjyJRAyHBaJi1TTKC%2FRmIRjKHsU4Di1UCyN6bst72pgDNWG1NSZPzvSjsxhwfz2fll7k3r14hVd1jEftVAgI9oEmIjU%2FfqFgDaOoBbxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
timing-allow-origin: *
link: <https://cdn.shopify.com/proxy/5e51f64a286f3ebbcd5fa54e72fd8e9eb6c3001c07c4fe954e7055282f36bf60/s.pandect.es/scripts/pandectes-core.js>; rel="canonical"
cf-ray: 84422468d81139e9-YYZ

GET
H2 200 launcher.js Show response
cdn.verifypass.com/seller/ 4 KB
2 KB 96ms
49ms Script
text/javascript 104.21.36.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.verifypass.com/seller/launcher.js?shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.36.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f25a8612359264b93d122f3e10a1dd0c6cc6ba8f42e1fbde39d7d05c4c6e61

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4K1XXKER9DTG99MX
age: 2756
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 9xIYC+fS1oVlK/mSCePXlA/OsQT2HKK6BlJjXxbGmeDwdDg+pGMsQDZKVQAXCf9duuaTDzXYHew=
last-modified: Mon, 21 Aug 2023 18:04:07 GMT
server: cloudflare
etag: W/"052a6d14a02e9fc727bb907aaae181e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJH9VU4tLgcgeC1Wc%2BYZzjLyZfn2miLbY0mC8R%2F5efX3h8JUSQnW2HOtTZw5hjHn3pQQcmBKQcfuDydibZIJuznb4Bt3I0P70UccOja0qhzDMCuQa5iHVr3X%2B81FG3mvcMPoYZk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84422469cc5a36cf-YYZ

GET
H2 200 device.js Show response
services.nofraud.com/js/ 16 KB
7 KB 130ms
46ms Script
text/javascript 34.192.153.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://services.nofraud.com/js/device.js?shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.153.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-153-252.compute-1.amazonaws.com

Software

/ Express

Resource Hash

41f902f4dceaf354a347b188c6f93d85a06747aa27be4011ecf9316754a87eca

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: gzip
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-headers: nofraud

GET
H2 200 customizery.js Show response
d1liekpayvooaz.cloudfront.net/apps/customizery/ 173 KB
55 KB 230ms
124ms Script
application/javascript 18.67.21.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1liekpayvooaz.cloudfront.net/apps/customizery/customizery.js?shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.21.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-21-187.yto50.r.cloudfront.net

Software

nginx /

Resource Hash

9848a862690624c479018d527e3dc2ce851aed35b76ce7780ebab860aa229887

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .myshopify.com admin.shopify.com .getmesa.com *.theshoppad.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-security-policy: frame-ancestors 'self' *.myshopify.com admin.shopify.com *.getmesa.com *.theshoppad.com
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f92b450b48c98e711c027c1986c59944.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: YTO50-P1
x-flag: master
p3p: CP="NOI ADM DEV PSAi NAV OUR STP IND DEM"
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
pragma: cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding, Origin
x-header: f1eb0ba511e2
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: public, max-age=120
x-service: production
x-amz-cf-id: i99tHN6C42pzOmqz7mq5Zqrl3UyCizeeUGmKD3B-wg_3gs2VK09LLA==
expires: Fri, 12 Jan 2024 03:01:13 GMT

GET
H3 200 shopify-product-customizer.js Show response
cdn.shopify.com/proxy/f39ee967069193ed7a369b503abcde9452e43a00f6c261870de8951cea1468bd/static.cdn.printful.com/static/js/external/ 11 KB
5 KB 67ms
66ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/proxy/f39ee967069193ed7a369b503abcde9452e43a00f6c261870de8951cea1468bd/static.cdn.printful.com/static/js/external/shopify-product-customizer.js?v=0.28&shop=hakshop.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

a6f1fa128cb57c47533f60f453d1857045b9396c08d582c8f69e269c98960abe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-security-policy: default-src 'none'; sandbox;
via: 1.1 4b6fe71895284848be1dfbfa1aef98b6.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-disposition: attachment
server-timing: imagery;dur=22.444, imageryFetch;dur=21.287, cfRequestDuration;dur=46.000004
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 22d8a0eb-8391-4633-9e74-17fda173cc19
last-modified: Wed, 08 Mar 2023 11:37:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPqQw%2FU8ymBzgmz9Wg0nyJvHQbcJhYYR9u2laDe8ZGG4qMLyAkgnaHDatrMBv2g7reaI%2BF7vNK0H0k4Z7IOiTx4E2hHE6zSSgFn2PyNYhIZsC6%2FuqDpNJpMCp9RgbFy%2FOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
timing-allow-origin: *
link: <https://cdn.shopify.com/proxy/f39ee967069193ed7a369b503abcde9452e43a00f6c261870de8951cea1468bd/static.cdn.printful.com/static/js/external/shopify-product-customizer.js>; rel="canonical"
cf-ray: 84422468d81439e9-YYZ

GET
H2 200 14756_1681165621.js Show response
app.backinstock.org/widget/ 105 KB
27 KB 109ms
42ms Script
text/javascript 172.64.160.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.backinstock.org/widget/14756_1681165621.js?category=bis&v=6&shop=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.160.31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd8d09414809c893b7ccad8bce787e1db4e0723af8d698acd863d3fb21da27e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 968336
content-encoding: br
p3p: CP="Not used"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 06f7c69e-69b5-4cbe-8b3d-eba85f95b2ac
x-runtime: 0.054250
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Apr 2023 22:27:01 GMT
server: cloudflare
etag: W/"2ac2da29f8489bcfca0f5fda0227b534"
x-download-options: noopen
x-frame-options: ALLOWALL
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZV1uszIiudJbGkXefke9O7vHbUqOPRC4UZz7vy8H0SQXGJgyT3gaoBwS0eLJoA0wAxoESVbVIeXBx3tqV9MsIcG8Mi1r4KI79QvxtsWXJRiqhT574%2FYdAd6ntodgrYH9Y03Cntz"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2629746
cf-ray: 8442246a2b027290-EWR

GET
H/1.1 200
OK cfhda-gd6vduNV2x2nxY3jydde.js Show response
spcdn.incartupsell.com/ 190 KB
50 KB 105ms
34ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://spcdn.incartupsell.com/cfhda-gd6vduNV2x2nxY3jydde.js?c=1703474934&shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: WasabiS3/7.17.2963-2023-12-15-e1a2a5e70a (head2) /
Resource Hash: dd660ad7d1e9aad58ed4fdf5cf4ea5f200d9504228b01b23051b6dd46d0b79dc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 02:59:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Dec 2023 03:28:54 GMT
Server: WasabiS3/7.17.2963-2023-12-15-e1a2a5e70a (head2)
x-amz-request-id: 71713FD3CFAF3BA7:B
ETag: "d2327c81ba1e5c07c2cfe4095054be38"
X-HW: 1705028353.cds218.ch4.hn,1705028353.cds225.ch4.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2454
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51026
x-amz-id-2: rnFD6rgaXu3M4dWiKQ7Ul3xDQSqxNjnGUAq8KyOctzvDA8RpmDFJjJH1F0RyctOsbX7P3h4L+k/Q

GET
H2 200 shopify.widget.js Show response
shopify-widget.route.com/ 67 KB
13 KB 173ms
47ms Script
application/javascript 18.245.96.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify-widget.route.com/shopify.widget.js?shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.96.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-96-11.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12a59c39da54e4716860e589c7c672e78c4e5387f100a792a93d4da87e0b03cf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 17:20:34 GMT
x-amz-version-id: H6cVCyHJ_uZvpJB_6dNmHk7DaYqFIR8q
content-encoding: gzip
last-modified: Thu, 11 Jan 2024 17:20:32 GMT
server: AmazonS3
via: 1.1 0f0b1a29daedcaef491f1558b9ebf0f6.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P3
etag: W/"e0609c7aa123b079209f36ca4215984f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 34720
x-amz-cf-id: RYmKrOxCPXEVbAOvlMwvp_mKC08kXlxzEub3KSaxwo3B8rLolDG_ZQ==

GET
H3 200 cart.js Show response
cdn.shopify.com/proxy/d052318bdb34b9e3a86dd7e19880bd309b01e200067205620f498d73e473a98b/app.ilovebyob.com/static/shopify_app/js/ 1 KB
1 KB 55ms
54ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/proxy/d052318bdb34b9e3a86dd7e19880bd309b01e200067205620f498d73e473a98b/app.ilovebyob.com/static/shopify_app/js/cart.js?shop=hakshop.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

70b01118babfb2538a2b49b39ac5811718dea6d07c021d6eb11c27fbb58910ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-security-policy: default-src 'none'; sandbox;
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
content-encoding: br
content-disposition: attachment
server-timing: imagery;dur=176.832, imageryFetch;dur=176.156, cfRequestDuration;dur=34.000158
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 08db4eb5-8c17-4cb3-abc4-0463a8a73d19
last-modified: Tue, 16 May 2023 09:26:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNsfsM3UAAYKzMLazrp2NU%2BqBJAgJynqA8zxu4n3RKKKtY96tNADGexKzr8ubulx9Sxh5bWsFHgAld4ChuhilB0f813OiWy6I5a9g5aZUV51naKxbI59cRS8cuXzGqXjGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
timing-allow-origin: *
link: <https://cdn.shopify.com/proxy/d052318bdb34b9e3a86dd7e19880bd309b01e200067205620f498d73e473a98b/app.ilovebyob.com/static/shopify_app/js/cart.js>; rel="canonical"
cf-ray: 84422468d81739e9-YYZ

GET
H/1.1 200
OK shop.js Show response
cdn.refersion.com/ 44 KB
45 KB 150ms
48ms Script
application/x-javascript 13.226.139.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.refersion.com/shop.js?key=pub_355091c9c4a36690e083&check_token=true&shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/blogs/payloads/everything-password-stealer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.139.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-139-18.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16701a9c39423db1ce993af1de65278f79277783570be4d9f9b68fc929bc95b0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: jz6sJcdYns52z_XR0_3XhgGULuyyC_I_
Date: Thu, 11 Jan 2024 15:41:04 GMT
Via: 1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YTO50-C2
Age: 40690
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-codebuild-content-md5: 91ec5cf5fda69cb6cd86040e2dd38391
Content-Length: 45275
Last-Modified: Wed, 22 Feb 2023 15:36:53 GMT
Server: AmazonS3
ETag: "cc977ab0092de6dacc15d3692cbf1d89"
x-amz-meta-codebuild-content-sha256: 42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
Content-Type: application/x-javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: dZjJZY3-_d5c04fissq8N-w-uvRbarYz7Pix9JvpzKJsj4lZgHn4Bw==

GET
H3 200 runtime.latest.en.7974f96f0a3f75176f55.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
4 KB 34ms
33ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.7974f96f0a3f75176f55.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 15969
content-encoding: br
server-timing: imagery;dur=21.492, imageryFetch;dur=20.425, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c2d1fc47-2e3f-410c-9ad5-23e421bbcf82
last-modified: Thu, 11 Jan 2024 22:20:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1RHBm7Anx1mCd%2BFB4KSpUzOGCJbpTqwyiae0hyWqBIJ21WpnDmxBoEPOMshH4oSjP5PLPqo%2BJdsJewsPjzG12jU0Dww87l6Sjv868KIotgXQOXh2r8W8RkUOl1xe2C2HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.7974f96f0a3f75176f55.js>; rel="canonical"
cf-ray: 84422468dad036c8-YYZ

GET
H2 200 spin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/spin.js/2.3.2/ 4 KB
2 KB 66ms
26ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/spin.js/2.3.2/spin.min.js?_=1705028352242

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/shop/t/57/assets/app.js?v=58165092932666955681685916278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e27aa13441d103329a705eb4f349942bead5855f75b92a4c91572175ccddde8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3609253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1827
last-modified: Mon, 04 May 2020 16:16:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd6-10b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8ilxsQj2IdyFy6W7JJjhXb%2FjO3wI36t%2F2T4x%2BNutxea4VceiIaOmmdJUTLSkSS52PPS3fFc79cUdo4lK5zugzVJ5GwgjoV3GU8wCEmpiFWduDQAafT4q3gJHMTuTQx2dbPG7LM7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8442246a0a733704-YYZ
expires: Wed, 01 Jan 2025 02:59:13 GMT

GET
H3 200 cart.js Show response
shop.hak5.org/ 283 B
1 KB 149ms
149ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cart.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

6b9ec7b3b09323805016086ad9b9518d86f95bc2cf5076956367c2050078262b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=17;desc="gc:1", db;dur=5, asn;desc="212238", edge;desc="YUL", country;desc="CA", servedBy;desc="mg6d", requestID;desc="2b8b4463-6407-417c-8ffc-f95f87fabe65", cfRequestDuration;dur=121.999979
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 2b8b4463-6407-417c-8ffc-f95f87fabe65
x-shardid: 112
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 682142
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
content-language: en
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yO2NrUXpcQgs0tik1o0rLuFAMpO4mQ%2BQTWKPVKUBtCXR4MIfBGTXZby8TgjVz9vBePLRayQJ9gQYltDAaHm4f9WCjdiy%2B%2Ffnt6seiC2EtkwgK8zw2g8xNYZfG8zw%2Fdc%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 844224690d637133-YUL
x-sorting-hat-podid: 112
x-cartjs-updatedat: 0

GET
H3 200 431.latest.en.7425d35eef441dd4f5ab.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
79 KB 83ms
83ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/431.latest.en.7425d35eef441dd4f5ab.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 19126
content-encoding: br
server-timing: imagery;dur=26.286, imageryFetch;dur=26.043, cfRequestDuration;dur=52.999973
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b969ffd1-f145-4d34-8661-25ebb276312e
last-modified: Thu, 11 Jan 2024 21:30:18 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YU5DBzZrXKDeYi%2B0XCR8OLkR7Lac8jXd6XiGOTOPXbQ%2FkHOwh%2FXNYqGHTqtfQqmtCcnUjbcWJMsMlRsnywxjBMTPtBwdokxpSn3QIP%2B1Ghf%2FoclWsYRQ6LgFEPGbdeTDhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/431.latest.en.7425d35eef441dd4f5ab.js>; rel="canonical"
cf-ray: 8442246a0cce36c8-YYZ

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/ Frame E266
Redirect Chain

https://assets.zendesk.com/embeddable_framework/main.js
https://static.zdassets.com/ekr/asset_composer.js

10 KB
5 KB

93ms
48ms

Script
application/javascript

104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Protocol

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
x-amz-version-id: UVyRrNCT14O0dfFWDj2LMoXLPgAxLFso
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 8AED5Z59RP2ZJ5DA
age: 41
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ElxLPFWBDiDcYhbcgk9cHiY1l8AAJIp8quRVfaebLoSrCi9b40bn6GMr92MDUV4zrfnl436olRjMxc1/u3CR3Q==
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h905S1mHDVr1ObIss0nI%2FkrqnBob%2FHfGBlXvFSuAmWNSPGVYCfRHCKZwcXaAzFEteoghFS1ZBzfMOchWQ8dVwnjDM0d1mMZ9zSXkyRMyhEeFDUzAeOCcW3QEW5kHPO0usoB13Os%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 8442246b6ffb3a03-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTWXPYrhSR5ZV3bXt7d8o2wygzAE9PjBBn1gpaRtNRv3tQDrFs%2BagxQUaUZzsr9ZNHwQTpeZuFnl3kS0ZCHERUKSzYsMm%2FdVhuwsHRlw61XqA8ZtZF4k48HziSMN84Js3JQzdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.zdassets.com/ekr/asset_composer.js
cache-control: max-age=3600
cf-ray: 8442246a6d7639fa-YYZ
expires: Fri, 12 Jan 2024 03:59:13 GMT

GET
H2 200 get-banner-settings Show response
reorder-master.hulkapps.com/api/ 2 KB
1 KB 359ms
320ms XHR
application/json 104.26.4.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://reorder-master.hulkapps.com/api/get-banner-settings?domain=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09e8f75fb3e70b4ca978186faf7d23fe113970312de50278813408f17d4cf4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4lNW4rYr3%2Fo4KF%2FrelLv5MHMywo99o4Oi1oUUNSaH6o9V4NrwbLrUI6036TtW4b0WP0l86mqb%2Bkb%2BMRsW6k4HjwbL6pBQMEV5L5yEdtBBGlMwORITtJhIOi7X%2F4RWImAxP0VdsluC7eRQwQzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 8442246a58f036d0-YYZ
x-xss-protection: 1; mode=block

GET
H2 200 sdk.bundle.js Show response
sdk.postscript.io/ 234 KB
65 KB 350ms
302ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.postscript.io/sdk.bundle.js?shopId=7832

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0068/2142/t/44/assets/postscript-sdk.js?v=1592432296&shopId=7832&shop=hakshop.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98a0bfe704eb841d5f559187c5ab18091d9501eefa62b5bd3a3effb86c97bde3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"0f42e94b20ec06216908ec15cf3d001f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNGTsjXaM8mMmZKgnlDiL%2BpQblTB01R4cgM%2F666vGa9uGB4ctzbnkjwuOBSKgGEdM5HkrZ2W1K6wX8yAUjZqPLkdhJr%2BzY4mqFjF%2F1mMdleqih8mBvWkP380jSnCo3DyvgfNvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8442246a783936af-YYZ

GET
H2 200 index.js Show response
gallery.cevoid.com/ 152 KB
53 KB 187ms
86ms Script
application/javascript 169.150.236.99
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://gallery.cevoid.com/index.js

Requested by

Host: gallery.cevoid.com
URL: https://gallery.cevoid.com/embed.js?shop=hakshop.myshopify.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.236.99 Chicago, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-169-150-236-99.datapacket.com

Software

BunnyCDN-IL1-1069 /

Resource Hash

7eec795a7a126d55ce5686384417ee9878662741f926aa16a131335feac8c0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
cdn-edgestorageid: 1068
age: 13772
cdn-cachedat: 01/03/2024 12:59:10
cdn-pullzone: 827019
content-disposition: inline; filename="index.js"
server: BunnyCDN-IL1-1069
x-vercel-id: cle1::qhqd9-1704286750083-97ebff8405c7
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"3d8c57edc890c90a793321eb2c73fe37"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ebdc315b-a275-4912-b034-77e22b8dec79
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
cdn-requestid: ef301ee3df7eabc608d68d06817a7df2
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 rsvp.min.js Show response
cdn.jsdelivr.net/npm/rsvp@4/dist/ 15 KB
5 KB 18ms
17ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/rsvp@4/dist/rsvp.min.js

Requested by

Host: cdn-shopify-script
URL: webpack://cdn-shopify-script/./src/index.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

130f840441a3fd863db483b22f526c4b8c1e8c4a1f6882c5741fa374dd2c18ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 Jan 2024 02:59:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 34095
x-jsd-version: 4.8.5
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4924
x-served-by: cache-fra-eddf8230057-FRA, cache-yyz4530-YYZ
x-jsd-version-type: version
etag: W/"3bdb-+LRsKbRANUPbmObDTp+L6FDO3XY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK / Show response
gdpr-mm-geolocation.herokuapp.com/ 38 B
819 B 149ms
38ms XHR
application/json 54.224.34.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-mm-geolocation.herokuapp.com/?api_key=85313dee-ae48-47fe-a555-54d72315cce0
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.34.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-34-30.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: c77537c7649df07eccbc2603ca522210b3224150a6c394f32d6524cc2c8f0ee2

Request headers

Accept: application/json; charset=utf-8
Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 02:59:13 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
X-Powered-By: Express
Etag: W/"26-HMjD6Fl0kUmI77qc53ha8rfj34A"
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705028353&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=oWRDGUb8K3qQVJemNi0wXOzrcZw%2BsUF5HTh527xRE1w%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 38
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1705028353&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=oWRDGUb8K3qQVJemNi0wXOzrcZw%2BsUF5HTh527xRE1w%3D

GET
H2 200 / Show response
shy.elfsight.com/p/boot/ 8 KB
3 KB 147ms
146ms Script
text/javascript 104.22.68.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shy.elfsight.com/p/boot/?callback=__esappsPlatformBoot7728802410&shop=hakshop.myshopify.com&w=630963ce-f926-4e01-84ea-f008c0d07078

Requested by

Host: shy.elfsight.com
URL: https://shy.elfsight.com/p/platform.js?v=1.5.7&shop=hakshop.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bddb0bfba93bcb88131a0c18649b1152eadb4a24761b96c9e9143eaf876649

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
cf-apo-via: origin,host
cf-ray: 8442246a5987a1db-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6D1C 14 KB
6 KB 109ms
36ms Document
text/html 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=shop.hak5.org&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js?shop=hakshop.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://shop.hak5.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 02:59:13 GMT
server: Kestrel
server-processing-duration-in-ticks: 414650
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 fsb_get_bars Show response
fsb.hextom.com/ 2 KB
1 KB 115ms
40ms XHR
application/json 54.156.145.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fsb.hextom.com/fsb_get_bars?shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.145.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-145-102.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4dda8dbd144bbb4685d9506422880505f801026ed236b628d8d4f3d92272cb4a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Language, Origin, Cookie
content-language: en
content-type: application/json
access-control-allow-origin: https://shop.hak5.org
access-control-allow-credentials: true
content-length: 1048

GET
H2 200 epb_get_bars Show response
epb.hextom.com/ 51 B
245 B 113ms
39ms XHR
application/json 34.195.54.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://epb.hextom.com/epb_get_bars?shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.54.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-54-46.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 13de291769d9d69ddc145d3e8076931d5d3ef6f194a56b5f7bad9ff1382f4052

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
server: nginx
vary: Accept-Language, Origin, Cookie
content-language: en
access-control-allow-origin: https://shop.hak5.org
content-type: application/json
access-control-allow-credentials: true
content-length: 51

GET
H/1.1 200
OK osl.js Show response
social-login.oxiapps.com/js/ 34 KB
7 KB 53ms
53ms Script
application/javascript 104.197.53.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://social-login.oxiapps.com/js/osl.js

Requested by

Host: social-login.oxiapps.com
URL: https://social-login.oxiapps.com/api/init?vt=928351&shop=hakshop.myshopify.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.197.53.66 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.53.197.104.bc.googleusercontent.com

Software

nginx/1.12.1 /

Resource Hash

d99c2255adeee99ea5a9adf362395a14d93e338e986e689c397bed40fc60af2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 02:59:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Thu, 21 Dec 2023 14:02:20 GMT
Server: nginx/1.12.1
ETag: W/"6584456c-8749"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 13 Jan 2024 02:59:13 GMT

GET
H2 200 richpanel-root.js Show response
cdn.richpanel.com/js/ 67 KB
15 KB 47ms
47ms Script
application/javascript 13.226.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.richpanel.com/js/richpanel-root.js
Requested by: Host: cdn-shopify-script
URL: webpack://cdn-shopify-script/./src/index.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-139-67.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92ce55c1106ce4a03d89bdb64673211c03047f5066939f843ce23629dfcf5c49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:52:37 GMT
content-encoding: gzip
via: 1.1 3f97ce77b80aa342632c43cea94d6262.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 13:38:56 GMT
server: AmazonS3
x-amz-cf-pop: YTO50-C2
age: 61732
x-amz-server-side-encryption: AES256
etag: W/"6ddec80e9f6225af80c0870758aad63f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: X4YB48Xt2NcvPAa4702xEf_nXqv2uCj1iRtRrcAr9teO1aat5LWq9Q==

POST
H2 200 ant_squire Show response
d-ipv6.mmapiws.com/ 86 B
266 B 107ms
57ms XHR
text/plain 104.18.42.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d-ipv6.mmapiws.com/ant_squire

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.42.177 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b59921a371f365c49e7de7eb40663d363298a98aa9427f6b8622e8fc427f0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 8442246b6945369d-YYZ

POST
H3 400 set_tracking_consent.json Show response
shop.hak5.org/ 76 B
2 KB 158ms
157ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/set_tracking_consent.json

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

5c0c22eafb3581f8331e13159b32b1c12dd586827afb435e2fe23d15e03c13c9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=adb4c6cd-3f55-45f3-ba42-6c475df070ce
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=adb4c6cd-3f55-45f3-ba42-6c475df070ce

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=adb4c6cd-3f55-45f3-ba42-6c475df070ce
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-northamerica-northeast2,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 69
server-timing: processing;dur=67, cfRequestDuration;dur=131.999969
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=adb4c6cd-3f55-45f3-ba42-6c475df070ce
x-sorting-hat-shopid: 682142
x-request-id: adb4c6cd-3f55-45f3-ba42-6c475df070ce
x-shardid: 112
x-shopify-stage: production
server: cloudflare
x-shopid: 682142
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2MHHg7MaEdDr%2B8LGFDj7pby4DANCH6ASvaB8URmRUd3v3%2F3rElnJUIdAOClXNIqUKcOpDiz8eVbF3V9KFrVAaqcpB%2BsrJ0RlW0gPzRA4PZB6jBB%2BFjgtH8x24nspFY%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-US
content-type: application/json; charset=utf-8
x-download-options: noopen
cf-ray: 8442246b4a4b7133-YUL
x-liquid-rendered-at: 2024-01-12T02:59:13.892571980Z
x-sorting-hat-podid: 112

POST
H3 400 set_tracking_consent.json Show response
shop.hak5.org/ 76 B
2 KB 163ms
163ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/set_tracking_consent.json

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

5c0c22eafb3581f8331e13159b32b1c12dd586827afb435e2fe23d15e03c13c9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=95510970-1a5b-4cd4-a77e-fc96f50ea66e
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=95510970-1a5b-4cd4-a77e-fc96f50ea66e

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=95510970-1a5b-4cd4-a77e-fc96f50ea66e
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-northamerica-northeast2,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 79
server-timing: processing;dur=73, cfRequestDuration;dur=138.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=95510970-1a5b-4cd4-a77e-fc96f50ea66e
x-sorting-hat-shopid: 682142
x-request-id: 95510970-1a5b-4cd4-a77e-fc96f50ea66e
x-shardid: 112
x-shopify-stage: production
server: cloudflare
x-shopid: 682142
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PpbAzXanvO388t%2Bj3hf1Hq5jRDl72ka17vWIyCR5wEtKTDZaUpD9XsqtYMNSJtccn5w9mW674OY9NCPi%2FdjmlP1kBfwipSyegyomoSKlgD1K8JFeU445SW8i6hz1BY%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-US
content-type: application/json; charset=utf-8
x-download-options: noopen
cf-ray: 8442246b4a4f7133-YUL
x-liquid-rendered-at: 2024-01-12T02:59:13.899119260Z
x-sorting-hat-podid: 112

GET
H3 200 cart.json Show response
shop.hak5.org/ 283 B
1 KB 90ms
89ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cart.json

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

aaec09685752653623387dcdfce01b83d3a13ee117a65c93a6a361f779f92af0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=11, db;dur=3, asn;desc="212238", edge;desc="YUL", country;desc="CA", servedBy;desc="hqlk", requestID;desc="98e84bce-7c9a-44a4-a5d4-16e580777840", cfRequestDuration;dur=64.000130
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: 98e84bce-7c9a-44a4-a5d4-16e580777840
x-shardid: 112
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 682142
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
content-language: en
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eh9F7RKHDedNmpMCoI79i7E%2FY0g83y8eEZSLXyKY9Xp0x4HElPWCqmFew6LewK8AUyfe%2FXhtPFA%2BTJMFLochQMjqeyqiKrdAy1qDPP0dK3B3MSdERaEDxl8L3WSific%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8442246b4a597133-YUL
x-sorting-hat-podid: 112
x-cartjs-updatedat: 0

GET
H2 200 jquery.fancyboxht.css
cdn.hextom.com/css/ 5 KB
2 KB 40ms
40ms Stylesheet
text/css 13.33.165.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hextom.com/css/jquery.fancyboxht.css
Requested by: Host: cdn.hextom.com
URL: https://cdn.hextom.com/js/lastsecondcoupon.js?shop=hakshop.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.165.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-165-53.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31eae06f6326485451a57eb0e08fd93f904deafa420c621cb949a2b94a9ea84e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:32:14 GMT
content-encoding: gzip
via: 1.1 e93a60ebfa6b75999bc2059ce06c6526.cloudfront.net (CloudFront)
last-modified: Mon, 05 Sep 2022 20:59:40 GMT
server: AmazonS3
x-amz-cf-pop: YTO50-C3
age: 19711
etag: "0e6b1063387cc06a6a430ff452511656"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1465
x-amz-cf-id: PFSIknh5oWgAFv-LDc5-Bu3Phx2XtuG1bd6NRq-Yjrl1nZoM5t0NTA==

GET
H3 200 605.latest.en.314e89a8131329087f6a.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
78 KB 43ms
43ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/605.latest.en.314e89a8131329087f6a.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 22618
content-encoding: br
server-timing: imagery;dur=16.833, imageryFetch;dur=16.637, cfRequestDuration;dur=15.000105
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0e225d8e-a277-4751-9265-774ddd1f2439
last-modified: Thu, 11 Jan 2024 20:11:00 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpCn6EbrUoedrfxRowLT1W%2FtnhvLUfBTLr8zYNCcMICj62JT3BO6KbfnyX2ARcSPd%2F8ZkZbiz1wWK82w2hrH5LMn%2B%2FlKtRs3YQjoyUdFk8HeisNbxHj4KNE4D4kW5l3QCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/605.latest.en.314e89a8131329087f6a.js>; rel="canonical"
cf-ray: 8442246b5f9a36c8-YYZ

GET
H/1.1 200
OK country Show response
spcdn.incartupsell.com/ 45 B
318 B 95ms
35ms XHR
application/json 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://spcdn.incartupsell.com/country
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7becfb9e0a5ccbdcd505ea0205f20d569291586611dbdafb1d8ec4a302009a73

Request headers

Accept: application/json
Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Jan 2024 02:59:13 GMT
Content-Encoding: gzip
Connection: keep-alive
Transfer-Encoding: chunked
X-HW: 1705028353.cds213.ch4.hn,1705028353.cds213.ch4.sl
Content-Type: application/json

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 6D1C 420 B
553 B 37ms
37ms Fetch
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=onetag&domain=hak5.org&sn=ChromeSyncframe&so=0&topUrl=shop.hak5.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=shop.hak5.org&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6a5c69531fab94945fc1e024d59f92012bfbe76d7ce1039416038459229517c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/syncframe?topUrl=shop.hak5.org&origin=onetag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2725968
expires: 0

OPTIONS
H2 200 t
api.richpanel.com/v3/ Frame 0
0 288ms
102ms Preflight
text/plain 44.237.176.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.richpanel.com/v3/t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.176.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-176-20.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://shop.hak5.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,authorization,content-type,x-amz-date,x-amz-security-token,x-api-key,x-client,x-refresh,x-requested-with,x-tenant
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: RZ-oYietvHcESJQ=
content-length: 14
content-type: text/plain; charset=utf-8
date: Fri, 12 Jan 2024 02:59:14 GMT

POST
H2 200 t Show response
api.richpanel.com/v3/ 110 B
377 B 97ms
97ms XHR
application/x-amz-json-1.1 44.237.176.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.richpanel.com/v3/t
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.237.176.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-176-20.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: f710e1a521921f92161463df00a271d851fe3f0545bec95306e3211ad44bcbab

Request headers

Access-Control-Allow-Origin: *
Referer: https://shop.hak5.org/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 12 Jan 2024 02:59:14 GMT
x-amzn-requestid: c9f12611-4c5b-4c4a-97eb-8b53bd250a29
content-length: 110
x-amz-id-2: ivYtMdJXlAROWdRX7aUAdwlghfrSSovBEYht8bkTOe0hKs83ds5Apjk7QIEABQDqpr5YsrZZzTVq5T1/FWp7qtQGSo/tG/xKWIsy3cjCJUo=
apigw-requestid: RZ-oZhinPHcESug=
content-type: application/x-amz-json-1.1

GET
H2 200 vendor~micro-app.js Show response
cdn.richpanel.com/js/ 221 KB
51 KB 47ms
47ms Script
application/javascript 13.226.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.richpanel.com/js/vendor~micro-app.js
Requested by: Host: tracking-script-2
URL: webpack://tracking-script-2/./src/index.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-139-67.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec2d6f1ef9c45c5c3aa64cc9a62cac76488a875c31e58e465fb669709f8587ee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 17:20:10 GMT
content-encoding: gzip
via: 1.1 3f97ce77b80aa342632c43cea94d6262.cloudfront.net (CloudFront)
last-modified: Wed, 08 Nov 2023 13:10:36 GMT
server: AmazonS3
x-amz-cf-pop: YTO50-C2
age: 34748
x-amz-server-side-encryption: AES256
etag: W/"ee29674aa9f3a40906c2bd4201aeccf2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 1cyZrTIjm0eSDKh81v8mo3TPDa9VoIOLXszzixCDRmGLzv-4har03Q==

GET
H2 200 micro-app.js Show response
cdn.richpanel.com/js/ 161 KB
27 KB 73ms
73ms Script
application/javascript 13.226.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.richpanel.com/js/micro-app.js
Requested by: Host: tracking-script-2
URL: webpack://tracking-script-2/./src/index.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-139-67.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ab93d457dac9b83f821f860b709a937cc8bdb0e236b84375dffc42b58fefc33

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:14:00 GMT
content-encoding: br
via: 1.1 3f97ce77b80aa342632c43cea94d6262.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 15:13:55 GMT
server: AmazonS3
x-amz-cf-pop: YTO50-C2
age: 42314
etag: W/"0ed3206dcaf42205817e3b70683215ae"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: P8sCfIFIMJE3M6Uks4LCatGwHSVi_iIx-2bIxMIhYsGG18SjhdIHfQ==

GET
H2 200 r.html Show response
pub-355091c9c4a36690e083.tracking.refersion.com/ Frame 2529 474 B
1 KB 141ms
42ms Document
text/html 13.226.139.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-355091c9c4a36690e083.tracking.refersion.com/r.html
Requested by: Host: cdn.refersion.com
URL: https://cdn.refersion.com/shop.js?key=pub_355091c9c4a36690e083&check_token=true&shop=hakshop.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.139.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-139-36.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 588794e29465c271a0ad76362f89ce1a8c3706e71fa8f906257377dc3bc27270

Request headers

Referer: https://shop.hak5.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 36159
content-length: 474
content-type: text/html
date: Thu, 11 Jan 2024 16:56:35 GMT
etag: "4ee1a4f461751e9918a36adb0409d3f7"
last-modified: Wed, 22 Feb 2023 15:36:53 GMT
server: AmazonS3
via: 1.1 dd96101693c9f13a5efc3b0280199938.cloudfront.net (CloudFront)
x-amz-cf-id: kPaTt_8Oinz3Yl58mMkPsj_sjR2EHF4jIKytZrE-K50MYl55F3ufXA==
x-amz-cf-pop: YTO50-C2
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
x-amz-meta-codebuild-content-md5: 91ec5cf5fda69cb6cd86040e2dd38391
x-amz-meta-codebuild-content-sha256: 42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
x-amz-server-side-encryption: AES256
x-amz-version-id: Rv5XbA_iUkUdnH6Uf8VNfQGmC__6yAr7
x-cache: Hit from cloudfront

GET
H/1.1 200
OK conf.json Show response
social-login.oxiapps.com/ 1 KB
2 KB 54ms
54ms Script
text/plain 104.197.53.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://social-login.oxiapps.com/conf.json?shop=hakshop.myshopify.com&vt=928351&callback=jQuery111004090950169811405_1543664809198

Requested by

Host: social-login.oxiapps.com
URL: https://social-login.oxiapps.com/js/osl.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.197.53.66 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.53.197.104.bc.googleusercontent.com

Software

nginx/1.12.1 / PHP/5.5.9-1ubuntu4.24

Resource Hash

500947e3a8cc9d5229b0738282bd1106965e05e9998245d7765f2173d77c6350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: public
Date: Fri, 12 Jan 2024 02:59:13 GMT
Strict-Transport-Security: max-age=31536000
Last-modified: Fri, 12 Jan 2024 01:04:36 GMT
Server: nginx/1.12.1
X-Powered-By: PHP/5.5.9-1ubuntu4.24
Transfer-Encoding: chunked
Content-Type: Content-Type: application/json; charset=UTF-8
Cache-Control: max-age=323, public
Connection: keep-alive
Expires: Fri, 12 Jan 2024 03:04:36 GMT

GET
H3 200 esapps.yottie.js Show response
shy.elfsight.com/s/33afda06-510b-41a6-a100-384e225c0a58/elfsight-youtube-gallery-f9d0f5ed7eab/app/dist/ 329 KB
73 KB 48ms
47ms Script
application/javascript 104.22.68.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shy.elfsight.com/s/33afda06-510b-41a6-a100-384e225c0a58/elfsight-youtube-gallery-f9d0f5ed7eab/app/dist/esapps.yottie.js

Requested by

Host: shy.elfsight.com
URL: https://shy.elfsight.com/p/platform.js?v=1.5.7&shop=hakshop.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcf8e8f0440e63eee4fe82016ae5e57d444348c91787607e66fb74e530c8f6d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 06:14:49 GMT
server: cloudflare
strict-transport-security: max-age=0
age: 1902
etag: W/"61934c59-52391"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8442246bfa24369d-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 pricingTable.js Show response
static.elfsight.com/apps/pricing-table/release/a54624775db0bc12768c8b792423f7c0ee71111e/app/ 219 KB
55 KB 104ms
99ms Script
application/javascript 104.22.68.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/pricing-table/release/a54624775db0bc12768c8b792423f7c0ee71111e/app/pricingTable.js

Requested by

Host: shy.elfsight.com
URL: https://shy.elfsight.com/p/platform.js?v=1.5.7&shop=hakshop.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3b2f55418af0617a9f14763bd6dfbed7c91e0025f88cce5d8116bdc7d2331bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx00000a116b26dade04e93-006579c547-5369e07d-sfo2a
age: 1637
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Nov 2022 13:49:31 GMT
server: cloudflare
etag: W/"84554540f9a8a8e7b1ade991e21fd223"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=604800
cf-ray: 8442246c0cb3a1db-YYZ

GET
H2 200 slider.js Show response
static.elfsight.com/apps/slider/release/5b03977f6e032db68dd7033869ac21d617fd2352/app/ 490 KB
152 KB 42ms
36ms Script
application/javascript 104.22.68.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/slider/release/5b03977f6e032db68dd7033869ac21d617fd2352/app/slider.js

Requested by

Host: shy.elfsight.com
URL: https://shy.elfsight.com/p/platform.js?v=1.5.7&shop=hakshop.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2435e2a5948e6bf4c3613b5abe47db3928ffce186041fa138776011d5d7132db

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx0000027582c03fe0370cf-006579c407-5369b237-sfo2a
age: 1210
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 04 Oct 2022 12:42:13 GMT
server: cloudflare
etag: W/"06209c0d3aaa37b6f81f04451e2a221b"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=604800
cf-ray: 8442246bfcafa1db-YYZ

GET
H2 200 logoShowcase.js Show response
static.elfsight.com/apps/logo-showcase/release/4507b20f6bd539e2c4f6ccc0cf62d6525c38fbcd/app/ 475 KB
149 KB 88ms
83ms Script
application/javascript 104.22.68.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/logo-showcase/release/4507b20f6bd539e2c4f6ccc0cf62d6525c38fbcd/app/logoShowcase.js

Requested by

Host: shy.elfsight.com
URL: https://shy.elfsight.com/p/platform.js?v=1.5.7&shop=hakshop.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56a4dfebd02002f5af26557905c56e7b0a2e7b24937cb5b4cc8c30012ed26537

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx00000a471a5e1b0bf0d8c-006579c547-536a3570-sfo2a
age: 3005
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 22 Jun 2023 13:01:19 GMT
server: cloudflare
etag: W/"600a1acb31d0ff683bdb5d61acaf4e92"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type: Normal
cache-control: max-age=604800
cf-ray: 8442246c0cb1a1db-YYZ

GET
H3 200 cart.js Show response
shop.hak5.org/ 283 B
1 KB 97ms
96ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cart.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

ea3047073a0abda4820245d94680ef195b03d1ac3a10a9b01e4f5d86c69168eb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=17, db;dur=8, asn;desc="212238", edge;desc="YUL", country;desc="CA", servedBy;desc="lmrm", requestID;desc="d57570df-bceb-49a8-825d-57804c0fcd4c", cfRequestDuration;dur=69.999933
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: d57570df-bceb-49a8-825d-57804c0fcd4c
x-shardid: 112
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 682142
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
content-language: en
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLSIQcD4tSc5a0vpKvQ8x6FSEkyJKwXfmpRczzEI6xaV02bJBWVNq4vtB46cQMRNcxTnfX5woxpYK9ye7W61AIdFPteLr5pqaiGNtvSS7PSZjMjksCOsM7vNNHuWIZA%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8442246c0be77133-YUL
x-sorting-hat-podid: 112
x-cartjs-updatedat: 0

GET
H3 200 598.latest.en.fe9c14be777555bb281a.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
20 KB 35ms
34ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/598.latest.en.fe9c14be777555bb281a.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 13484
content-encoding: br
server-timing: imagery;dur=25.922, imageryFetch;dur=25.657, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6a5a9cdc-1465-4cae-8984-c10d1f3c9f79
last-modified: Thu, 11 Jan 2024 23:00:11 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wAwVtsI36nnunpu49lZ6sFRCPmCz%2FSm4G8FdCEHvErWaWilLycLbLc8DlzeMXevMDME5plEQGTA7iY4YHqaXUumn%2FjLbkrWanFYJRcHWV2LOaYIgiBZMbgDFc4RH%2B08OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/598.latest.en.fe9c14be777555bb281a.js>; rel="canonical"
cf-ray: 8442246c08cf36c8-YYZ

GET
H2 200 hakshop.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ Frame E266 423 B
1 KB 159ms
118ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/hakshop.zendesk.com

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

874a9e785f423ddbb4705b3b6e7b4bf61ec70b66f84c045a64103ea8eb688006

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8308fa718ea22c7f-SEA, 8308fa718ea22c7f-SEA
x-runtime: 0.003791
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"874a9e785f423ddbb4705b3b6e7b4bf6"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFZJ1thW%2FBpIYpIWd4HK694F51WpRUroSvTBVclcXN6neOhMjhoO8lgGNzlKumIrzq62ge1gtEktR1Swwuhe7ctWahgp9JRZfQTUpaHSBUFlgJjuD54jWtM4VghxMtADj4w%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 8442246c5a4e3870-YYZ

GET
H/1.1 200
OK message Show response
app.easyquote.pw/ 44 B
1013 B 416ms
150ms Fetch
text/plain 95.216.147.64
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.easyquote.pw/message?domain=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.216.147.64 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.64.147.216.95.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2e2183880e7cdd1b8e00e78f55958c50bd71506cffd5db0e1adcffcd2637e4f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 02:59:14 GMT
Content-Security-Policy: frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: c44ec49e-001a-4353-9894-837b387e0d70
X-Runtime: 0.015560
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"2e2183880e7cdd1b8e00e78f55958c50"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK validation_message Show response
app.easyquote.pw/ 32 B
1001 B 429ms
163ms Fetch
text/plain 95.216.147.64
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.easyquote.pw/validation_message?domain=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.216.147.64 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.64.147.216.95.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dbbce402cc579aba25a590e02ae57514748ef3d507e42a2c06477f3a17709a4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 02:59:14 GMT
Content-Security-Policy: frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4f6135ca-c186-459d-b9dd-055ae45a3d48
X-Runtime: 0.016636
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"dbbce402cc579aba25a590e02ae57514"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK general_error_message Show response
app.easyquote.pw/ 50 B
1019 B 420ms
152ms Fetch
text/plain 95.216.147.64
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.easyquote.pw/general_error_message?domain=hakshop.myshopify.com

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.216.147.64 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.64.147.216.95.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

c00c776b159331c76424762d7617528fabd93877a583e5f647c23ce9270b392e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 02:59:14 GMT
Content-Security-Policy: frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 446d2b0f-babf-4620-9520-6e2abb516ac2
X-Runtime: 0.011689
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"c00c776b159331c76424762d7617528f"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK remodal.css
social-login.oxiapps.com/css/ 14 KB
5 KB 53ms
52ms Stylesheet
text/css 104.197.53.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://social-login.oxiapps.com/css/remodal.css

Requested by

Host: social-login.oxiapps.com
URL: https://social-login.oxiapps.com/js/osl.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.197.53.66 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.53.197.104.bc.googleusercontent.com

Software

nginx/1.12.1 /

Resource Hash

b178402ad931d0bcafc6d3b7e372ad0d50f93638d01811f5ea0ac872e9fe038d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 02:59:13 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Tue, 19 Dec 2023 10:34:02 GMT
Server: nginx/1.12.1
ETag: W/"6581719a-36d3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 13 Jan 2024 02:59:13 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 1 KB
1 KB 143ms
54ms Script
text/javascript 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LcCR2cUAAAAANS1Gpq_mDIJ2pQuJphsSQaUEuc9&hl=en

Requested by

Host: social-login.oxiapps.com
URL: https://social-login.oxiapps.com/js/osl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

GSE /

Resource Hash

52f41b713f4fe41f4f44ab08f40a9118cdbdca4d0a89852016e085998bc466cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 02:59:14 GMT

GET
H/1.1 200
OK widget Show response
social-login.oxiapps.com/ Frame 56F3 13 KB
4 KB 110ms
60ms Document
text/html 104.197.53.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/shop/t/57/assets/app.js?v=58165092932666955681685916278

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.197.53.66 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.53.197.104.bc.googleusercontent.com

Software

nginx/1.12.1 / PHP/5.5.9-1ubuntu4.24

Resource Hash

1005b2a1a7cf2562e097c41df50b3a0ec2df0e8bb637c4a123cef6d865f14a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shop.hak5.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=7200, public
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Jan 2024 02:59:14 GMT
Expires: Fri, 12 Jan 2024 04:59:14 GMT
Last-modified: Fri, 12 Jan 2024 02:59:14 GMT
Pragma: public
Server: nginx/1.12.1
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.9-1ubuntu4.24

GET
H/1.1 200
OK widget Show response
social-login.oxiapps.com/ Frame 1ECF 13 KB
4 KB 151ms
56ms Document
text/html 104.197.53.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/shop/t/57/assets/app.js?v=58165092932666955681685916278

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.197.53.66 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.53.197.104.bc.googleusercontent.com

Software

nginx/1.12.1 / PHP/5.5.9-1ubuntu4.24

Resource Hash

1005b2a1a7cf2562e097c41df50b3a0ec2df0e8bb637c4a123cef6d865f14a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shop.hak5.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=7200, public
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Jan 2024 02:59:14 GMT
Expires: Fri, 12 Jan 2024 04:59:14 GMT
Last-modified: Fri, 12 Jan 2024 02:59:14 GMT
Pragma: public
Server: nginx/1.12.1
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.9-1ubuntu4.24

POST
H3 200 produce
shop.hak5.org/.well-known/shopify/monorail/v1/ 0
724 B 98ms
97ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shop.hak5.org/.well-known/shopify/monorail/v1/produce
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=71.000099
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: db97f92c-7f15-43b1-8fd1-8679360bf37a
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0ovqqiU5IfY8RpqB84DkUrJtzC6Pk8aJ79bYNkaHS9yjKQ3h2q8xFiA1fBuF%2BbXioqBQngRXes3xzHGl28p5EGDtExKFUMKUOYUqTsC3nUG1zKbovtAvWigIB%2FAMB0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://shop.hak5.org
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8442246c4c377133-YUL

OPTIONS
H2 200 new-config
ws-prod.richpanel.com/tenant/messenger/ Frame 0
0 523ms
89ms Preflight
text/plain 52.88.26.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-prod.richpanel.com/tenant/messenger/new-config?initiator=messenger
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.26.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-26-53.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shop.hak5.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Accept,Origin,X-Amz-Date,X-Tenant,Authorization,X-Api-Key,X-Amz-Security-Token,Access-Control-Allow-Headers,X-Requested-With,Access-Control-Allow-Origin,X-Refresh,X-Client,X-Access
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-origin: *
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 12 Jan 2024 02:59:14 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express

POST
H2 200 new-config Show response
ws-prod.richpanel.com/tenant/messenger/ 10 KB
4 KB 181ms
180ms XHR
application/json 52.88.26.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-prod.richpanel.com/tenant/messenger/new-config?initiator=messenger
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.26.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-26-53.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: 0bccddb41823c44f0f3dedce43370c196735f9888a2562a2ca57c272fedeb5d9

Request headers

Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
content-encoding: gzip
etag: W/"2981-cJHBi6LqzFYTOUZ2iqXmCSRv7f0"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Accept, Origin, X-Amz-Date, X-Tenant, Authorization, X-Api-Key, X-Amz-Security-Token, Access-Control-Allow-Headers, X-Requested-With, Access-Control-Allow-Origin, X-Refresh, X-Client, X-Access

GET
H3 200 app.latest.en.c00c329719880e572c71.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
218 KB 75ms
74ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.c00c329719880e572c71.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 13739
content-encoding: br
server-timing: imagery;dur=32.620, imageryFetch;dur=32.284, cfRequestDuration;dur=39.000034
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7b44de35-21c0-4fd0-9024-1baa670af7c1
last-modified: Thu, 11 Jan 2024 23:05:51 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8vgxWlhCG7%2BO8FzCI9XayDiLMhKnvJRgXxp62lzD6GWkAhioX27P4J1GE%2BxBYjZJbBXovKRWUNzTH2qkpBWQXS6ff8ypzfxrfC%2FYQajjOxNl4WhxLYsiksSXaT3jD%2F%2FOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.c00c329719880e572c71.js>; rel="canonical"
cf-ray: 8442246c79ae36c8-YYZ

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 138ms
62ms Script
text/javascript 142.251.163.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: shy.elfsight.com
URL: https://shy.elfsight.com/s/33afda06-510b-41a6-a100-384e225c0a58/elfsight-youtube-gallery-f9d0f5ed7eab/app/dist/esapps.yottie.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f93.1e100.net

Software

ESF /

Resource Hash

012836af0a51bc628cc3eb10b36ac2b6a1dc5c6b118f95c6e5c0a66bb2c14966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 12 Jan 2024 02:59:14 GMT

GET
H2 200 config Show response
api.postscript.io/sdk/ 837 B
1016 B 167ms
70ms Fetch
application/json 18.67.17.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.postscript.io/sdk/config?shop_id=7832
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.17.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-17-24.yto50.r.cloudfront.net
Software: /
Resource Hash: 16332649b8f35d1d673ba4ad1d48ec7f3ed8003f0cbd65c4875ecea9a35f0e6c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
content-encoding: gzip
via: 1.1 4ddb3602395856d6beaf04efda8919b2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 837
x-amzn-remapped-server: gunicorn/20.0.4
x-amz-cf-pop: YTO50-P1
x-amzn-requestid: 00f861f8-8290-4ddd-a886-d2ce840941ae
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: RZ-oYGiFIAMEt1A=
content-length: 471
vary: Origin
content-type: application/json
access-control-allow-origin: https://shop.hak5.org
cache-control: public, max-age=300
access-control-allow-credentials: true
x-amzn-remapped-date: Fri, 12 Jan 2024 02:58:28 GMT
x-amz-cf-id: GlhW-sr-PkSQCj1zRKvnpQQU2Xskqmvha4yECRVAvtJ2UKUmuIpXDg==

GET
H2 200 get_coupons Show response
lsc.hextom.com/ 37 B
231 B 1157ms
39ms XHR
application/json 35.175.40.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lsc.hextom.com/get_coupons?shop=hakshop.myshopify.com
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.40.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-40-141.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bf057330d70c2ce7a54fbe7e34e4e4ca41360b1819e013a5d632ada8b5ecaf7b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:15 GMT
server: nginx
vary: Accept-Language, Origin, Cookie
content-language: en
access-control-allow-origin: https://shop.hak5.org
content-type: application/json
access-control-allow-credentials: true
content-length: 37

GET
H3 200 bootstrap3.3.5.css
cdn.shopify.com/s/files/1/1335/5701/t/12/assets/ Frame 56F3 119 KB
21 KB 37ms
36ms Stylesheet
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1335/5701/t/12/assets/bootstrap3.3.5.css?v=3239892402173170571697398199

Requested by

Host: social-login.oxiapps.com
URL: https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

2a1eb3955f4655fdcc988c2d99804bf49367475950d079fe486c44a478772d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://social-login.oxiapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 3778898
content-encoding: br
server-timing: imagery;dur=283.589, imageryFetch;dur=61.496, cfRequestDuration;dur=15.000105
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 86f11797-dcbb-486b-ae23-74f9c2895a7c
last-modified: Thu, 02 Nov 2023 12:35:27 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXb%2FnLJG2QAs8uNzZV2Q9TYRMVTDnaT3AguVg%2FUy4HpYCHGJSBtCVTaFM9ixcEIfIli%2FxuFgVG8SouT9lw1s5SrAjxzxFzhAV7JZO6izeROLFdwoQcv8IQN74rEmDVqdzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1335/5701/t/12/assets/bootstrap3.3.5.css>; rel="canonical"
cf-ray: 8442246d3f4239e9-YYZ

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 56F3 30 KB
7 KB 178ms
26ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: social-login.oxiapps.com
URL: https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://social-login.oxiapps.com/
Origin: https://social-login.oxiapps.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 3609166
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 26b8ca603d847c702dfa4a0c07122a1c
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8442246e2daa38e4-YYZ
cdn-requestpullsuccess: True

GET
H/1.1 200
OK custom.css
social-login.oxiapps.com/css/ Frame 56F3 9 KB
2 KB 51ms
51ms Stylesheet
text/css 104.197.53.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://social-login.oxiapps.com/css/custom.css

Requested by

Host: social-login.oxiapps.com
URL: https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.197.53.66 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.53.197.104.bc.googleusercontent.com

Software

nginx/1.12.1 /

Resource Hash

47affd3dca14ba921fa49af214e765bfb460343e320427effe53c2762cfe71cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 02:59:14 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 24 Nov 2023 13:17:47 GMT
Server: nginx/1.12.1
ETag: W/"6560a27b-22b8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 13 Jan 2024 02:59:14 GMT

GET
H/1.1 200
OK xdlspma.min.js Show response
cdn.refersion.com/ Frame 2529 2 KB
3 KB 42ms
42ms Script
application/x-javascript 13.226.139.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.refersion.com/xdlspma.min.js
Requested by: Host: pub-355091c9c4a36690e083.tracking.refersion.com
URL: https://pub-355091c9c4a36690e083.tracking.refersion.com/r.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.139.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-139-18.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd3a2ff5820c53c4fba21ec7beb8c3b752875693f720ba4a2e70a35b9d75dbdd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pub-355091c9c4a36690e083.tracking.refersion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: h14.0Y4Yu1Xl18Mzw0OfX4nX_K4xt4TO
Date: Thu, 11 Jan 2024 22:33:09 GMT
Via: 1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YTO50-C2
Age: 15966
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:441910979855:build/Refersion-Tracking-Build:73628c93-f755-4b3d-8d5c-a1ebdbebadc0
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-codebuild-content-md5: 91ec5cf5fda69cb6cd86040e2dd38391
Content-Length: 2152
Last-Modified: Wed, 22 Feb 2023 15:36:54 GMT
Server: AmazonS3
ETag: "66303cfc2f88333c918052f78b6d0215"
x-amz-meta-codebuild-content-sha256: 42d26243f1280db4b5fe4f14da9a93e79ee5c40ecaa56e39403c9417ef85fa11
Content-Type: application/x-javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: n9Ib5tg6nybvsTYjJptuuKejKgLWc5WGYYpo-d7DyaaR3Ell9QcYHw==

GET
H3 200 bootstrap3.3.5.css
cdn.shopify.com/s/files/1/1335/5701/t/12/assets/ Frame 1ECF 119 KB
21 KB 33ms
32ms Stylesheet
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1335/5701/t/12/assets/bootstrap3.3.5.css?v=3239892402173170571697398199

Requested by

Host: social-login.oxiapps.com
URL: https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

2a1eb3955f4655fdcc988c2d99804bf49367475950d079fe486c44a478772d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://social-login.oxiapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 3778898
content-encoding: br
server-timing: imagery;dur=283.589, imageryFetch;dur=61.496, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 86f11797-dcbb-486b-ae23-74f9c2895a7c
last-modified: Thu, 02 Nov 2023 12:35:27 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsgPLrMpnS5tj%2FYxUcazJt9JwPQ534C1otlepjxO7tV1QWiZMn6FE1HjGZW8czellT9DRG%2F6rKMOKoCt7b7lpGtVOU3nTehkfbz30lX4rJuAYRVVKaQ097sSpd1fakbUKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1335/5701/t/12/assets/bootstrap3.3.5.css>; rel="canonical"
cf-ray: 8442246de85b39e9-YYZ

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 1ECF 30 KB
7 KB 72ms
30ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: social-login.oxiapps.com
URL: https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://social-login.oxiapps.com/
Origin: https://social-login.oxiapps.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 3609166
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 26b8ca603d847c702dfa4a0c07122a1c
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8442246e3dac38e4-YYZ
cdn-requestpullsuccess: True

GET
H/1.1 200
OK custom.css
social-login.oxiapps.com/css/ Frame 1ECF 9 KB
2 KB 49ms
49ms Stylesheet
text/css 104.197.53.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://social-login.oxiapps.com/css/custom.css

Requested by

Host: social-login.oxiapps.com
URL: https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.197.53.66 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.53.197.104.bc.googleusercontent.com

Software

nginx/1.12.1 /

Resource Hash

47affd3dca14ba921fa49af214e765bfb460343e320427effe53c2762cfe71cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 02:59:14 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 24 Nov 2023 13:17:47 GMT
Server: nginx/1.12.1
ETag: W/"6560a27b-22b8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 13 Jan 2024 02:59:14 GMT

GET
H3 200 731.latest.en.13d4de92b88330e8fea9.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
963 B 30ms
30ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/731.latest.en.13d4de92b88330e8fea9.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 13484
content-encoding: br
server-timing: imagery;dur=21.450, imageryFetch;dur=20.905, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1013d01a-a076-4034-8916-6c463b0bdb50
last-modified: Fri, 05 Jan 2024 00:57:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BHWGHelMb7wZVDI7OyjivBJsWX7pnt9D%2FuAgwUM%2F5Xl%2FDSl0kqfj5YXjo4iujgUcounkaLstmzCcBYv1mMoSXUiX2DIYxv%2BtGBTxhsFIrXzFQNihGbST5zg2bA4LhTb8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/731.latest.en.13d4de92b88330e8fea9.js>; rel="canonical"
cf-ray: 8442246dfc6436c8-YYZ

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 503 KB
201 KB 38ms
37ms Script
text/javascript 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LcCR2cUAAAAANS1Gpq_mDIJ2pQuJphsSQaUEuc9&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 22:18:18 GMT

GET
H2

200

aa4aa023-c569-4a2d-9ca2-60c25a132074.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/
Redirect Chain

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/aa4aa023-c569-4a2d-9ca2-60c25a132074.png
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/aa4aa023-c569-4a2d-9ca2-60c25a132074.png

7 KB
7 KB

53ms
48ms

Image
image/png

104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/aa4aa023-c569-4a2d-9ca2-60c25a132074.png

Protocol

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f730408fd2b140fcca6a4ee5d6cbdb05c476cbab279abf64a74478a3598e524e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000000135cfd6d-006559b2bd-41db5be1-nyc3a
age: 3765166
cf-polished: origSize=10882, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 7079
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jan 2022 00:41:07 GMT
server: cloudflare
etag: "52776d5f1a60eba44b2c5fa28ce95041"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6X8t9M%2F5sBAKvNlHhIO%2F%2BCIIZtoKH4hY9wb1XbZmz%2Fq9Iw0IwWcj4dfXI%2BMxznGEawfQJYruxExhWJMwahgQunW6LhcYu35Sqfqdn4NJhA%2Bl76fz398cfoD961WAyIDCnuuIAUnng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246ebeac3a04-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/aa4aa023-c569-4a2d-9ca2-60c25a132074.png
cache-control: max-age=3600
cf-ray: 8442246e78bda1db-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:59:14 GMT

GET
H2

200

2aa8cfe8-0d9a-41b4-a9b3-72bae79bd521.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/
Redirect Chain

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/2aa8cfe8-0d9a-41b4-a9b3-72bae79bd521.png
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/2aa8cfe8-0d9a-41b4-a9b3-72bae79bd521.png

2 KB
2 KB

59ms
59ms

Image
image/png

104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/2aa8cfe8-0d9a-41b4-a9b3-72bae79bd521.png

Protocol

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5306c3ac7268cbc4422431d0d1ec1775d43d80a2d1cff38015962fc25e090734

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000000159a479d-00656729e9-41e2cfd5-nyc3a
age: 3694842
cf-polished: origSize=3477, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 1837
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jan 2022 00:41:34 GMT
server: cloudflare
etag: "235ba81459f0f33277fb27ee6efcc97f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVS8rzgWrtnIaIp3zmUGOFYPRODc0OBiXl7umu6XWSSPLm7kWBZULwSc%2BC5COCXR1%2FVCVMKHbEOL9BIzg28eiNPCD1OtHn%2Fcc11yKPIpZunaIqBha3mKh1NEUEcTFdnyc%2FE1r48K5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246ecee13a04-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/2aa8cfe8-0d9a-41b4-a9b3-72bae79bd521.png
cache-control: max-age=3600
cf-ray: 8442246e78b9a1db-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:59:14 GMT

GET
H2

200

8eb4f26a-2adb-4bdb-b554-5e73f6d3069e.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/
Redirect Chain

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/8eb4f26a-2adb-4bdb-b554-5e73f6d3069e.png
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/8eb4f26a-2adb-4bdb-b554-5e73f6d3069e.png

2 KB
2 KB

41ms
36ms

Image
image/png

104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/8eb4f26a-2adb-4bdb-b554-5e73f6d3069e.png

Protocol

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8155902af9a889918c8ac7d7f3cf145463b47beeee92ad60766099700b7f9566

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000001553bb50-00656593bf-41e2cfd5-nyc3a
age: 3770839
cf-polished: origSize=3978, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 2108
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jan 2022 00:42:08 GMT
server: cloudflare
etag: "613f7caec7df68f3b4d991bd98d4a489"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFnv5INeLzkkszoORAy6NVgI9QkQndASmQRF1KSyEPRlvh23nDPVanYW8o%2FEiElLLlvHE%2Fr2mUUslWrZaPFm3AhM4etBN26p9aYrH7sScJDeKaisF2xBcM0V4YLUJBEVj9lqguZGqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246ebea93a04-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/8eb4f26a-2adb-4bdb-b554-5e73f6d3069e.png
cache-control: max-age=3600
cf-ray: 8442246e78c0a1db-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:59:14 GMT

GET
H2

200

9b970a4b-23ae-492a-9c7f-38560d189ba0.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/
Redirect Chain

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/9b970a4b-23ae-492a-9c7f-38560d189ba0.png
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/9b970a4b-23ae-492a-9c7f-38560d189ba0.png

9 KB
10 KB

34ms
31ms

Image
image/png

104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/9b970a4b-23ae-492a-9c7f-38560d189ba0.png

Protocol

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc8ec4e2d996580dd6d9f2dfab041cea113564c8da23d58096b91ee824dc2bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000001311e114-006557d24f-41e48701-nyc3a
age: 3865825
cf-polished: origSize=15309, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 9408
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jan 2022 00:42:39 GMT
server: cloudflare
etag: "68c3c564b85e5bc71ec5a06fe31365ae"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKdsCw6JlkPFjzmN8UTZHvRdWXR4yWtpeuIXPg1eUD3ENt5Nlb5eyA%2FC94bkffTeN23WH9MP5b1M8lG5yuFJ3I6BWfElLUatShvLUJPSCXDeDnhi9ESseaEjO3%2BRbPm7I79t3kXuRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246ebeb03a04-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/9b970a4b-23ae-492a-9c7f-38560d189ba0.png
cache-control: max-age=3600
cf-ray: 8442246e78c6a1db-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:59:14 GMT

GET
H2

200

4fb9058b-642a-4802-a59c-f3668d0ce6be.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/
Redirect Chain

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/4fb9058b-642a-4802-a59c-f3668d0ce6be.png
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/4fb9058b-642a-4802-a59c-f3668d0ce6be.png

8 KB
8 KB

59ms
55ms

Image
image/png

104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/4fb9058b-642a-4802-a59c-f3668d0ce6be.png

Protocol

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52f4f0c859599e872a165cc125008762fd4e6bc03fb26adfafa6919debaf5b3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000001311ccef-006557d24f-41e2d025-nyc3a
age: 3843755
cf-polished: origSize=14082, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 7905
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jan 2022 00:42:47 GMT
server: cloudflare
etag: "d92a04baf1f21bc45f228503739c3212"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ogdq223giFDJ88URaGdA4UpsQZPBWFXnQzi37yuQ8UQcTsGSV7v2cThzZkT%2F9%2Bsazqq%2FTe9I1FyozOMQlB0q02Hjd3DDoPYq7vo3o1yZ4p9jY96IJUVooSx1wBUIM6dZHfkvntANwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246ebeaf3a04-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/4fb9058b-642a-4802-a59c-f3668d0ce6be.png
cache-control: max-age=3600
cf-ray: 8442246e78c5a1db-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:59:14 GMT

GET
H2

200

0a63d417-249d-447b-a2a2-af2575e7108b.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/
Redirect Chain

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/0a63d417-249d-447b-a2a2-af2575e7108b.png
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/0a63d417-249d-447b-a2a2-af2575e7108b.png

6 KB
7 KB

41ms
37ms

Image
image/png

104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/0a63d417-249d-447b-a2a2-af2575e7108b.png

Protocol

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0fd7bffaca003cb967455fa9c2d5e843229d8487b6469a3795b151dcd7980bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000000152add3d-0065648e4c-41e48701-nyc3a
age: 3777519
cf-polished: origSize=11294, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 6495
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jan 2022 00:42:00 GMT
server: cloudflare
etag: "6eaa659a91b7ebadeb59a398538f4a61"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAXtAR9lPg4QYt9CfHX99jgZgKoxVtlQtOouP1pA9%2Fj65LTvVQqxf%2BZZhccSd%2FWpubWsFRuE40j47Kfy63knqLTioe2UT%2BJJ6cBDtOkZdqvx2kYtCvD1dtCkFRFpOfprKKwf73MhJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246ebeab3a04-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/0a63d417-249d-447b-a2a2-af2575e7108b.png
cache-control: max-age=3600
cf-ray: 8442246e78c3a1db-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:59:14 GMT

GET
H2 200 watchdogs2.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/635fae92-309d-48e2-a50d-4d6ca4881bd8/ 4 KB
5 KB 78ms
34ms Image
image/png 104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/635fae92-309d-48e2-a50d-4d6ca4881bd8/watchdogs2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718d830919f470b8cf7ec3ee7da781a8a750cd988e64f72690fc67d0076e5fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000001311ccf7-006557d24f-41e2d025-nyc3a
age: 4427130
cf-polished: origSize=9411, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 4470
cf-bgj: imgq:100,h2pri
last-modified: Thu, 06 Apr 2023 22:57:55 GMT
server: cloudflare
etag: "a3701d0add2f244c18cf59f95e9ec087"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inFDmkB8zsAU%2FEW%2BNbtX0F8ECWeKi9T%2BaiC2MAX70asyv5yrTVdnABMhAe95sf98zPYliJmV0IVKmMk%2By8EKysLf7PF7aEZ0md2G899hO1ppPYpBvue9jMnOx9Y73BSBX%2BEPe%2FqARg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246ebea73a04-YYZ

GET
H2

200

37f388ec-29b8-433a-9d5c-dee3d0a08e9c.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/
Redirect Chain

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/37f388ec-29b8-433a-9d5c-dee3d0a08e9c.png
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/37f388ec-29b8-433a-9d5c-dee3d0a08e9c.png

6 KB
7 KB

29ms
29ms

Image
image/png

104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/37f388ec-29b8-433a-9d5c-dee3d0a08e9c.png

Protocol

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

914ac23ff1471d9baed5887c094304ae1940c7cc65233c4f6b842bf4093ad83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000001590df78-006566fce0-41e2cfd5-nyc3a
age: 3777518
cf-polished: origSize=12053, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 6401
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jan 2022 00:42:31 GMT
server: cloudflare
etag: "b0fa8b790a8bc165958d82b20669dbcc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwYOuaBw0Z2KsUGn%2BVi23CMQkEY2JSot1cIIzrc%2FGmmIehCAB8d413TolGODhD6AOfDekqF1KW3k%2ByjmgoqfYO9T6B0iUaWELioIViAXGLtqCKPpwaNAxIO%2Bf%2BrCPlARecEh0q8nPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246f0f723a04-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/37f388ec-29b8-433a-9d5c-dee3d0a08e9c.png
cache-control: max-age=3600
cf-ray: 8442246ebe85369d-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:59:14 GMT

GET
H2

200

cd0e5cd7-3888-4b48-b65e-f15e3bccf1b9.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/
Redirect Chain

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/cd0e5cd7-3888-4b48-b65e-f15e3bccf1b9.png
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/cd0e5cd7-3888-4b48-b65e-f15e3bccf1b9.png

5 KB
5 KB

32ms
31ms

Image
image/png

104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/cd0e5cd7-3888-4b48-b65e-f15e3bccf1b9.png

Protocol

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2406999c0b677078de0feff848d7916ebde891a1a91da1422bb8de2c4a192456

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000001311d96e-006557d24f-41db5b96-nyc3a
age: 542811
cf-polished: origSize=8734, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 5132
cf-bgj: imgq:100,h2pri
last-modified: Tue, 22 Mar 2022 14:33:18 GMT
server: cloudflare
etag: "4fda7dc208070ea544fa38b31d4f630b"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkclWSUPHQp9o59GaiPrUIu%2BTRF6QYsiNcWk9KnIDXAMpDP%2FCqchzKogqM9SDkwZNqKz5zkaRuqeHtP%2BvO05ReyTlbYLelIlIssBjB22DGGBhPDWbwXipzsEPtb%2F7QR9g8bEX0T2iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246eff3f3a04-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/cd0e5cd7-3888-4b48-b65e-f15e3bccf1b9.png
cache-control: max-age=3600
cf-ray: 8442246ebe89369d-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:59:14 GMT

GET
H2

200

8ace2100-fcc3-46ba-a949-b44c7c98a01a.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/
Redirect Chain

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/8ace2100-fcc3-46ba-a949-b44c7c98a01a.png
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/8ace2100-fcc3-46ba-a949-b44c7c98a01a.png

3 KB
3 KB

39ms
39ms

Image
image/png

104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/8ace2100-fcc3-46ba-a949-b44c7c98a01a.png

Protocol

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5441a44bdac1bf1ffb404ab79d680f3cf01452821d2346a67df04b6fde132c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000001311e12b-006557d24f-41e48701-nyc3a
age: 3765166
cf-polished: origSize=5803, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 2986
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jan 2022 00:41:43 GMT
server: cloudflare
etag: "9929e88f0fe64fb2d6b1284af41babd1"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOFBZP2tCMu7tdOWDqp1mxbv7rI8VUqtlFzuk0cOkxkbFsR6LIX84a3jfLMDQvg0d%2BPAHophFXNDyTUG2SAS4SFssVEMwnBqdMeyFx4zM43nf0IcivNJMBMfaioVR6xjhNKE1FZfzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246eff443a04-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/8ace2100-fcc3-46ba-a949-b44c7c98a01a.png
cache-control: max-age=3600
cf-ray: 8442246ebe8c369d-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:59:14 GMT

GET
H2

200

f8345d5a-b7a3-45a0-a9f6-8b1e975f57a4.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/
Redirect Chain

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/f8345d5a-b7a3-45a0-a9f6-8b1e975f57a4.png
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/f8345d5a-b7a3-45a0-a9f6-8b1e975f57a4.png

8 KB
8 KB

37ms
37ms

Image
image/png

104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/f8345d5a-b7a3-45a0-a9f6-8b1e975f57a4.png

Protocol

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa5612ca93150aaa46685d4fa3bb36ce8a242210cdceb7707475621f355e7d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000000158b7751-006566e3c1-41e2cfd5-nyc3a
age: 3770839
cf-polished: origSize=13856, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 8136
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jan 2022 00:42:22 GMT
server: cloudflare
etag: "125c0945410dbfc2c84c5fb5e82dd038"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH1M34CRqsYS58BboTyDPgAz9Bu3J5egCA28c0CQW0Eo3D2hDLb%2FIkmwqdqYSbkGy6GXTS%2FCoCdPoIoVjdAlfUw1ncjLTG4I94p4NE%2FdDoFNrG8fv5UprQWtenTgmqFoFP6%2Bo7ZL3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246eff473a04-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/f8345d5a-b7a3-45a0-a9f6-8b1e975f57a4.png
cache-control: max-age=3600
cf-ray: 8442246ebe90369d-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:59:14 GMT

GET
H2

200

c44cad5f-ac9c-4537-b269-b37e1b718a84.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/
Redirect Chain

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/c44cad5f-ac9c-4537-b269-b37e1b718a84.png
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/c44cad5f-ac9c-4537-b269-b37e1b718a84.png

9 KB
9 KB

33ms
32ms

Image
image/png

104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/c44cad5f-ac9c-4537-b269-b37e1b718a84.png

Protocol

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8392c164a15fac019d3b838a75990d9902e70850732de7bdb964f87bac635039

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000001311cd20-006557d250-41e2d025-nyc3a
age: 4430167
cf-polished: origSize=16260, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 8847
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jan 2022 00:41:52 GMT
server: cloudflare
etag: "40bfa21909acc6d434c493a9c9393bd3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMbMXcUU%2FbaDajyGVbI65%2F230bfobdWdxWFXSS1eeO%2F0T2f8TxRAJZRUMBYMKdZjAZwEd%2BYGUpVssgJ5qqP%2BPDpeemWdjXvBQiUX7cEX9z%2FtMjzbAW2Lf3QaLLA4Kh9UHUOznxeVTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246eff433a04-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/c44cad5f-ac9c-4537-b269-b37e1b718a84.png
cache-control: max-age=3600
cf-ray: 8442246ebe94369d-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:59:14 GMT

GET
H2

200

d9fe5457-c435-4e01-861d-557dfccb08e0.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/
Redirect Chain

https://files.elfsight.com/storage/36b1ff01-1808-49f3-8a1a-0d377e72e86d/d9fe5457-c435-4e01-861d-557dfccb08e0.png
https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/d9fe5457-c435-4e01-861d-557dfccb08e0.png

2 KB
3 KB

31ms
30ms

Image
image/png

104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/d9fe5457-c435-4e01-861d-557dfccb08e0.png

Protocol

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b347b7b9e4e90c76a86a9156586c30594d63a1a953672972423e6d7b115f293

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000001562a285-006565dcd2-41db5be1-nyc3a
age: 3765166
cf-polished: origSize=4420, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 1911
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jan 2022 00:41:21 GMT
server: cloudflare
etag: "ec6d3a8de4571360a755286c4960eb01"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7TdhkL2pWUvFfOhovNHU6u4J6Vp3G%2Bc3saXmaXLkqtO09mKc%2FixznwAuUhefJwY2pA4QCLXCWCNxmtbXierjOrMHrChicNqrZNmYATXhzukTB27PaSszB3urLqYUrTKNPa79m9lbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246eff453a04-YYZ

Redirect headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=0
server: cloudflare
vary: Accept-Encoding
location: https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/d9fe5457-c435-4e01-861d-557dfccb08e0.png
cache-control: max-age=3600
cf-ray: 8442246ebe95369d-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:59:14 GMT

GET
H2 200 kaleidoscope.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/7a84e50a-51b0-4221-b26f-9151abccb9fb/ 7 KB
7 KB 102ms
59ms Image
image/png 104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/7a84e50a-51b0-4221-b26f-9151abccb9fb/kaleidoscope.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

143fac477d4af988dac93036b8993daabdf04155ec3075a19de3f19001548e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000000155a326e-006565af80-41e48701-nyc3a
age: 542811
cf-polished: origSize=12669, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 6874
cf-bgj: imgq:100,h2pri
last-modified: Thu, 06 Apr 2023 22:49:08 GMT
server: cloudflare
etag: "770f4aa65ade389c9d3e04a1e82fc391"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKdudxJXX3hRX3Zf2cdg5Rq5pioh9%2B0zJObd0HRRFGFGZu3zdIIKCNJtieOws6CLAvZd32c3vFFyv1bzOPBow6e4z%2BiYh638wXW%2B%2ByD7GV69Ym4vEPLW7wH6S4Ggxi%2FSdcEYRPYkYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246ebea33a04-YYZ

GET
H2 200 gothamknights_cw.png
files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/b311af92-3e5f-4edf-a1a9-a1763b255ac4/ 9 KB
9 KB 94ms
52ms Image
image/png 104.26.4.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/36b1ff01-1808-49f3-8a1a-0d377e72e86d/b311af92-3e5f-4edf-a1a9-a1763b255ac4/gothamknights_cw.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99d220c673659a5056c179de166d6f3ec9348f12cb22a977bb3410e8184f3dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000015fa4af8-0065698029-41e2cfd5-nyc3a
age: 570271
cf-polished: origSize=15257, status=vary_header_present
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 8955
cf-bgj: imgq:100,h2pri
last-modified: Thu, 06 Apr 2023 22:50:35 GMT
server: cloudflare
etag: "16e23ab29f9b949261100d434e75ed75"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkjdYJpfFM%2FoM5hUdSNa9SPx6ajyI4WMy3uMA2bJsT83ArRpPSJUUTsvpgepO85A%2B3C0Z2OPXAOQfPKgOf%2Bq7eAkyvNrU8waapjSU%2B7588y9K1VnALgg547Yj5YdbYx5PrC26TL7Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control: max-age=604800
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8442246ebea83a04-YYZ

GET
H2 200 web-widget-main-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 5DD6 923 KB
265 KB 48ms
48ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
x-amz-version-id: PAflfXOdiQDrMRVYun69YoketTkl1xNU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPBW7W4HNMQNRZQ
age: 3283821
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: wfPEdY9k/zcvsIza71zRAfGSA06ccGjnyFntR/pEQA5wKZJx4KMSIhZ1mIOYvRkIKiOLJAwMzi4=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"6f8511a72c96db8b22e6373718b842ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6E8MRWXR%2BBdj%2FBJM99DOOqUlmsD9Fv1T8f1D8KJiPbDDwIuEQHiGjad2vf2D27bXRAoBT%2FaCfNUjbDnnYj6CRWhpwxkvuVDsfQdpy41Q1G0WfJtMkVpcN9fkQ5BLUXlBjKPulE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8442246e8d783a03-YYZ
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/ 216 KB
67 KB 38ms
36ms Script
text/javascript 142.251.163.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f93.1e100.net

Software

sffe /

Resource Hash

ca5a691ea0a5a7485c48827ef56c36cb4414693c72ef5f6a0067e5c9d3e00261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68600
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 02:14:39 GMT

GET
H3 200 958.latest.en.0b24d25af4b199f69e10.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
9 KB 58ms
57ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/958.latest.en.0b24d25af4b199f69e10.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 27010
content-encoding: br
server-timing: imagery;dur=24.101, imageryFetch;dur=23.054, cfRequestDuration;dur=30.999899
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c3fe4fd8-a66b-4631-9170-ec3f781f9aa9
last-modified: Thu, 11 Jan 2024 19:27:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnU0u0u1to5xp64xajNez4xgPi8%2F6H4pcvtURd%2BKhYyiqPEHTbaNoyGcVu%2B7a%2BtvICo3pb%2BsmuCAOlRlYfJRgkMQEKaykIPrusclkHPMKj6y7VMsIc01I6Nw6GSObGmCbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/958.latest.en.0b24d25af4b199f69e10.js>; rel="canonical"
cf-ray: 8442246ecdee36c8-YYZ

GET
H2

200

desktop Show response
sdk.postscript.io/ Frame 4624
Redirect Chain

https://sdk.postscript.io/desktop.html?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%...
https://sdk.postscript.io/desktop?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%2Cpop...

1 KB
946 B

85ms
84ms

Document
text/html

104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.postscript.io/desktop?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%2Cpopup_new_compliance_text&disclaimer=%7B%22privacy_policy%22%3A%7B%22text%22%3A%22Privacy+Policy%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fprivacy-policy%22%7D%2C%22terms_of_service%22%3A%7B%22text%22%3A%22Terms+of+Service%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fterms-of-service%22%7D%2C%22text%22%3A%22*By+providing+your+phone+number%2C+you+agree+to+receive+recurring+automated+marketing+text+messages+%28e.g.+cart+reminders%29+from+this+shop+and+third+parties+acting+on+its+behalf.+Consent+is+not+a+condition+to+obtain+goods+or+services.+Msg+%26+data+rates+may+apply.+Msg+frequency+varies.+Reply+HELP+for+help+and+STOP+to+cancel.+You+also+agree+to+the+%7Bterms_of_service%7D+and+%7Bprivacy_policy%7D.%22%7D&origin=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer

Requested by

Host: sdk.postscript.io
URL: https://sdk.postscript.io/sdk.bundle.js?shopId=7832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed455c446a7d5dce7d54021f47950e3572c696b6c5e822d8ee8facf0a5a3e91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shop.hak5.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8442246f58a436af-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 12 Jan 2024 02:59:14 GMT
etag: W/"fd6542d2e95d43313ae83bc450567dd1"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BOVS1EnJpciqdjeCz%2FN4i0REh3g%2BbWbmTkIB6a5AzVTFw5nJv%2B9%2Bu0xrcubl0qBiykr6dJ%2BEyvVZdkzz4kzfXEwCI1Dd9Dc8t1Hi1kPmcII7%2FdlXPbBuWTYU%2FKhbjv%2ByY4e5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8442246eff9e36af-YYZ
content-length: 0
date: Fri, 12 Jan 2024 02:59:14 GMT
location: /desktop?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%2Cpopup_new_compliance_text&disclaimer=%7B%22privacy_policy%22%3A%7B%22text%22%3A%22Privacy+Policy%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fprivacy-policy%22%7D%2C%22terms_of_service%22%3A%7B%22text%22%3A%22Terms+of+Service%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fterms-of-service%22%7D%2C%22text%22%3A%22*By+providing+your+phone+number%2C+you+agree+to+receive+recurring+automated+marketing+text+messages+%28e.g.+cart+reminders%29+from+this+shop+and+third+parties+acting+on+its+behalf.+Consent+is+not+a+condition+to+obtain+goods+or+services.+Msg+%26+data+rates+may+apply.+Msg+frequency+varies.+Reply+HELP+for+help+and+STOP+to+cancel.+You+also+agree+to+the+%7Bterms_of_service%7D+and+%7Bprivacy_policy%7D.%22%7D&origin=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auBIjgf2slB5x2VTvxmqtyF%2FyfvTGT3W9pZUlWS3zNRTSPuBZWrO3SDY08Tv8ezIBn2JvoCZUtbRLKDLszx52vEXzBHXQ4XKsm%2BGhdeW%2BKLJbRUvCNDrsZCl6Z1pABdJfM0V6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 7832 Show response
api.postscript.io/public/klaviyo_form_status/ 38 B
511 B 108ms
108ms Fetch
application/json 18.67.17.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.postscript.io/public/klaviyo_form_status/7832
Requested by: Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.17.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-17-24.yto50.r.cloudfront.net
Software: /
Resource Hash: 8d1e46fd7b01df3683bb063d0825e109a359e3bdd57fd5b804f3ae6fd978544e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
content-encoding: gzip
via: 1.1 4ddb3602395856d6beaf04efda8919b2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 38
x-amz-cf-pop: YTO50-P1
x-amzn-requestid: 47424bbc-4732-4fde-b068-13f18b1cc6bd
x-amzn-trace-id: Root=1-65a0ab02-548d8f0f1e041c9b24c62d67
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=300
access-control-allow-credentials: true
x-amz-apigw-id: RZ-obGepIAMEJUQ=
content-length: 56
x-amz-cf-id: 5Hfr2SBiY9keCg6LeRMo-spRVdA1W3Qgmd_M7dSSDNv0KUSabb_xgw==

GET
H3 200 jquery-1.11.0.min.js Show response
cdn.shopify.com/s/files/1/1335/5701/t/12/assets/ Frame 1ECF 89 KB
63 KB 38ms
37ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1335/5701/t/12/assets/jquery-1.11.0.min.js?v=76199200980675605031652732738

Requested by

Host: social-login.oxiapps.com
URL: https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

9608a8479c39236d912f0d6c94dc02a41f493d5ece2df9b47dcb4cfdf9eca1f2

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://social-login.oxiapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 10803
content-encoding: br
server-timing: imagery;dur=93.459, imageryFetch;dur=44.684, cfRequestDuration;dur=19.000053
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 15bb5258-29d1-41a7-9fef-d62302fdcc2b
last-modified: Thu, 11 Jan 2024 23:59:00 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ho8w7nr2Ts753FFwCiUogfRUhCDQvgZbGz5TkqPrwRwsudwtRWAPckaDde%2BEwcdieQffZyzFqs1Rw9cu5gWXWuzTAT7puRanftfec3NYXKhWtcwDuEIHgTJR2Ojqj5VhIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1335/5701/t/12/assets/jquery-1.11.0.min.js>; rel="canonical"
cf-ray: 8442246f0a5c39e9-YYZ

GET
H3 200 jquery-1.11.0.min.js Show response
cdn.shopify.com/s/files/1/1335/5701/t/12/assets/ Frame 56F3 89 KB
63 KB 32ms
31ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1335/5701/t/12/assets/jquery-1.11.0.min.js?v=76199200980675605031652732738

Requested by

Host: social-login.oxiapps.com
URL: https://social-login.oxiapps.com/widget?site=hakshop.myshopify.com&vt=928352&parenturl=https://shop.hak5.org/blogs/payloads/everything-password-stealer

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

9608a8479c39236d912f0d6c94dc02a41f493d5ece2df9b47dcb4cfdf9eca1f2

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://social-login.oxiapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 10803
content-encoding: br
server-timing: imagery;dur=93.459, imageryFetch;dur=44.684, cfRequestDuration;dur=11.999846
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 15bb5258-29d1-41a7-9fef-d62302fdcc2b
last-modified: Thu, 11 Jan 2024 23:59:00 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3n3jFpmlKFMNAKk4NdliyOCZI1YysygneTFOe24I76e8%2FYWM6gOi7w1SGv9HgR95VCZr17RJ4iCGMYsIJvZ7lYI2NdCcilzJyJtZsXQ87UUyu%2FGNPA9Ry0W%2FlleOi7Gv%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1335/5701/t/12/assets/jquery-1.11.0.min.js>; rel="canonical"
cf-ray: 8442246f1a8039e9-YYZ

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame EF65 41 KB
26 KB 62ms
62ms Document
text/html 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcCR2cUAAAAANS1Gpq_mDIJ2pQuJphsSQaUEuc9&co=aHR0cHM6Ly9zaG9wLmhhazUub3JnOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=vsmu2hrycikx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

GSE /

Resource Hash

a79073153d828f01952f6ec8b1174cd3609a1ba485ef562b9c8678c0632bcb56

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--rgopObUQWs9uczFwQZrEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--rgopObUQWs9uczFwQZrEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 02:59:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 844.latest.en.7fcd45ae446a9a5574e8.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
1 KB 31ms
30ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/844.latest.en.7fcd45ae446a9a5574e8.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 26256
content-encoding: br
server-timing: imagery;dur=24.895, imageryFetch;dur=24.311, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6254464d-1a6c-450f-9deb-9a0f729ebfcc
last-modified: Thu, 11 Jan 2024 19:32:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNI8veFo9eMpVU%2FZXU%2BrzIYOmwCEWRCo9NeSm8gb0iWA6f30hOqjvseERHTa91BPY7wM213LtUrKNgA05Ycmilx9uVa%2BTqzipVdDnN5GuYusPxyEd4KdQreo7cuPrI97SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/844.latest.en.7fcd45ae446a9a5574e8.js>; rel="canonical"
cf-ray: 8442246fbffb36c8-YYZ

GET
H2 200 en-us-json-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 5DD6 25 KB
6 KB 49ms
49ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
x-amz-version-id: Xo1h7j84vGmG9Gk_pCcj7jCQD2BwGUUO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPFGS4SBCJ216KA
age: 3283821
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: KPhHQZ5iIGydSOF/FRCx8eCn3ImV7hM3qo3KWavgH4MUbCLy67WRA+HVKMqLOfRNXjGgWGdXoIE=
last-modified: Tue, 05 Dec 2023 00:24:12 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQWgBefXdIFRyP%2Fx66i6iQComFuPq2ObKEsv4Mpz069Jxr%2FMSUgKyz%2FvsEzasEwhwTd1HAU9tBTUqukSxmeOpB3crIlQrGXFzPFbJdrwu44ZJt6PNf24Fy%2Fm9dNOOKeBTp4maTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8442247079323a03-YYZ
expires: Wed, 04 Dec 2024 00:24:11 GMT

GET
H2 200 config Show response
hakshop.zendesk.com/embeddable/ Frame 5DD6 90 B
972 B 131ms
74ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hakshop.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bbe516c449e2ce76974678f245931b1448fbd612fd85fabb16968c8974a12bc

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-8475f9dfdc-m22pr
x-cached: MISS
x-request-id: 84422470c81636fd-YYZ
x-runtime: 0.002342
last-modified: Fri, 12 Jan 2024 02:53:18 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICkQOh4RXgSc2CIbnUo05nWrYQC9s9H8OQDzt%2F3Lftwr7HLx0OKIYDH5R8MPG1J8CIt40Puu3igD%2FooAT6qt4qUjGQRW4F0s15%2FdUEcuZr1zHbVCNblQV6trUkB%2FcyjfaPE4L9o%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 84422470c81636fd-YYZ

GET
H2 200 css
fonts.googleapis.com/ Frame 4624 5 KB
762 B 47ms
45ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700

Requested by

Host: sdk.postscript.io
URL: https://sdk.postscript.io/desktop?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%2Cpopup_new_compliance_text&disclaimer=%7B%22privacy_policy%22%3A%7B%22text%22%3A%22Privacy+Policy%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fprivacy-policy%22%7D%2C%22terms_of_service%22%3A%7B%22text%22%3A%22Terms+of+Service%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fterms-of-service%22%7D%2C%22text%22%3A%22*By+providing+your+phone+number%2C+you+agree+to+receive+recurring+automated+marketing+text+messages+%28e.g.+cart+reminders%29+from+this+shop+and+third+parties+acting+on+its+behalf.+Consent+is+not+a+condition+to+obtain+goods+or+services.+Msg+%26+data+rates+may+apply.+Msg+frequency+varies.+Reply+HELP+for+help+and+STOP+to+cancel.+You+also+agree+to+the+%7Bterms_of_service%7D+and+%7Bprivacy_policy%7D.%22%7D&origin=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

7654274cd06f347d0d6bf4dff07eb8216759e1e2d4d8af6f9ff8b08fd88bc333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.postscript.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 02:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 01:29:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 02:59:14 GMT

GET
H3 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 4624 30 KB
7 KB 69ms
29ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.postscript.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 848733
cdn-cachedat: 11/18/2022 06:18:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b3a57c6aca414a3b87fe0638b631146d
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84422470bbe7a234-YYZ
cdn-requestpullsuccess: True

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame EF65 55 KB
24 KB 111ms
38ms Stylesheet
text/css 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcCR2cUAAAAANS1Gpq_mDIJ2pQuJphsSQaUEuc9&co=aHR0cHM6Ly9zaG9wLmhhazUub3JnOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=vsmu2hrycikx

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 22:18:19 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame EF65 503 KB
201 KB 108ms
36ms Script
text/javascript 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 22:18:18 GMT

GET
H3 200 OnePage.latest.en.6bf8bf7f7518275deeba.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
242 KB 63ms
63ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/OnePage.latest.en.6bf8bf7f7518275deeba.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 11658
content-encoding: br
server-timing: imagery;dur=26.532, imageryFetch;dur=26.300, cfRequestDuration;dur=26.000023
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0e5fc350-4f5a-4cc2-8b0f-5a1da2e5fe56
last-modified: Thu, 11 Jan 2024 23:39:32 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBbIDJRnjwPanedExTWcChSnobw2QXloGS8T%2FvrZ36KjEWvcv4Sp9h%2BQExzDyV8Y228EGB6BK8k4E1PxzQNwShrdDwmFFQPTwJNet5ZSM1rn1lePIahQZsHfOy1tfjaMiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/OnePage.latest.en.6bf8bf7f7518275deeba.js>; rel="canonical"
cf-ray: 844224712aeb36c8-YYZ

GET
H2 200 rp-logo-icon.svg
assets-app.richpanel.com/ 2 KB
1 KB 143ms
45ms Image
image/svg+xml 13.226.139.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-app.richpanel.com/rp-logo-icon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.139.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-139-27.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eea2cec609fee0a43e0580c4dcb74f898fd1da52b087cd473039c1307b841c90

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://shop.hak5.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 07:04:47 GMT
content-encoding: gzip
via: 1.1 71c905b4598d7bc2693cb47f711520b0.cloudfront.net (CloudFront)
last-modified: Sat, 29 Oct 2022 04:45:47 GMT
server: AmazonS3
x-amz-cf-pop: YTO50-C2
age: 8106868
etag: W/"7330087230692e23be1c6e1b9a54f5c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: S7H-6sFfPI3rfHkWhorg26jWdjoIUKA3dCDqiNe-tYkgCwlmOCxezQ==

OPTIONS
H2 200 start
tracking.refersion.com/ Frame 0
0 146ms
105ms Preflight
application/json 104.18.33.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://shop.hak5.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 844224719e5d7116-YYZ
content-length: 0
content-type: application/json
date: Fri, 12 Jan 2024 02:59:14 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 70fd8dd903406754b301439f9111e256.cloudfront.net (CloudFront)
x-amz-apigw-id: RZ-ofF33oAMEYbA=
x-amz-cf-id: rriZ-wbIaz51nBnrDGf6Ew2bTrMifSxGt7c1LMdRCdME2HHpT5xdfw==
x-amz-cf-pop: YTO50-P2
x-amzn-requestid: 93447ea9-47b3-4b4e-a7fd-f6dd2976045d
x-cache: Miss from cloudfront

POST
H2 200 start Show response
tracking.refersion.com/ 225 B
620 B 183ms
182ms XHR
application/json 104.18.33.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/start

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b443da45acfe8100305e7c7171654f4bf5e474e3443024bc809351a6690908

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
Key: pub_355091c9c4a36690e083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 02:59:15 GMT
via: 1.1 e6bfe249d47d39a52673337cf444c9ce.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-cf-pop: YTO50-P2
x-amzn-requestid: 6013d9d4-06e4-4b2c-bf3a-5b1e10c3a69f
x-cache: Miss from cloudfront
x-amz-apigw-id: RZ-ogHWHoAMEFLw=
server: cloudflare
x-amzn-trace-id: Root=1-65a0ab02-427bb7c71bb3b9062e743ecf;Sampled=0;lineage=473d8242:0
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 844224724fae7116-YYZ
access-control-allow-headers: Refersion-Public-Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-cf-id: 8-vLSzSFghTC1cxVLC2tctewawgXqU6sFeIfMihhTJz-c5v3yxFsXw==

GET
H3 200 cart.json Show response
shop.hak5.org/ 283 B
1 KB 95ms
95ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cart.json

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

429c73ddab5e012bbf63cedd9cdfc49eaa84c14998c7ca4b844781bd2ce74994

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-northamerica-northeast2,gcp-us-central1,gcp-us-central1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=18;desc="gc:1", db;dur=6, asn;desc="212238", edge;desc="YUL", country;desc="CA", servedBy;desc="lmrm", requestID;desc="d4e52bcf-afdf-4c9a-93e6-412da1d1c3a9", cfRequestDuration;dur=69.000006
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: d4e52bcf-afdf-4c9a-93e6-412da1d1c3a9
x-shardid: 112
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 682142
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
content-language: en
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ID5F3oZfV2PaF7LXEPeircbHAmmar%2Ba8brL7S9bed1%2Fp%2BuWWFPA0BzVehhqMM07GTLW9Rn06xe%2B%2BpVB%2B1RGU9cLEb9CseJh6vr23R8aOpGHAefStffHwYQlmNrIHm2s%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 84422471ac317133-YUL
x-sorting-hat-podid: 112
x-cartjs-updatedat: 0

GET
H2 200 desktop.css
sdk.postscript.io/ Frame 4624 36 KB
6 KB 87ms
84ms Stylesheet
text/css 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.postscript.io/desktop.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96efaf91fd8dbc410e7b07d8f0b73da5b9258db7d3cbe5b2e79eff22c7c5dd5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.postscript.io/desktop?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%2Cpopup_new_compliance_text&disclaimer=%7B%22privacy_policy%22%3A%7B%22text%22%3A%22Privacy+Policy%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fprivacy-policy%22%7D%2C%22terms_of_service%22%3A%7B%22text%22%3A%22Terms+of+Service%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fterms-of-service%22%7D%2C%22text%22%3A%22*By+providing+your+phone+number%2C+you+agree+to+receive+recurring+automated+marketing+text+messages+%28e.g.+cart+reminders%29+from+this+shop+and+third+parties+acting+on+its+behalf.+Consent+is+not+a+condition+to+obtain+goods+or+services.+Msg+%26+data+rates+may+apply.+Msg+frequency+varies.+Reply+HELP+for+help+and+STOP+to+cancel.+You+also+agree+to+the+%7Bterms_of_service%7D+and+%7Bprivacy_policy%7D.%22%7D&origin=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"9f0d40476f37ce83afc7cb13c3de5748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxFKvO03rD8nCpc%2BWH4wBxn2poBvqj83vZkPe9LqbyHkVAxr4AWFC5p5mDFsHpCGvBLfYp8dOJv7w4LWyDkW3Xwj%2FJ89xgV%2B0Dzfq9VTwrD598KiaBjmgDcSpmcqrP59nVIj2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 84422471bc6536af-YYZ

GET
H2 200 desktop.bundle.js Show response
sdk.postscript.io/ Frame 4624 237 KB
70 KB 102ms
100ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.postscript.io/desktop.bundle.js?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%2Cpopup_new_compliance_text&disclaimer=%7B%22privacy_policy%22%3A%7B%22text%22%3A%22Privacy+Policy%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fprivacy-policy%22%7D%2C%22terms_of_service%22%3A%7B%22text%22%3A%22Terms+of+Service%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fterms-of-service%22%7D%2C%22text%22%3A%22*By+providing+your+phone+number%2C+you+agree+to+receive+recurring+automated+marketing+text+messages+%28e.g.+cart+reminders%29+from+this+shop+and+third+parties+acting+on+its+behalf.+Consent+is+not+a+condition+to+obtain+goods+or+services.+Msg+%26+data+rates+may+apply.+Msg+frequency+varies.+Reply+HELP+for+help+and+STOP+to+cancel.+You+also+agree+to+the+%7Bterms_of_service%7D+and+%7Bprivacy_policy%7D.%22%7D&origin=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6e335f0e012771da5fe879d585390cbed55c4086c4c812675aa574acf4093c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.postscript.io/desktop?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%2Cpopup_new_compliance_text&disclaimer=%7B%22privacy_policy%22%3A%7B%22text%22%3A%22Privacy+Policy%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fprivacy-policy%22%7D%2C%22terms_of_service%22%3A%7B%22text%22%3A%22Terms+of+Service%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fterms-of-service%22%7D%2C%22text%22%3A%22*By+providing+your+phone+number%2C+you+agree+to+receive+recurring+automated+marketing+text+messages+%28e.g.+cart+reminders%29+from+this+shop+and+third+parties+acting+on+its+behalf.+Consent+is+not+a+condition+to+obtain+goods+or+services.+Msg+%26+data+rates+may+apply.+Msg+frequency+varies.+Reply+HELP+for+help+and+STOP+to+cancel.+You+also+agree+to+the+%7Bterms_of_service%7D+and+%7Bprivacy_policy%7D.%22%7D&origin=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"ef14e58c3de6d27d9302dfd8b253dad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AHzmtguVTvK8LTebLuO8az5okO4MkyYgvhxroBkDLHFh%2Fg72qoY2LB9zI%2BlYEqzHD1Aq8U%2Fy1E1jDHcVTZJAkHJmOYRpl9ZzAybEBAnQDoszSq%2BodzB87X2B2TluSwwTuzGIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 84422471bc6736af-YYZ

GET
H3 200 431.latest.en.18eecd205dabb9c44d0a.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
24 KB 35ms
35ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/431.latest.en.18eecd205dabb9c44d0a.css

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 21337
content-encoding: br
server-timing: imagery;dur=337.101, imageryFetch;dur=27.302, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6ead0c42-749a-46bd-b1fd-e429252ea957
last-modified: Thu, 11 Jan 2024 20:56:46 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pinrq%2Ft6nm%2Fq9drcvG%2BQm4NzBA1laCoNMbv%2BAyEh4eNgMMaIPxHITjG2IRaR76yrJzLZUA%2Fc9tdiY427%2BFMRGqik1UCc7zaFwu7kYeWZF0P52gnp%2FIUfJkQl6s9XW7S3mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/431.latest.en.18eecd205dabb9c44d0a.css>; rel="canonical"
cf-ray: 84422471bbf636c8-YYZ

GET
H3 200 kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js Show response
www.google.com/js/bg/ Frame EF65 17 KB
7 KB 36ms
36ms Script
text/javascript 172.253.122.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f99.1e100.net

Software

sffe /

Resource Hash

927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 11:47:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6851
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 11:47:29 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EF65 2 KB
2 KB 37ms
37ms Image
image/png 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:22:48 GMT
x-content-type-options: nosniff
age: 27386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 18 Jan 2024 19:22:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EF65 15 KB
15 KB 40ms
40ms Font
font/woff2 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:51:20 GMT
x-content-type-options: nosniff
age: 151674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 08:51:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EF65 15 KB
15 KB 36ms
36ms Font
font/woff2 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:05:20 GMT
x-content-type-options: nosniff
age: 150834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 09:05:20 GMT

GET
H3 200 app.latest.en.e5a7f63ca146c0549466.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
2 KB 33ms
32ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.e5a7f63ca146c0549466.css

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 542613
content-encoding: br
server-timing: imagery;dur=19.892, imageryFetch;dur=19.245, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8643fd58-b1ec-45f9-a403-8509cf95c904
last-modified: Wed, 13 Dec 2023 20:03:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5Xak%2F4pfu%2FwK1E0FTdUFQiIkLwRccVPY7sK87p3fxxFIKLq0%2Fz2HGVicDJXzoeTQqNYpNvqzylaGpKGqjcJKG75%2FeDH2LAyO1sukA3MbljJOs4uVOP6byHWICgDfLNPmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.e5a7f63ca146c0549466.css>; rel="canonical"
cf-ray: 844224722cd936c8-YYZ

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame EF65 102 B
135 B 49ms
49ms Other
text/javascript 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

GSE /

Resource Hash

55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcCR2cUAAAAANS1Gpq_mDIJ2pQuJphsSQaUEuc9&co=aHR0cHM6Ly9zaG9wLmhhazUub3JnOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=vsmu2hrycikx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 02:59:14 GMT

GET
H3 200 958.latest.en.31c500f25402b90e24ba.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
9 KB 42ms
41ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/958.latest.en.31c500f25402b90e24ba.css

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 36914
content-encoding: br
server-timing: imagery;dur=17.818, imageryFetch;dur=17.590, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2b743480-8592-456c-8dc4-8394f9d98770
last-modified: Thu, 11 Jan 2024 16:19:30 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3GfU12z2HEwnqNBISTprtw5lyS4DEVxu0oBBchoHFdjAINbH7yNwCCiehmihpU22bZb8zA4li3hY%2FfNdA2oMM9J2FmvOwFKmQdAd6HjT601W9ntN8UByiKHEsnMnuu90g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/958.latest.en.31c500f25402b90e24ba.css>; rel="canonical"
cf-ray: 844224729dce36c8-YYZ

POST
H2 200 / Show response
o142330.ingest.sentry.io/api/4504340660355072/envelope/ Frame 4624 2 B
324 B 79ms
41ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o142330.ingest.sentry.io/api/4504340660355072/envelope/?sentry_key=1f67009d53b34b6e9118ddf500f45208&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.59.2

Requested by

Host: sdk.postscript.io
URL: https://sdk.postscript.io/desktop.bundle.js?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%2Cpopup_new_compliance_text&disclaimer=%7B%22privacy_policy%22%3A%7B%22text%22%3A%22Privacy+Policy%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fprivacy-policy%22%7D%2C%22terms_of_service%22%3A%7B%22text%22%3A%22Terms+of+Service%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fterms-of-service%22%7D%2C%22text%22%3A%22*By+providing+your+phone+number%2C+you+agree+to+receive+recurring+automated+marketing+text+messages+%28e.g.+cart+reminders%29+from+this+shop+and+third+parties+acting+on+its+behalf.+Consent+is+not+a+condition+to+obtain+goods+or+services.+Msg+%26+data+rates+may+apply.+Msg+frequency+varies.+Reply+HELP+for+help+and+STOP+to+cancel.+You+also+agree+to+the+%7Bterms_of_service%7D+and+%7Bprivacy_policy%7D.%22%7D&origin=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://sdk.postscript.io/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 02:59:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 desktop Show response
api.postscript.io/v2/public/popups/7832/ Frame 4624 14 B
578 B 95ms
94ms Fetch
application/json 18.67.17.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.postscript.io/v2/public/popups/7832/desktop
Requested by: Host: sdk.postscript.io
URL: https://sdk.postscript.io/desktop.bundle.js?shopId=7832&shopShop=hakshop&sessionId=V5cdaAbGPZrzriXXTuXD5&status=&splitTests=&flags=log_headless_shops%2Cpopup_auto_apply_coupon%2Cpopup_auto_apply_fondue%2Cpopup_new_compliance_text&disclaimer=%7B%22privacy_policy%22%3A%7B%22text%22%3A%22Privacy+Policy%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fprivacy-policy%22%7D%2C%22terms_of_service%22%3A%7B%22text%22%3A%22Terms+of+Service%22%2C%22url%22%3A%22https%3A%2F%2Fhakshop.myshopify.com%2Fpolicies%2Fterms-of-service%22%7D%2C%22text%22%3A%22*By+providing+your+phone+number%2C+you+agree+to+receive+recurring+automated+marketing+text+messages+%28e.g.+cart+reminders%29+from+this+shop+and+third+parties+acting+on+its+behalf.+Consent+is+not+a+condition+to+obtain+goods+or+services.+Msg+%26+data+rates+may+apply.+Msg+frequency+varies.+Reply+HELP+for+help+and+STOP+to+cancel.+You+also+agree+to+the+%7Bterms_of_service%7D+and+%7Bprivacy_policy%7D.%22%7D&origin=https%3A%2F%2Fshop.hak5.org%2Fblogs%2Fpayloads%2Feverything-password-stealer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.17.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-17-24.yto50.r.cloudfront.net
Software: /
Resource Hash: b7117a080528d880ed147b32f3020b55bea7bd3672b225494bc5387b0a16fee9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.postscript.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:15 GMT
content-encoding: gzip
via: 1.1 4ddb3602395856d6beaf04efda8919b2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 14
x-amzn-remapped-server: gunicorn/20.0.4
x-amz-cf-pop: YTO50-P1
x-amzn-requestid: 148ce8ba-dab3-4ddc-943a-ac955f95f051
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: RZ-ohH6koAMESZw=
content-length: 34
vary: Origin
content-type: application/json
access-control-allow-origin: https://sdk.postscript.io
cache-control: public, max-age=300
access-control-allow-credentials: true
x-amzn-remapped-date: Fri, 12 Jan 2024 02:59:15 GMT
x-amz-cf-id: 6XuN_fr1uMFpchrRMW7HFTk87p7sDkLt4qEea9LaCSZFY8noZcTpiQ==

GET
H3 200 74.latest.en.3120ae2cf08678c4e2e9.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
8 KB 37ms
36ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/74.latest.en.3120ae2cf08678c4e2e9.css

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 15969
content-encoding: br
server-timing: imagery;dur=17.627, imageryFetch;dur=15.888, cfRequestDuration;dur=15.999794
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: e5881884-909b-4428-9e89-092f20d4073b
last-modified: Thu, 11 Jan 2024 22:23:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvO3GenwaABfr%2ByiFZlmwpk4uyQaS1wAAW%2BV8kZBOjz2p6zvr8Myf%2BSbEhkZ8C%2F4cULP78KhxEXiPNjhkG26vYWQvJuefnwf9MMrvbuwA0X0%2F8Z0tnNIqXj4Bxf%2ByvLtIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/74.latest.en.3120ae2cf08678c4e2e9.css>; rel="canonical"
cf-ray: 84422472ee8b36c8-YYZ

GET
H3 200 hak5_logo_180_f0dcd9e0-e46c-4602-8664-20af10fe2e2e_x320.png
cdn.shopify.com/s/files/1/0068/2142/files/ 0
6 KB 42ms
41ms Other
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0068/2142/files/hak5_logo_180_f0dcd9e0-e46c-4602-8664-20af10fe2e2e_x320.png?v=1614333643

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/checkouts/internal/preloads.js?permanent-domain=hakshop.myshopify.com&locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.hak5.org/
Origin: https://shop.hak5.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 3862092
source-type: image/png
server-timing: imagery;dur=50.929, imageryFetch;dur=42.051, imageryProcess;dur=8.243;desc="image", cfRequestDuration;dur=22.000074
source-length: 6905
content-length: 5468
x-xss-protection: 1; mode=block
x-request-id: cefe7918-af8c-4b65-b165-577315ef426c
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 07:38:02 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERDPb20mPwZTYrFVifVepH8Z7Jqv6wpP6RpHE3V5Oq%2FL5yjafU8O6mmg69JZ6pEh3FnxfE1xWz0q4oxAscUWGdnn86XatLOYGBfPXl6GDjgM2TwKcp5uJ8ELAJNGN6uSbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0068/2142/files/hak5_logo_180_f0dcd9e0-e46c-4602-8664-20af10fe2e2e_x320.png>; rel="canonical"
cf-ray: 844224732f3036c8-YYZ

POST
H3 200 update.js Show response
shop.hak5.org/cart/ 332 B
2 KB 193ms
193ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cart/update.js

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

31b65f8f432ab41daff2790dc0c2689a5f546ca5a3a74cb09adb960d1d495069

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=055844ec-0147-40ef-9219-756e0c7592d2
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=055844ec-0147-40ef-9219-756e0c7592d2

Request headers

Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 12 Jan 2024 02:59:15 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=055844ec-0147-40ef-9219-756e0c7592d2
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-northamerica-northeast2,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-envoy-upstream-service-time: 85
server-timing: processing;dur=83, cfRequestDuration;dur=167.000055
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=055844ec-0147-40ef-9219-756e0c7592d2
x-sorting-hat-shopid: 682142
x-request-id: 055844ec-0147-40ef-9219-756e0c7592d2
x-shardid: 112
x-shopify-stage: production
server: cloudflare
x-shopid: 682142
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
content-language: en-US
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGDtfE0itaqsLto2lfe6Gt0rdmsSOwC5eV%2FBl2vPmbYUSeNyTeiW59UfZHVeFln1mQawGUxR7MmoC9uh5V%2FoPMkie597x9LKChWbFqEP57NLoJ3QcwYMaBGBJhP7Xpg%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 844224738edb7133-YUL
x-liquid-rendered-at: 2024-01-12T02:59:15.224101042Z
x-sorting-hat-podid: 112

OPTIONS
H2 200 page_view
tracking.refersion.com/ Frame 0
0 113ms
113ms Preflight
application/json 104.18.33.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/page_view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://shop.hak5.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 84422473aa9d7116-YYZ
content-length: 0
content-type: application/json
date: Fri, 12 Jan 2024 02:59:15 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 70fd8dd903406754b301439f9111e256.cloudfront.net (CloudFront)
x-amz-apigw-id: RZ-ojGwSoAMEGvw=
x-amz-cf-id: JHtyTBvHCSZt8MzApNtOivNaUU8hPW7hB6SQPJYyUgObRHHwUhzAhg==
x-amz-cf-pop: YTO50-P2
x-amzn-requestid: cb2f23eb-2f7c-451f-8108-d4a720d9f421
x-cache: Miss from cloudfront

POST
H2 200 page_view Show response
tracking.refersion.com/ 245 B
458 B 123ms
123ms XHR
application/json 104.18.33.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/page_view

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

218cb42a46e2092cfc25b78bfb2c1efc68c4e8ffacc00631102bbb702ca12fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
Key: pub_355091c9c4a36690e083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 02:59:15 GMT
via: 1.1 e6bfe249d47d39a52673337cf444c9ce.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-cf-pop: YTO50-P2
x-amzn-requestid: 85a536a1-37aa-4ae1-b998-7032fd21aa9c
x-cache: Miss from cloudfront
x-amz-apigw-id: RZ-ojF9kIAMEsWA=
server: cloudflare
x-amzn-trace-id: Root=1-65a0ab03-2e57e48524cc22f60106fa74;Sampled=0;lineage=ecfbf259:0
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 844224746bff7116-YYZ
access-control-allow-headers: Refersion-Public-Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-cf-id: qC1McOpU0FDOGYxDGApMj36NeesJDJde-Lx6O5E7YCEbdtBCVyUqZA==

GET
H3 200 cart.json Show response
shop.hak5.org/ 332 B
1 KB 100ms
99ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.hak5.org/cart.json

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

31b65f8f432ab41daff2790dc0c2689a5f546ca5a3a74cb09adb960d1d495069

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.hak5.org/blogs/payloads/everything-password-stealer
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 02:59:15 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-northamerica-northeast2,gcp-us-east1,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=12, db;dur=4, asn;desc="212238", edge;desc="YUL", country;desc="CA", servedBy;desc="s7n4", requestID;desc="b6f7c4ce-d18e-41ad-aa94-86de6aa66b4f", cfRequestDuration;dur=72.999954
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 682142
x-request-id: b6f7c4ce-d18e-41ad-aa94-86de6aa66b4f
x-shardid: 112
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 682142
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
content-language: en-US
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wd2s59De8TeKgBhoZQrlfZrlYfyz%2BvQIo2TfxH%2FK3c3H8HbhqSb1VmRVz4gwUBXZqIyGKtdLMiHV7cX%2BEZVjBTjEUm9dwpCBUNzZpDkr5PyIsQo%2Ba9nJkdwT9fUyd70%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 84422474b9147133-YUL
x-sorting-hat-podid: 112
x-cartjs-updatedat: 1705028355

OPTIONS
H2 200 checkout
tracking.refersion.com/ Frame 0
0 96ms
96ms Preflight
application/json 104.18.33.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://shop.hak5.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 84422476a8e87116-YYZ
content-length: 0
content-type: application/json
date: Fri, 12 Jan 2024 02:59:15 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 70fd8dd903406754b301439f9111e256.cloudfront.net (CloudFront)
x-amz-apigw-id: RZ-onEncoAMEc_w=
x-amz-cf-id: g_IbdG9JX-wiNS2n-Q37_eFPAkrshtCB0xXRIZjzbkzJ7voeJ870ZA==
x-amz-cf-pop: YTO50-P2
x-amzn-requestid: b02eba89-51cc-473c-b25f-72139ec83bcc
x-cache: Miss from cloudfront

POST
H2 200 checkout Show response
tracking.refersion.com/ 248 B
449 B 129ms
129ms XHR
application/json 104.18.33.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.refersion.com/checkout

Requested by

Host: shop.hak5.org
URL: https://shop.hak5.org/cdn/wpm/bc3e06decw4db1e3a6p9888f859mdcd2346em.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f6d973e0dda9526e719addd284024b00a0b386f746899ea5a77974b0b1108c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://shop.hak5.org/
accept-language: en-CA,en;q=0.9
Key: pub_355091c9c4a36690e083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 02:59:15 GMT
via: 1.1 e6bfe249d47d39a52673337cf444c9ce.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-cf-pop: YTO50-P2
x-amzn-requestid: 30d0c9bc-cf53-4736-89fd-91001ff4471b
x-cache: Miss from cloudfront
x-amz-apigw-id: RZ-ooHm1oAMEICQ=
server: cloudflare
x-amzn-trace-id: Root=1-65a0ab03-1e3d59ad13f85d4562646152;Sampled=0;lineage=b4efe164:0
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 844224773a3e7116-YYZ
access-control-allow-headers: Refersion-Public-Key,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-cf-id: Ai5G36qBsDgV0Y-wZYP2GvF2eymC8u47CuaoN45vuBoCdRr1dr_-9w==

Verdicts & Comments Add Verdict or Comment

416 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
shop.hak5.org/	1970-01-20 17:37:10	Name: keep_alive Value: 0d35228f-fa6e-49a5-a1f7-a1e5e44da2de
shop.hak5.org/	1970-01-21 02:24:10	Name: secure_customer_sig Value:
shop.hak5.org/	1970-01-21 02:24:10	Name: localization Value: US
shop.hak5.org/	1970-01-20 17:57:17	Name: cart_currency Value: USD
.hak5.org/	1970-01-21 02:22:44	Name: _shopify_y Value: c7ab150c-8859-4940-b41c-5555ab5a9c44
.hak5.org/	1970-01-20 17:57:17	Name: _orig_referrer Value:
.hak5.org/	1970-01-20 17:57:17	Name: _landing_page Value: %2Fblogs%2Fpayloads%2Feverything-password-stealer
.hak5.org/	1970-01-20 17:37:10	Name: _shopify_s Value: 24c4f8c0-7f0f-44dc-911b-18b76a0c462a
.hak5.org/	1970-01-20 17:38:34	Name: _gid Value: GA1.2.829183659.1705028353
.hak5.org/	1970-01-20 17:37:08	Name: _gat Value: 1
.hak5.org/	1970-01-20 17:37:10	Name: _shopify_sa_t Value: 2024-01-12T02%3A59%3A12.581Z
.hak5.org/	1970-01-20 17:37:10	Name: _shopify_sa_p Value:
shop.hak5.org/	1970-01-20 17:37:11	Name: shopify_pay_redirect Value: pending
.hak5.org/	1970-01-20 19:46:44	Name: _gcl_au Value: 1.1.1468863781.1705028353
.hak5.org/	1970-01-20 19:46:44	Name: _fbp Value: fb.1.1705028352965.190231387
.hak5.org/	1970-01-21 03:13:08	Name: _ga_Q91E4THL33 Value: GS1.1.1705028353.1.0.1705028353.0.0.0
.hak5.org/	1970-01-21 03:13:08	Name: _ga Value: GA1.1.2059743091.1705028353
.doubleclick.net/	1970-01-20 17:37:09	Name: test_cookie Value: CheckForPermission
shop.hak5.org/	1970-01-20 17:37:08	Name: rp_customer_id Value:
shop.hak5.org/	1970-01-20 17:37:08	Name: rp_email Value:
shop.hak5.org/	1970-01-20 17:37:08	Name: rp_firstName Value:
shop.hak5.org/	1970-01-20 17:37:08	Name: rp_lastName Value:
.nofraud.com/	1970-01-20 17:37:29	Name: nf28930_customer_code Value: 218-036-979
.nofraud.com/	1970-01-21 02:24:10	Name: nf_device Value: bbef0bc9-9e97-4fd5-8998-bc6640418888
shop.hak5.org/	1969-12-31 23:59:59	Name: fsb_previous_pathname Value: /blogs/payloads/everything-password-stealer
shop.hak5.org/	1969-12-31 23:59:59	Name: epb_previous_pathname Value: /blogs/payloads/everything-password-stealer
.criteo.com/	1970-01-21 02:58:44	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:58:44	Name: uid Value: e59f78f8-3c44-442c-852d-3f6ec06d925a
.shop.hak5.org/	1970-01-21 02:22:44	Name: _pandectes_gdpr Value: eyJjb3VudHJ5Ijp7ImNvZGUiOiJDQSIsInN0YXRlIjoiT04iLCJkZXRlY3RlZCI6MTcwNTAyODM1M30sInByZWZlcmVuY2VzIjowLCJ0aW1lc3RhbXAiOjE3MDUwMjgzNTMsInN0YXR1cyI6ImFsbG93In0=
.shop.hak5.org/	1970-01-21 03:13:08	Name: rpdid Value: c87e6221-a87d-4107-bf85-2bfdef219aa2
.shop.hak5.org/	1970-01-20 17:37:29	Name: rpsid Value: 133e6320-bef4-4112-8439-fbb67470de39
.shop.hak5.org/	1970-01-21 03:13:08	Name: rptkn Value: hak58601
.hak5.org/	1970-01-21 03:13:08	Name: __mmapiwsid Value: 018cfb9b-ff3f-76c2-838d-578b18d7dddb:e729a42f29a7f3c33eab63cc99b5334e69a1aa8f
.hak5.org/	1970-01-21 03:06:32	Name: cto_bundle Value: 0fCaK19FVUVKb1FBNWtSdzdYZGVzWmVVdU5zMVd0WnlTV2pzcktHS0RGM3RVb0VTMVUwOW9lN0hwdDBZUUpNckdYS3lnUEVkcFc2YnBQMGNRbG1wdWZZYUlPQVl1OFBqczdZWWFnN2NhSGk0eks2R1p4WDA1SXdPcUdhVm5scDlHMlNTJTJCbyUyQnNFJTJGNUJFQ3pZZG82NTlZQ2JHV3clM0QlM0Q
.hak5.org/	1970-01-20 17:38:34	Name: _cmp_a Value: %7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22sale_of_data_region%22%3Afalse%7D
social-login.oxiapps.com/	1970-01-20 17:37:15	Name: ci_session Value: 2m279j9uf7r3h114o8psbru2f841c9g6
shop.hak5.org/	1970-01-20 17:37:29	Name: lsc_item_count Value: 0
shop.hak5.org/	1969-12-31 23:59:59	Name: lsc_previous_pathname Value: /blogs/payloads/everything-password-stealer
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: yG6l3Z_eu5M
.youtube.com/	1970-01-20 21:56:20	Name: VISITOR_INFO1_LIVE Value: Eotv1OVblTw
shop.hak5.org/	1970-01-20 17:38:34	Name: _ps_session Value: V5cdaAbGPZrzriXXTuXD5
social-login.oxiapps.com/	1970-01-20 17:47:13	Name: checkout_shop Value: hakshop.myshopify.com
social-login.oxiapps.com/	1970-01-20 17:47:13	Name: oxi_referrer Value: https://shop.hak5.org/
social-login.oxiapps.com/	1970-01-20 17:47:13	Name: parenturl Value: https://shop.hak5.org/blogs/payloads/everything-password-stealer
social-login.oxiapps.com/	1970-01-20 17:47:13	Name: osl_checkout_url Value:
ws-prod.richpanel.com/	1970-01-20 17:47:13	Name: AWSALBCORS Value: SVT7ua6XXpUDmXl4Q2Plg/amFQz3cLE5TlXyRrW3sKO8WE9QuQ/UzmD/Evlio1X+A6VjTXXyR3huS2exI11Cs/8WHs+qREFNRzvbca8sPT5rSfvNBCmwYWzx1Q+i
shop.hak5.org/	1970-01-20 17:57:17	Name: cart Value: df17b2fb1f120851f42bbea48694f8ef
shop.hak5.org/	1970-01-20 17:57:17	Name: cart_ts Value: 1705028355
shop.hak5.org/	1970-01-20 17:57:17	Name: cart_sig Value: a5f2d4ebe06c1c458d5352d7e4749b50

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shop.hak5.org/set_tracking_consent.json Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://shop.hak5.org/set_tracking_consent.json Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.postscript.io
api.richpanel.com
app-easy-product-downloads.fr
app.backinstock.org
app.easyquote.pw
assets-app.richpanel.com
assets.zendesk.com
cdn.hextom.com
cdn.jsdelivr.net
cdn.refersion.com
cdn.richpanel.com
cdn.shopify.com
cdn.verifypass.com
cdnjs.cloudflare.com
connect.facebook.net
d-ipv6.mmapiws.com
d1liekpayvooaz.cloudfront.net
ekr.zdassets.com
epb.hextom.com
files.elfsight.com
files.elfsightcdn.com
fonts.googleapis.com
fonts.gstatic.com
forms.shopifyapps.com
fsb.hextom.com
gallery.cevoid.com
gdpr-mm-geolocation.herokuapp.com
googleads.g.doubleclick.net
gum.criteo.com
hakshop.zendesk.com
lsc.hextom.com
o142330.ingest.sentry.io
preorder-now.herokuapp.com
pub-355091c9c4a36690e083.tracking.refersion.com
reorder-master.hulkapps.com
sdk.postscript.io
services.nofraud.com
shop.app
shop.hak5.org
shopify-widget.route.com
shy.elfsight.com
social-login.oxiapps.com
spa.spicegems.com
spcdn.incartupsell.com
stackpath.bootstrapcdn.com
static.criteo.net
static.elfsight.com
static.zdassets.com
tracking.refersion.com
unpkg.com
vjs.zencdn.net
ws-prod.richpanel.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.merchant-center-analytics.goog
www.recaptcha.net
www.youtube.com
104.16.125.175
104.16.51.111
104.17.25.14
104.18.10.207
104.18.29.199
104.18.33.45
104.18.42.177
104.18.70.113
104.18.72.113
104.197.53.66
104.21.36.65
104.22.68.95
104.26.4.219
104.26.4.247
13.226.139.18
13.226.139.27
13.226.139.36
13.226.139.67
13.33.165.53
142.250.31.138
142.251.111.94
142.251.16.94
142.251.163.139
142.251.163.154
142.251.163.93
142.251.167.155
151.101.1.229
151.101.66.217
151.139.128.10
159.89.51.155
169.150.236.99
172.104.173.243
172.253.122.95
172.253.122.99
172.253.62.94
172.253.63.97
172.64.160.31
18.245.96.11
18.67.17.24
18.67.21.187
185.146.173.20
23.227.38.33
23.227.38.74
23.227.60.200
31.13.66.19
31.13.66.35
34.120.195.249
34.192.153.252
34.195.54.46
35.175.40.141
44.237.176.20
52.88.26.53
54.156.145.102
54.224.34.30
54.243.238.66
74.119.119.131
74.119.119.139
95.216.147.64
009912a961c667c55dec13ee2dd8865f78a337ca5ae3b1b4f6843d59d59b5046
012836af0a51bc628cc3eb10b36ac2b6a1dc5c6b118f95c6e5c0a66bb2c14966
05b161010e8fd7058b49cfc5e927ce4251a7fcad922ecf69944b634635a46b98
05f599513ba283daa5b5f6a4eaf2434bd2f11b33d335fddab0348483aa6ef71c
093ac2fbf305628d9f4fc147888a027a4152c6ebd2db652b9b84c25ae0eafa19
09c8ce1a6512d65da04c187053a1b8f845834fa58085a75db69581c06e732768
09e8f75fb3e70b4ca978186faf7d23fe113970312de50278813408f17d4cf4fc
0bccddb41823c44f0f3dedce43370c196735f9888a2562a2ca57c272fedeb5d9
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0d89fa55d6697fdc456f94357470800c8bca97fe48aab78ee67ac84f8d2ea8ce
0e6569ac12a1dd83fb0703042365e57e3c6329608bd356ce66997fbc36bb7386
0ec592637d07f43de8601aa80623f3a985e43ee2728c9a4dffe25f4bcd7c3e0a
1005b2a1a7cf2562e097c41df50b3a0ec2df0e8bb637c4a123cef6d865f14a79
102af085a7862126f2483b4a87c131e7ea3f203cab1a31e463eebb7e46fafe1a
11b443da45acfe8100305e7c7171654f4bf5e474e3443024bc809351a6690908
12a59c39da54e4716860e589c7c672e78c4e5387f100a792a93d4da87e0b03cf
130f840441a3fd863db483b22f526c4b8c1e8c4a1f6882c5741fa374dd2c18ab
1397ad083167363d53f45b76986491251b67b23c2a0e081a5afe752d56b264fb
13de291769d9d69ddc145d3e8076931d5d3ef6f194a56b5f7bad9ff1382f4052
143fac477d4af988dac93036b8993daabdf04155ec3075a19de3f19001548e1b
16332649b8f35d1d673ba4ad1d48ec7f3ed8003f0cbd65c4875ecea9a35f0e6c
16701a9c39423db1ce993af1de65278f79277783570be4d9f9b68fc929bc95b0
1856acd75bfcf49dfb2c8c032430f34e95cbe18544c55f58d126ec38087fb29b
18b677c0268f0de166ef3b002ba810aacc46fe0d818db3b0e41bf2a00654c36f
1b59921a371f365c49e7de7eb40663d363298a98aa9427f6b8622e8fc427f0e5
1b8fd5686b812d14990d041f3238908e627a60c28755f751d0465a85ea91213b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bbe516c449e2ce76974678f245931b1448fbd612fd85fabb16968c8974a12bc
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f721a76e7b7d5705065d495a4935c93c988aa14d7b834dd4d01f2565b5fe876
1fce8635ace56ca98846248e9954613b279dafe2d87bdd8028b1406de27ee67f
20d5b9348cf1331c646dcad8dfb52165a6a06685e094af5dbcfd347c3805d05e
218cb42a46e2092cfc25b78bfb2c1efc68c4e8ffacc00631102bbb702ca12fa8
2406999c0b677078de0feff848d7916ebde891a1a91da1422bb8de2c4a192456
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
2435e2a5948e6bf4c3613b5abe47db3928ffce186041fa138776011d5d7132db
2856369af033ec2c16ec07a547c9bce6914031103e34c0f5bac4d567161fe9fb
2a1eb3955f4655fdcc988c2d99804bf49367475950d079fe486c44a478772d33
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b347b7b9e4e90c76a86a9156586c30594d63a1a953672972423e6d7b115f293
2e2183880e7cdd1b8e00e78f55958c50bd71506cffd5db0e1adcffcd2637e4f0
2f6d973e0dda9526e719addd284024b00a0b386f746899ea5a77974b0b1108c2
306c5b300f5d6e8178598ff461c179a57ca46e0738e9ebff5197c80e0025a92a
31b65f8f432ab41daff2790dc0c2689a5f546ca5a3a74cb09adb960d1d495069
31eae06f6326485451a57eb0e08fd93f904deafa420c621cb949a2b94a9ea84e
32bac461943f64ec3240b68d96d3c798b30371fae2b1c5cbdd092dc032f0a274
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
3dc8423242bf24ff2c557603320b50dbc6bb45b24f5d41c5f912356a17319b12
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e27aa13441d103329a705eb4f349942bead5855f75b92a4c91572175ccddde8
4060461c3907e6aa08db06e724165af7ed8fe7a7fe049ecc1eed72a6ea72b232
40e627d744439b9fe3d856c10032a5c3494a66593f32eb0e9e84da3b956428ce
41f25a8612359264b93d122f3e10a1dd0c6cc6ba8f42e1fbde39d7d05c4c6e61
41f902f4dceaf354a347b188c6f93d85a06747aa27be4011ecf9316754a87eca
429c73ddab5e012bbf63cedd9cdfc49eaa84c14998c7ca4b844781bd2ce74994
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47affd3dca14ba921fa49af214e765bfb460343e320427effe53c2762cfe71cd
49b9466e0143c72b2d05f694c218ef05f180a6917ac29a9629c43db4cd64cb49
4a334d2153866ad7109f9d07b18565cf99c878c1820b399c7e9b1cd0df24e380
4ba9c812b3462f5111905ce5cc32cd9b3fe98731f9a02cc47141bffd502bf309
4be83638d19a8ce4cf02d462a679714258db21e0509b0dada5eae22b2c52735d
4dda8dbd144bbb4685d9506422880505f801026ed236b628d8d4f3d92272cb4a
4e98d3738caaaec5edbc05e8a6eea36d3c8fc11919dfae035a1356495defd55f
500947e3a8cc9d5229b0738282bd1106965e05e9998245d7765f2173d77c6350
5206cae25b6bb93dab90f3cf445b8b46b99330480b15ebe7d7a80a94bf8ca787
52f41b713f4fe41f4f44ab08f40a9118cdbdca4d0a89852016e085998bc466cb
52f4f0c859599e872a165cc125008762fd4e6bc03fb26adfafa6919debaf5b3e
5306c3ac7268cbc4422431d0d1ec1775d43d80a2d1cff38015962fc25e090734
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
540039b18a51e4ea1dc906b958f5af212d13fa30cd4fd2b8c76f9f5d61b7b69a
5441a44bdac1bf1ffb404ab79d680f3cf01452821d2346a67df04b6fde132c85
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
56a4dfebd02002f5af26557905c56e7b0a2e7b24937cb5b4cc8c30012ed26537
588794e29465c271a0ad76362f89ce1a8c3706e71fa8f906257377dc3bc27270
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b68208c4636faea00d93ea7ae55d5a127f4c16b9ad58ee90309bde4db0c89c9
5c0c22eafb3581f8331e13159b32b1c12dd586827afb435e2fe23d15e03c13c9
5ead814b213a977667a2d801ed60313d28ad913178384faf945b4b9859a6cccc
6555c9df5b1656f9dc3dc70ff21a8becc0d2cb34d5b051541726ee62dcf871c3
66b76a09eaeeeae1266ba2f0d9a851fce89d3fa70459d3c0e76523a3019b2658
689d6a2049d211c9d87edf8398c44685443eab718c3fb6e6c18898ba4f8103e6
6a205a8e69f520c236023de4b5fd035a389249d81935acf5888114c9398fbca5
6a5c69531fab94945fc1e024d59f92012bfbe76d7ce1039416038459229517c3
6b9ec7b3b09323805016086ad9b9518d86f95bc2cf5076956367c2050078262b
6df208545c891a217683b04e0569b7020f7d080d34fde13c601d54b0deb87672
7050e9acf5db39db2e319314bb3faa8bf01390ad10711c26322d6ca14cb00cc1
70b01118babfb2538a2b49b39ac5811718dea6d07c021d6eb11c27fbb58910ce
718d830919f470b8cf7ec3ee7da781a8a750cd988e64f72690fc67d0076e5fdd
7571376bf98e89037bb1158983f35eeab3f4f449cb970a6809d7100230004afe
7654274cd06f347d0d6bf4dff07eb8216759e1e2d4d8af6f9ff8b08fd88bc333
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ab93d457dac9b83f821f860b709a937cc8bdb0e236b84375dffc42b58fefc33
7becfb9e0a5ccbdcd505ea0205f20d569291586611dbdafb1d8ec4a302009a73
7dcaeeb68e985951a2c4333393623a6f8aa09a2342175baeb5961649d15e826b
7eec795a7a126d55ce5686384417ee9878662741f926aa16a131335feac8c0f5
7ffa2062443a660004883826c3e2f79fa3a949996ebbdb3619b3683506249429
80bddb0bfba93bcb88131a0c18649b1152eadb4a24761b96c9e9143eaf876649
80eb9b628ad554a45cdbcadda2462afbe5bc76c4615de58d2d5150fbd83c0627
80f5f45af20480963e8905994ca649b22ce2c9367d00599820d5d963cfd23d7f
8155902af9a889918c8ac7d7f3cf145463b47beeee92ad60766099700b7f9566
8392c164a15fac019d3b838a75990d9902e70850732de7bdb964f87bac635039
85e59040e34e7aa6a14fb04f5da00044d5444210ef4723f567dc9d72036c4cf1
85ea9da0a74f01fd6b4d7949be984a901049af62bf5d84208310f506dd3fab79
874a9e785f423ddbb4705b3b6e7b4bf61ec70b66f84c045a64103ea8eb688006
87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e
87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2
88b2bee2a31cadca5cdf0d64a403ace4064209a9ae3a1289e22eddac9d485b0f
89a7ce51a53cc9b3e867ed81384ab87efc3f506e3796f7453d8426a2338df862
8d1e46fd7b01df3683bb063d0825e109a359e3bdd57fd5b804f3ae6fd978544e
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
908efc7e1dbea8cfb7cba831698fffb3146b5d9aecb6597991ea1de938547cf0
914ac23ff1471d9baed5887c094304ae1940c7cc65233c4f6b842bf4093ad83c
91d595b324f60e3ab4a03540f3459b043568bc15329809694d2cc7d0aaaa270a
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
92ce55c1106ce4a03d89bdb64673211c03047f5066939f843ce23629dfcf5c49
9471209acb1fa53c10480ba192b56b2729a3ba5cfe0c78934c7cc3bc404b09e9
9487cc44b6b12f122d1b85752ed59a1a77cb9863d9a4f6132819f56a74623eb6
9608a8479c39236d912f0d6c94dc02a41f493d5ece2df9b47dcb4cfdf9eca1f2
96efaf91fd8dbc410e7b07d8f0b73da5b9258db7d3cbe5b2e79eff22c7c5dd5c
9848a862690624c479018d527e3dc2ce851aed35b76ce7780ebab860aa229887
98a0bfe704eb841d5f559187c5ab18091d9501eefa62b5bd3a3effb86c97bde3
98a40cf80aa5bfade5c0dc85598b1764f38307c556763460075beaf7933991af
9984478a14a7922d107383cf71af4f791ae3381700fc64890b6c654c7c36ee70
99d220c673659a5056c179de166d6f3ec9348f12cb22a977bb3410e8184f3dab
9b43d97dfc62108ca01bffeb8601e812ef9fa6c2355ff53af29d66903ed8bd95
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a0bb8cec018f9f3fb84eea9cf2559b224ed8b9dfba4e61e290af509500174962
a0cc3360f9c8d2084b936b7f8c6bb5612224363ec8a29f5b8519581eef66992c
a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f
a3508401efd4064845247dee5743249ceeeebfff8d5a432421e125a098d6a6ef
a3b2f55418af0617a9f14763bd6dfbed7c91e0025f88cce5d8116bdc7d2331bc
a3f06ab6cec04a6290ab7282fa2b74f48cd73ff12e19c7dd5ee31b06be696f0f
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a68d5cdbe7e2978bfad30044a9521c7bed561cd62a300ac1fdc6d37c5d02efa5
a6f1fa128cb57c47533f60f453d1857045b9396c08d582c8f69e269c98960abe
a79073153d828f01952f6ec8b1174cd3609a1ba485ef562b9c8678c0632bcb56
a79d839fe23ee07176a02010decc3ea2933dddab3f557178073b261ff73cad75
a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b
a9c1185153225c0ffec5c9d8ae4ac9a29301fba1a076f687dc6d0a4180fe98d8
aaec09685752653623387dcdfce01b83d3a13ee117a65c93a6a361f779f92af0
aca1710e3cb0a30c4fda4b9d7e9cf113ee1d9ff00924c2fbfa0dd4c8560a33dc
ae494b7e7408640a9a96d20b5d3f7910b7459b075663e846884717e3697a2fc2
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b178402ad931d0bcafc6d3b7e372ad0d50f93638d01811f5ea0ac872e9fe038d
b42e5c574240c0ad0e7586afcf6082367079ee8a684ac011c243cdf8e499f2c6
b7117a080528d880ed147b32f3020b55bea7bd3672b225494bc5387b0a16fee9
b7ecbe61323632d6c588f67cae30cc1ea52b8d4ad2e07072dea97bf0511d96d2
b9eb56ce091a3f4cf51cb3fe426b8e39c053f93a3a2fcc31ce45e02866a05d7a
bcf8e8f0440e63eee4fe82016ae5e57d444348c91787607e66fb74e530c8f6d5
bd3a2ff5820c53c4fba21ec7beb8c3b752875693f720ba4a2e70a35b9d75dbdd
bf057330d70c2ce7a54fbe7e34e4e4ca41360b1819e013a5d632ada8b5ecaf7b
bf8228700ceab203fba24c97e18efa5fdb37cbdbb0d258164f47e760ab36b6bd
c00c776b159331c76424762d7617528fabd93877a583e5f647c23ce9270b392e
c0a8f2cd747b6b9cd15d4007388817291906a6b8b1c70b2bc39a64e603809b77
c6a12e9414c4cc585afff0217ef83507945ee97e3f0fa82c721b677220e7cecd
c6db6f9ad903738eb506d549986c6a0298335ce1501ee3eb7989f078b64d60f9
c6e335f0e012771da5fe879d585390cbed55c4086c4c812675aa574acf4093c2
c72c10aa2e734d61df9ea2c6964b2079b682aaa336535edd433be3c31f697fb2
c77537c7649df07eccbc2603ca522210b3224150a6c394f32d6524cc2c8f0ee2
c7da790b85b438239398e46c9872bf2771a48a8d30885286425e13dec3946133
c8c0144f6e39306664e3aea1dd0b3d408509a3a5f325e8da39d2562939e0b355
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
ca5a691ea0a5a7485c48827ef56c36cb4414693c72ef5f6a0067e5c9d3e00261
cc8ec4e2d996580dd6d9f2dfab041cea113564c8da23d58096b91ee824dc2bb6
cd8d09414809c893b7ccad8bce787e1db4e0723af8d698acd863d3fb21da27e9
ceb2c756a101dce483659e2e6113db2ea54dcc03f23b0cd65a2b42771b88c2c1
d0fd7bffaca003cb967455fa9c2d5e843229d8487b6469a3795b151dcd7980bc
d42b89df784e016a1e0dd30dc66cbe04779f3653c0c368d63b9d319cf3c3a96e
d48e730d486442e62bffc6a3f974a1dc471aed6aabb79a34319fa4ef749d12e3
d98c02bd9e50038d4e94da8a19dd34c9f6443cc310303019eec3a5c8653c8761
d99c2255adeee99ea5a9adf362395a14d93e338e986e689c397bed40fc60af2e
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
dbbce402cc579aba25a590e02ae57514748ef3d507e42a2c06477f3a17709a4b
dd660ad7d1e9aad58ed4fdf5cf4ea5f200d9504228b01b23051b6dd46d0b79dc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5547ed44548a7f30bdc2326fee65cfb3f7a46b70baeb83c26e67ad9f7a484cc
e7d87832231c0254188f01e9288d261c56e6050e723ed8aebe1d9b4f58cb26a8
ea3047073a0abda4820245d94680ef195b03d1ac3a10a9b01e4f5d86c69168eb
ea8a69c92e2670bff1a195017265468009ea7e9e94d13da25ae455aeab8801b5
ec2d6f1ef9c45c5c3aa64cc9a62cac76488a875c31e58e465fb669709f8587ee
ed455c446a7d5dce7d54021f47950e3572c696b6c5e822d8ee8facf0a5a3e91e
eea2cec609fee0a43e0580c4dcb74f898fd1da52b087cd473039c1307b841c90
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5695392329615991aef82ee880b52c17e6dd36d875c34000975d796a602815
f392191c7cd93ef056e67a3b9255ec5a854f41b4caa87ec1b9161e6d1aa3fadb
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f710e1a521921f92161463df00a271d851fe3f0545bec95306e3211ad44bcbab
f730408fd2b140fcca6a4ee5d6cbdb05c476cbab279abf64a74478a3598e524e
fa5612ca93150aaa46685d4fa3bb36ce8a242210cdceb7707475621f355e7d7c
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167
ffdc0aba3fb445782fd37aa1367cd4de104b9f735c4ecdc6d624c8064cc49b21

shop.hak5.org Open in urlscan Pro 23.227.38.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

236 Requests

94 %HTTPS

0 %IPv6

47 Domains

62 Subdomains

57 IPs

6 Countries

4689 kBTransfer

11117 kBSize

49 Cookies

30 Outgoing links

Redirected requests

236 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shop.hak5.org Open in urlscan Pro
23.227.38.74 Public Scan

Screenshot
Live screenshot

Full Image

236
Requests

94 %
HTTPS

0 %
IPv6

47
Domains

62
Subdomains

57
IPs

6
Countries

4689 kB
Transfer

11117 kB
Size

49
Cookies

236 HTTP transactions
0 data transactions