www.wr3nch0x1.com Open in urlscan Pro
2606:4700::6812:191 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Submission: On June 24 via manual (June 24th 2022, 5:38:15 pm UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 63 HTTP transactions. The main IP is 2606:4700::6812:191, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wr3nch0x1.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 27th 2021. Valid for: a year.

This is the only time www.wr3nch0x1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6812:191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	2606:4700::68... 2606:4700::6812:86f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.27.91 13.32.27.91	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
7	2606:4700::68... 2606:4700::6812:91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::ac43:a27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:1b0::353e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.124.249.5 192.124.249.5	30148 (SUCURI-SEC) (SUCURI-SEC)
63	14

1 2606:4700::6812:191 (United States)

ASN13335 (CLOUDFLARENET, US)

www.wr3nch0x1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:4700::6812:86f (United States)

ASN13335 (CLOUDFLARENET, US)

app.gitbook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gitbook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-91.fra56.r.cloudfront.net

cdn.iframe.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:91 (United States)

ASN13335 (CLOUDFLARENET, US)

4250176955-files.gitbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1000929.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

attack.mitre.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:a27 (United States)

ASN13335 (CLOUDFLARENET, US)

owasp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:1b0::353e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

docs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.5 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10005.sucuri.net

www.offensive-security.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	gitbook.com app.gitbook.com — Cisco Umbrella Rank: 86872 www.gitbook.com — Cisco Umbrella Rank: 125421	2 MB
7	gitbook.io 4250176955-files.gitbook.io	402 KB
5	googleapis.com firestore.googleapis.com — Cisco Umbrella Rank: 2464	9 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
1	offensive-security.com www.offensive-security.com — Cisco Umbrella Rank: 720608	1 KB
1	microsoft.com docs.microsoft.com — Cisco Umbrella Rank: 9039	17 KB
1	owasp.org owasp.org — Cisco Umbrella Rank: 162417	6 KB
1	mitre.org attack.mitre.org — Cisco Umbrella Rank: 284972	7 KB
1	sentry.io o1000929.ingest.sentry.io — Cisco Umbrella Rank: 106241	279 B
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 3089	450 B
1	iframe.ly cdn.iframe.ly — Cisco Umbrella Rank: 25661	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	39 KB
1	wr3nch0x1.com www.wr3nch0x1.com	49 KB
63	13

	Domain	Requested by
37	app.gitbook.com	www.wr3nch0x1.com app.gitbook.com
7	4250176955-files.gitbook.io	www.wr3nch0x1.com
5	firestore.googleapis.com	app.gitbook.com
3	www.google-analytics.com	www.googletagmanager.com app.gitbook.com www.wr3nch0x1.com
2	www.gitbook.com	www.wr3nch0x1.com
1	www.offensive-security.com	www.wr3nch0x1.com
1	docs.microsoft.com	www.wr3nch0x1.com
1	owasp.org	www.wr3nch0x1.com
1	attack.mitre.org	www.wr3nch0x1.com
1	o1000929.ingest.sentry.io	app.gitbook.com
1	cdn.polyfill.io	www.wr3nch0x1.com
1	cdn.iframe.ly	www.wr3nch0x1.com
1	www.googletagmanager.com	www.wr3nch0x1.com
1	www.wr3nch0x1.com
63	14

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.linkedin.com
github.com
whoami.wr3nch0x1.com
www.gitbook.com
attack.mitre.org
msdn.microsoft.com
www.owasp.org
blogs.technet.com
www.mandiant.com
docs.microsoft.com
policies.gitbook.com

Subject Issuer	Validity	Valid
www.wr3nch0x1.com Cloudflare Inc ECC CA-3	`2021-10-27` - `2022-10-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-16` - `2023-05-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.iframe.ly Amazon	`2021-12-02` - `2022-12-30`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
*.ingest.sentry.io R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
edgecert.googleapis.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
attack.mitre.org R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
docs.microsoft.com Microsoft RSA TLS CA 02	`2022-05-09` - `2023-05-09`	a year	crt.sh
offensive-security.com Starfield Secure Certificate Authority - G2	`2021-07-30` - `2022-07-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Frame ID: 0A0CE1DF06989CCD39C7FA72791E98FF
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

T1038: DLL Hijacking / Injection - wr3nch0x1

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

63
Requests

100 %
HTTPS

77 %
IPv6

13
Domains

14
Subdomains

14
IPs

2
Countries

2979 kB
Transfer

6695 kB
Size

6
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/Wr3nch0x1
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/wr3nch0x1/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://github.com/wr3nch0x1
Title: Github

Search URL Search Domain Scan URL

URL: https://whoami.wr3nch0x1.com/
Title: Portfolio

Search URL Search Domain Scan URL

URL: https://www.gitbook.com/?utm_source=content&utm_medium=trademark&utm_campaign=-LYSZ_xSYlb2TRwgtdCu
Title: Powered By GitBook

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1038/
Title: ATT&CK

Search URL Search Domain Scan URL

URL: http://msdn.microsoft.com/en-US/library/ms682586
Title: [1]

Search URL Search Domain Scan URL

URL: https://www.owasp.org/index.php/Binary_planting
Title: [2]

Search URL Search Domain Scan URL

URL: http://blogs.technet.com/b/msrc/archive/2010/08/21/microsoft-security-advisory-2269637-released.aspx
Title: [3]

Search URL Search Domain Scan URL

URL: http://msdn.microsoft.com/en-US/library/ms682600
Title: [4]

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-US/library/aa375365
Title: [5]

Search URL Search Domain Scan URL

URL: https://www.mandiant.com/blog/dll-search-order-hijacking-revisited/
Title: [6]

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
Title: Download Link

Search URL Search Domain Scan URL

URL: https://github.com/rapid7/metasploit-framework/blob/master/msfvenom
Title: Download Link

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/mitigations/M1047
Title: Audit

Search URL Search Domain Scan URL

URL: https://github.com/mattifestation/PowerSploit
Title: [7]

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/mitigations/M1038
Title: Execution Prevention

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/mitigations/M1044
Title: Restrict Library Loading

Search URL Search Domain Scan URL

URL: http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx
Title: [8]

Search URL Search Domain Scan URL

URL: https://policies.gitbook.com/privacy/cookies
Title: cookie policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request t1038-dll-hijacking-injection Show response
www.wr3nch0x1.com/code-injection/ 224 KB
49 KB 1218ms
1127ms Document
text/html 2606:4700::6812:191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

2d9592332cec1601c89ba5a3dca8ff3928ad270a1842926ab28d9b24575ff165

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:; default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; img-src data: * blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; font-src app.gitbook.com js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com ; form-action api-iam.intercom.io intercom.help; media-src .intercomcdn.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400, s-maxage=86400, stale-while-revalidate=3600, stale-if-error=43200
cf-cache-status: MISS
cf-ray: 72073c457b7701fc-ZRH
content-encoding: gzip
content-security-policy: frame-ancestors https:; default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com *; form-action api-iam.intercom.io intercom.help; media-src *.intercomcdn.com;
content-type: text/html; charset=utf-8
date: Fri, 24 Jun 2022 17:38:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
function-execution-id: 0osmx78it6os
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cloud-trace-context: 0dda5f162bf1508daa6315fa0dbbae2a
x-content-type-options: nosniff
x-powered-by: GitBook

GET
H2 200 Roboto-Bold.woff2
app.gitbook.com/public/fonts/Roboto/ 62 KB
66 KB 358ms
318ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/Roboto/Roboto-Bold.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

a9181efb23e405a5ae51f5eb9ed17564496ab30195bfa13ecb923460d8a92300

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdt5S17A6HdDL61tsHQSQYm00jasjTD3uDuDUVc1Tdpjb5v0VjkgCpeweiuAxte4Ds89Jp8q2hclXXQI6b_r0q1H
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 63512
cf-ray: 72073c4cdf4f0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "9912eb289b9a8018ffe746b38a1f4138"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=B6lSQw==, md5=mRLrKJuagBj/50azih9BOA==
x-goog-generation: 1633848364340633
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 63512
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 16:42:02 GMT

GET
H2 200 Roboto-BoldItalic.woff2
app.gitbook.com/public/fonts/Roboto/ 67 KB
71 KB 339ms
299ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/Roboto/Roboto-BoldItalic.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

abe67ac80a18e468ba4e9fc2138ddf670e168fb92b38ed1e71da54eecd420d9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdul7iaUKijMyi4p2haTxAUjffXfj_Kn7K0RTv1vwhBQa1HIth6KGI15N4u38zneYar0EDxrU3RQPaVkZoAwdP9IHw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 68744
cf-ray: 72073c4cdf570211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1273f039c2c87185606d174ef2fb8bda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=sDfENg==, md5=EnPwOcLIcYVgbRdO8vuL2g==
x-goog-generation: 1633848364530844
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 68744
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 16:43:21 GMT

GET
H2 200 Roboto-Black.woff2
app.gitbook.com/public/fonts/Roboto/ 62 KB
66 KB 351ms
312ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/Roboto/Roboto-Black.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

cc85ca1807422f0603716b43ec3f6544ae0a2f395bee02ad3eeb000c2a2aaf86

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdukenCveE7E-KSHLDMS1raNeoRwsAPB5Z-p4VzFmqo2-iU-oNxvqnKx5INe-Kmma_mRccKiU87i6fkpO_kTY63cthvBz33x
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 63632
cf-ray: 72073c4cdf530211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "cf9856e6d82dec865920233cfb0e6434"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=78g/3g==, md5=z5hW5tgt7IZZICM8+w5kNA==
x-goog-generation: 1633848364343364
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 63632
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 17:04:14 GMT

GET
H2 200 Roboto-BlackItalic.woff2
app.gitbook.com/public/fonts/Roboto/ 69 KB
73 KB 352ms
313ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/Roboto/Roboto-BlackItalic.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

73971d2e544090ece7946c253f97ad012433034112729f30460561f1b3f3baa4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdvbHneUd1gfMp4laMFyyIowtMOFt3rDCxEYzwbyWapZFWs3Czp2vN82o0-crujmBbu1i_WWK8A8EtA4ZN0IVXLo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 70548
cf-ray: 72073c4cdf510211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0c0fe6e65641e22692eb54ccb1334e48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=KPvcng==, md5=DA/m5lZB4iaS61TMsTNOSA==
x-goog-generation: 1633848364395213
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 70548
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 17:31:56 GMT

GET
H2 200 Roboto-Medium.woff2
app.gitbook.com/public/fonts/Roboto/ 62 KB
66 KB 355ms
317ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/Roboto/Roboto-Medium.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

474219c4838734328bacdf2229ee7aa9b960e1e22b36aa0b2440dee68b7ded93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdvoQPLS2PluE6cgMxoWTRGncNY1PC7AnI6TiFYq55pVvs00ClRnd0YSwHN9qAXI-76eS0AZLaCvDmym9W9Gy198
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 63888
cf-ray: 72073c4cef7f0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1c1881cb681b2e87bdd7302d9cc04bea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=zcpdEQ==, md5=HBiBy2gbLoe91zAtnMBL6g==
x-goog-generation: 1633848363751495
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 63888
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 17:14:56 GMT

GET
H2 200 Roboto-MediumItalic.woff2
app.gitbook.com/public/fonts/Roboto/ 68 KB
72 KB 351ms
312ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/Roboto/Roboto-MediumItalic.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

1588e257d5d5d137bdf245d5d1e6e9e89a7393e411feab9fcb28eba9fa615779

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdur1bg2XgWN48maroIRwB9V5IaYNO2kvpTkckZs1pdakLYiscrCzA3-y4-8hIEjyGxXfeWRhmuCC-ZFuVstunPh
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 69624
cf-ray: 72073c4cef790211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8b4e1b9f7674c838783683866a8d62d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=cKMv6g==, md5=i04bn3Z0yDh4NoOGao1i1Q==
x-goog-generation: 1633848364394105
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 69624
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 17:07:45 GMT

GET
H2 200 Roboto-Regular.woff2
app.gitbook.com/public/fonts/Roboto/ 62 KB
65 KB 399ms
360ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/Roboto/Roboto-Regular.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

b37d775bb347246729d437f266c2dfcd705a9171580f6149ab673b10a3500367

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdtuekOHFn6YBtt4A4cJZvat0AFW1WCjo0mndTELvxk3BeDkLqagcHASBZagC8QwU6Llv7usYZx-EwyN3Ff6JQy2CA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 63024
cf-ray: 72073c4cef7b0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "679aa1b8c499041bf78378f4a5b04162"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=L2wjbg==, md5=Z5qhuMSZBBv3g3j0pbBBYg==
x-goog-generation: 1633848364360754
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 63024
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 17:18:47 GMT

GET
H2 200 Roboto-Italic.woff2
app.gitbook.com/public/fonts/Roboto/ 67 KB
71 KB 291ms
253ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/Roboto/Roboto-Italic.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

8789224140397e0644f8d3daf8aaa2733d8a357be81b239188de34b81b3cb11c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdseFw9fDluvEy5vN-r8nKwy2w0clt8Ep6JdUQHRh4QxHCpwCwGPYb5-ld3Q8UdzzP5Bs0ty1meTk_HRlfUVS_p2RQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 68608
cf-ray: 72073c4cef7d0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "390716e2322cc51a6d75368c6c6ab64b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=VFjRMg==, md5=OQcW4jIsxRptdTaMbGq2Sw==
x-goog-generation: 1633848363952371
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 68608
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 16:40:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 42ms
18ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=UA-163130692-1

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f13eed15e949fc5aec4991e75d0a108e4657c0b66d78c4497b20e6dc1e918869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39787
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 17:38:10 GMT

GET
H2 200 SourceCodePro-Bold.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 57 KB
61 KB 355ms
317ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Bold.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

391798381365eae6431d5301789e74ae40318b5a909f6732710c938f709dd15b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdvULrpf30NiG25tKVv8kuVSAfw42oLQ_j3tebEncj2Zadinipcv-AgQzOZ9LXI50c6Cdej3b9UzHcQQf7rpCiS3fg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 58824
cf-ray: 72073c4cef7c0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "12902856238918991bbae82214419e26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=dA5QBw==, md5=EpAoViOJGJkbuugiFEGeJg==
x-goog-generation: 1633848364495126
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 58824
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 17:26:24 GMT

GET
H2 200 SourceCodePro-BoldItalic.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 49 KB
53 KB 352ms
314ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-BoldItalic.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

2e9516397b60a1f72e680cd614eeae501cc05e8336b41677f6ddcf7ca91ce87b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycds0JDTFbNr6WUQ0QRE_wGvRUiv1SFTir408ZHfgOUFgr9eD-SJAOpj0gTVFo6bb85e93V_bhUY9oiA7-kZSij7BsVb9VSNv
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 50140
cf-ray: 72073c4cdf550211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b724e89b25def664af59a37f9535969d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=MbhT/w==, md5=tyTomyXe9mSvWaN/lTWWnQ==
x-goog-generation: 1633848364404691
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 50140
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 17:28:00 GMT

GET
H2 200 SourceCodePro-Black.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 56 KB
60 KB 368ms
330ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Black.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

99b06c0121019e577fbeb61926a76ab064ebf04641e17b3f3cdd31c5bfada827

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdsk2vTQAovF-7JU4JLBJHeS42q3vb2LlE5rRxFb4uVmndopCaRuhDGYGelM8mb7R_nRxsO3VQzmHWS2Fh9W8ymHJcacv62Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 57780
cf-ray: 72073c4cef740211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f71e658e6aefc8d67ec9143ba16738f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=4jkfgA==, md5=9x5ljmrvyNZ+yRQ7oWc49A==
x-goog-generation: 1633848364372673
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 57780
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 17:20:37 GMT

GET
H2 200 SourceCodePro-BlackItalic.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 48 KB
51 KB 364ms
326ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-BlackItalic.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

91edc14c712c0f1f64767c76dc267782a71d64eef6a3fa0b78e3550b67031f7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycduA4FKdiPvGEfoQMS6JKX7LB3X9iRfLqTbIat3_OXofsh93_Tz3Frtt2pCxmv4rSThjDH_tfcgS8XAlMu_ca_eMsze0wPbF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 48884
cf-ray: 72073c4cef5d0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c1594c3fd48f0a69854330d1e5aecfd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=KGJVVw==, md5=wVlMP9SPCmmFQzDR5a7P1g==
x-goog-generation: 1633848364884390
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 48884
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 17:24:10 GMT

GET
H2 200 SourceCodePro-Medium.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 57 KB
61 KB 373ms
335ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Medium.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

4527b523271b31ea23e2241eaa32be773ae97e2100a4cde9c4ea807f5bdf345e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdt0PqUThIxoILycJVfAoi7Baz7PRJbDdRM2bvZ1TzYumQFThVYWjpd1luYr6SWX7fPLNGxcTMjl5oLrTzBgzQYf1oElsOhH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 58744
cf-ray: 72073c4cef5a0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "fcd510e6482c7a55ba5b195381dcbf88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=P0k/Fw==, md5=/NUQ5kgselW6WxlTgdy/iA==
x-goog-generation: 1633848364398993
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 58744
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 17:00:18 GMT

GET
H2 200 SourceCodePro-MediumItalic.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 49 KB
52 KB 338ms
300ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-MediumItalic.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

142dda220b464de17ccaa3949b42543c6488ede54423361364bffb67ec054a2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdsD_VgojtRE4J41mn9-xWFzyvhhBitkfLuRLBL4v-Fa2ohLVjF3_dDtwPyHaBJDOQcLcel6_5qPE1mzi5Mhhca3bQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 49784
cf-ray: 72073c4cdf580211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a399a11f4e1eb5cc906b096a1436f8da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=RDS2oA==, md5=o5mhH04etcyQawlqFDb42g==
x-goog-generation: 1633848364578571
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 49784
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 16:50:09 GMT

GET
H2 200 SourceCodePro-Regular.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 58 KB
61 KB 352ms
315ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Regular.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

2fc43de0b7192ea8d141166fd138508b806a7742a19d60d376717d299249a721

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdsJaxUIX_UejJlkJIfFh-vWgCNG8VqmmT96m-XfyvJhG8GLN_GudcklKwKnPfmkusYxNaeY3SA4TugLzd_qnE49
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 59120
cf-ray: 72073c4cef770211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "7e7018fa71b6021605537b9f824e67fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=YqfMwg==, md5=fnAY+nG2AhYFU3ufgk5n/A==
x-goog-generation: 1633848364862643
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 59120
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 17:35:38 GMT

GET
H2 200 SourceCodePro-Italic.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 49 KB
52 KB 353ms
315ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Italic.woff2?v=3.19

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

8be2edcbae84d5edd53e879a9a8d6c58a8eea966820ac287c0275a9698495518

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdvl-nMlymKwleNKw-J_r6V7YC9l9lKqFVdK0g1bThqKENC-qCe50YqKSxyZe7Hp609foHnEHWGcxWpVX8oz5nohXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 50016
cf-ray: 72073c4cef760211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f29e4a78544ca47f78bb54ce303347c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=yEyPlQ==, md5=8p5KeFRMpH94u1TOMDNHyA==
x-goog-generation: 1633848364300385
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 50016
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 01 Jul 2022 16:49:17 GMT

GET
H2 200 public-HXXIVPUP.min.js Show response
app.gitbook.com/public/app/ 7 KB
6 KB 302ms
302ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

fd513e39886c49bf545dfbb175c2d60ec44fd1d04569d2952b9a2a0123709397

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdurxUNTjPyxrTsit_wdjmNETv-7_uhHAT8953M0YwTFP6IRFHvDct2Rg-kfjA_qgOqoMl8bIwHStOkTOE3H5dsrSA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4cff880211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Jun 2022 08:48:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f699662247a9b5b262d187fcf024d420"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=8kbe5Q==, md5=9plmIkeptbJi0Yf88CTUIA==
x-goog-generation: 1655887691957404
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 7657
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:09:56 GMT

GET
H2 200 embed.js Show response
cdn.iframe.ly/ 23 KB
8 KB 32ms
6ms Script
application/javascript 13.32.27.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/embed.js
Requested by: Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-91.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e30b1c91012dbe8653ed9a767fdf9d78cce4058a00fa66603fd498071c39b870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:02:54 GMT
content-encoding: br
last-modified: Mon, 23 May 2022 16:36:25 GMT
server: nginx
age: 2117
etag: W/"628bb809-5d06"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: OIZEya20wguyM9WILW1iQ1gimwwWsWPeIaC22ilaSPVvdbNE-JXvEA==
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 222 B
450 B 69ms
29ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.polyfill.io/v2/polyfill.js?features=Intl.~locale.en
Requested by: Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: br
last-modified: Thu, 23 Jun 2022 00:20:14 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/103.0.0
server-timing: cache-mxp6962, PASS, fastly;desc="Edge time";dur=14
accept-ranges: bytes
content-length: 126

GET
H2 200 https%3A%2F%2F4250176955-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fspaces%252F-LYSZ_xSYlb2TRwgtdCu%252Favatar-1583584556352.png%3Fgeneration%3D1583584556871429%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=40,height=40,fit=contain,dpr=1,format=auto/ 1 KB
1 KB 1229ms
1192ms Image
image/avif 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gitbook.com/cdn-cgi/image/width=40,height=40,fit=contain,dpr=1,format=auto/https%3A%2F%2F4250176955-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fspaces%252F-LYSZ_xSYlb2TRwgtdCu%252Favatar-1583584556352.png%3Fgeneration%3D1583584556871429%26alt%3Dmedia

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0d99ac5405f1a2d4e1e0e8acbbab8c00d7f951e534e86de63b6c71a3d763a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept, Accept-Encoding
content-length: 1298
last-modified: Fri, 11 Mar 2022 02:31:32 GMT
server: cloudflare
etag: "cfbG8vc4kCJ39DkVi7gnQEiA:4c2d3a3ecc6100b89d309f93ea40b08c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/avif
cache-control: public, max-age=31536000
cf-resized: internal=ok/m q=0 n=1066 c=71 v=2022.6.0 l=1298
accept-ranges: bytes
cf-ray: 72073c4d3fbf0204-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 https%3A%2F%2F4250176955-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fspaces%252F-LYSZ_xSYlb2TRwgtdCu%252Favatar-1583584556352.png%3Fgeneration%3D1583584556871429%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=24,height=24,fit=contain,dpr=1,format=auto/ 548 B
832 B 1214ms
1177ms Image
image/webp 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gitbook.com/cdn-cgi/image/width=24,height=24,fit=contain,dpr=1,format=auto/https%3A%2F%2F4250176955-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fspaces%252F-LYSZ_xSYlb2TRwgtdCu%252Favatar-1583584556352.png%3Fgeneration%3D1583584556871429%26alt%3Dmedia

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

288e63ffa962480d3ff4e2f209b70fddca1cb2ee7f53a58ca4232a5de07e3a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept, Accept-Encoding
content-length: 548
last-modified: Fri, 11 Mar 2022 02:31:32 GMT
server: cloudflare
etag: "cfyhfJGoTHBCUYaPlXYkepRw:4c2d3a3ecc6100b89d309f93ea40b08c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
warning: cf-images 299 "AVIF rate limited"
content-type: image/webp
cache-control: public, max-age=31536000
cf-resized: internal=ok/h q=0 n=1114 c=6 v=2022.6.0 l=548
accept-ranges: bytes
cf-ray: 72073c4d3fc10204-ZRH
cf-bgj: imgq:86,h2pri

GET
H2 200 assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zy8WLwlvHYz2NOUzH%2F-M1zzCrY9BztS3i0TbjL%2FDLL-Inejction(%40wr3nch0x1).png
4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/ 126 KB
127 KB 1200ms
1160ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zy8WLwlvHYz2NOUzH%2F-M1zzCrY9BztS3i0TbjL%2FDLL-Inejction(%40wr3nch0x1).png?alt=media&token=e4a7b756-e6e9-44eb-8b41-d74f03ec6b8f

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

7b5b074c25c1d039522ee6547e09a1767c2621b80f559a938d43804750eabdb6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 72073c4d3e2201db-ZRH
x-powered-by: GitBook
x-guploader-uploadid: ADPycdtF07iNG_427DjG3D_VyxpC6iaSbAIcaVFwYJmbS2JYArjuk6-l36uKIrbGnjeUg0TvTBFaDhwg-er_PgNcLUVsQA
x-goog-storage-class: STANDARD
x-goog-metageneration: 373
x-goog-stored-content-encoding: identity
content-disposition: attachment; filename="DLL-Inejction(%40wr3nch0x1).png"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 129488
x-goog-meta-height: 1080
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Mar 2022 16:52:46 GMT
server: cloudflare
etag: "958fe90ef1a410c90198b142a94def2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-meta-x-goog-reserved-source-generation: 1583768987249870
x-goog-hash: crc32c=uHL2OA==, md5=lY/pDvGkEMkBmLFCqU3vLg==
x-goog-generation: 1647017566462240
x-goog-meta-width: 1920
cache-control: public, max-age=31536000
x-goog-stored-content-length: 129488
x-goog-meta-firebasestoragedownloadtokens: e4a7b756-e6e9-44eb-8b41-d74f03ec6b8f
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: image/png
expires: Sat, 24 Jun 2023 17:38:10 GMT

GET
H2 200 assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zSFCsdcHPHA80PGJD%2F-M1zdIz9sz4YXDYuv9rN%2Fimage.png
4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/ 81 KB
81 KB 1420ms
1380ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zSFCsdcHPHA80PGJD%2F-M1zdIz9sz4YXDYuv9rN%2Fimage.png?alt=media&token=8560703f-6177-4279-87ec-c34ea473d7bc

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

96c788d4ea050c0546b7ee31748da4f4dd37c98bd559d61101f67db774523e88

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 72073c4d3e2501db-ZRH
x-powered-by: GitBook
x-guploader-uploadid: ADPycdsTu4zcZ_buZ-lbzYVN3a-0FLqy30WA7ql6FZynWaIhtXgjZulqa0IQ2JwBRG1GhLew3qLZQ1yuNlPMVj5QjMdZpg
x-goog-storage-class: STANDARD
x-goog-metageneration: 373
x-goog-stored-content-encoding: identity
content-disposition: attachment; filename="image.png"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 82454
x-goog-meta-height: 170
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Mar 2022 16:51:59 GMT
server: cloudflare
etag: "1039c13278f0792b976f4f4c4f3b19e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-meta-x-goog-reserved-source-generation: 1583763245435570
x-goog-hash: crc32c=C81g3w==, md5=EDnBMnjweSuXb09MTzsZ4A==
x-goog-generation: 1647017519138323
x-goog-meta-width: 762
cache-control: public, max-age=31536000
x-goog-stored-content-length: 82454
x-goog-meta-firebasestoragedownloadtokens: 8560703f-6177-4279-87ec-c34ea473d7bc
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: image/png
expires: Sat, 24 Jun 2023 17:38:11 GMT

GET
H2 200 assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zSFCsdcHPHA80PGJD%2F-M1ze6q_j2dqv16GKmCo%2Fimage.png
4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/ 84 KB
84 KB 1142ms
1102ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zSFCsdcHPHA80PGJD%2F-M1ze6q_j2dqv16GKmCo%2Fimage.png?alt=media&token=97b26f78-6d16-4cb8-9b05-3e01102f6270

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

4a505bd87e5188ba1e2cc5095cd40287bc7494c47e06c809e87ae3368e4519e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 72073c4d3e2b01db-ZRH
x-powered-by: GitBook
x-guploader-uploadid: ADPycdvISQJTMlR8IRZ9ClKtLzQvrKfXHkUb1RjmZ4-6NU8ICjaZbhv0Q31SsmeraMyPdksxHgqfXdTyWv50NDQwEW8n9w
x-goog-storage-class: STANDARD
x-goog-metageneration: 373
x-goog-stored-content-encoding: identity
content-disposition: attachment; filename="image.png"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 85956
x-goog-meta-height: 333
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Mar 2022 16:46:42 GMT
server: cloudflare
etag: "0ca593940c59f05ae6cd094a780000c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-meta-x-goog-reserved-source-generation: 1583763457888516
x-goog-hash: crc32c=EzFFHg==, md5=DKWTlAxZ8FrmzQlKeAAAxg==
x-goog-generation: 1647017202089545
x-goog-meta-width: 756
cache-control: public, max-age=31536000
x-goog-stored-content-length: 85956
x-goog-meta-firebasestoragedownloadtokens: 97b26f78-6d16-4cb8-9b05-3e01102f6270
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: image/png
expires: Sat, 24 Jun 2023 17:38:10 GMT

GET
H2 200 assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zSFCsdcHPHA80PGJD%2F-M1zjCs909kLlxbeTcmx%2Fimage.png
4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/ 12 KB
12 KB 1202ms
1162ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zSFCsdcHPHA80PGJD%2F-M1zjCs909kLlxbeTcmx%2Fimage.png?alt=media&token=74e24597-b285-4af8-b19e-9b6e25657fe1

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

12a794daad1cec4f1d56ac5be150571ce00a621ab4ad1ff45fa8742352752e45

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 72073c4d3e2901db-ZRH
x-powered-by: GitBook
x-guploader-uploadid: ADPycdtsXihYCsByWIa0Rm6k7kTNf-HYuvJOyKZh-w-wkgKHsIKMRPDI8rr1BH_DKt0CnopH2RTZfW39HsmeSYlxb91bVA
x-goog-storage-class: STANDARD
x-goog-metageneration: 373
x-goog-stored-content-encoding: identity
content-disposition: attachment; filename="image.png"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 11904
x-goog-meta-height: 169
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Mar 2022 16:47:56 GMT
server: cloudflare
etag: "b6b64063a64d63703985bc92afe74bb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-meta-x-goog-reserved-source-generation: 1583764791586145
x-goog-hash: crc32c=YRB6ug==, md5=trZAY6ZNY3A5hbySr+dLtA==
x-goog-generation: 1647017276373255
x-goog-meta-width: 491
cache-control: public, max-age=31536000
x-goog-stored-content-length: 11904
x-goog-meta-firebasestoragedownloadtokens: 74e24597-b285-4af8-b19e-9b6e25657fe1
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: image/png
expires: Sat, 24 Jun 2023 17:38:10 GMT

GET
H2 200 assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zSFCsdcHPHA80PGJD%2F-M1zk5neal3yDyxd9oSV%2Fimage.png
4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/ 49 KB
49 KB 1464ms
1424ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zSFCsdcHPHA80PGJD%2F-M1zk5neal3yDyxd9oSV%2Fimage.png?alt=media&token=c3b707ac-9676-4e44-a9bc-0a7ecb158c06

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

3e383bd6d36a8a4c53d4df0c2d2e25c0373e571524a351f32aa28f47abde794f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 72073c4d3e2701db-ZRH
x-powered-by: GitBook
x-guploader-uploadid: ADPycdvYv-Ipfe8O339mfnGZnYUPoA_zan0ylzaOdm6Ql9ox2zE5rDQoyR9tNVfbElf2ia9SE0AWT4lnJyxF6DrBiI8ffw
x-goog-storage-class: STANDARD
x-goog-metageneration: 373
x-goog-stored-content-encoding: identity
content-disposition: attachment; filename="image.png"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 50284
x-goog-meta-height: 245
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Mar 2022 16:56:49 GMT
server: cloudflare
etag: "73ada659bdf9e431fbd762b12f32e1e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-meta-x-goog-reserved-source-generation: 1583765024851289
x-goog-hash: crc32c=nUntsQ==, md5=c62mWb355DH712KxLzLh5g==
x-goog-generation: 1647017809210423
x-goog-meta-width: 606
cache-control: public, max-age=31536000
x-goog-stored-content-length: 50284
x-goog-meta-firebasestoragedownloadtokens: c3b707ac-9676-4e44-a9bc-0a7ecb158c06
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: image/png
expires: Sat, 24 Jun 2023 17:38:11 GMT

GET
H2 200 assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zSFCsdcHPHA80PGJD%2F-M1zr8OYAUANd7rHdjSn%2Fimage.png
4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/ 13 KB
14 KB 1468ms
1429ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zSFCsdcHPHA80PGJD%2F-M1zr8OYAUANd7rHdjSn%2Fimage.png?alt=media&token=5d2f4d64-1d9f-4e10-a67b-80fb3166f6ee

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

a142a86af7587c36981e01defd855593cf401f89ea81022b9052e2c9dd95eda1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 72073c4d3e2a01db-ZRH
x-powered-by: GitBook
x-guploader-uploadid: ADPycdsRnnLIoVACkgcDQnIKt0XdNJVojZ6FgD-cC7O3O0IUA_yU-5obxH1yQTjZTFx1zNO_BCkAQdw-AcPiSVzh8l7eiw
x-goog-storage-class: STANDARD
x-goog-metageneration: 373
x-goog-stored-content-encoding: identity
content-disposition: attachment; filename="image.png"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 13690
x-goog-meta-height: 112
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Mar 2022 16:42:31 GMT
server: cloudflare
etag: "300fac374061421dced1f333f849d8fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-meta-x-goog-reserved-source-generation: 1583766870446655
x-goog-hash: crc32c=ntbVfA==, md5=MA+sN0BhQh3O0fMz+EnY/g==
x-goog-generation: 1647016951674145
x-goog-meta-width: 921
cache-control: public, max-age=31536000
x-goog-stored-content-length: 13690
x-goog-meta-firebasestoragedownloadtokens: 5d2f4d64-1d9f-4e10-a67b-80fb3166f6ee
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: image/png
expires: Sat, 24 Jun 2023 17:38:11 GMT

GET
H2 200 assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zSFCsdcHPHA80PGJD%2F-M1zrYdetr7NNDwWKNzu%2Fimage.png
4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/ 32 KB
33 KB 1073ms
1073ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4250176955-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LYSZ_xSYlb2TRwgtdCu%2F-M1zSFCsdcHPHA80PGJD%2F-M1zrYdetr7NNDwWKNzu%2Fimage.png?alt=media&token=7972590c-23df-4630-90ee-d529251d9386

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

5d052530c0238ae4aefeb70bf0ad7deea5141fac18d03f73ed191ec8bb2edecb

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 72073c4d6e6e01db-ZRH
x-powered-by: GitBook
x-guploader-uploadid: ADPycdsRpc3Iy_pkZ97BvieH1iWOJlcxwUv992XsWe2CcxxoMgD33NjTd6mN_J4dIjiuNpzes_6iEC_aXhRgnF4JrbkIeA
x-goog-storage-class: STANDARD
x-goog-metageneration: 373
x-goog-stored-content-encoding: identity
content-disposition: attachment; filename="image.png"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 32919
x-goog-meta-height: 156
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Mar 2022 16:51:28 GMT
server: cloudflare
etag: "70cd6327141e164fc3f20e962d8a875b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-meta-x-goog-reserved-source-generation: 1583766977938250
x-goog-hash: crc32c=eBm45w==, md5=cM1jJxQeFk/D8g6WLYqHWw==
x-goog-generation: 1647017488186941
x-goog-meta-width: 884
cache-control: public, max-age=31536000
x-goog-stored-content-length: 32919
x-goog-meta-firebasestoragedownloadtokens: 7972590c-23df-4630-90ee-d529251d9386
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
accept-ranges: bytes
content-type: image/png
expires: Sat, 24 Jun 2023 17:38:10 GMT

GET
H2 200 chunk-ZPHPJUSI.min.js Show response
app.gitbook.com/public/app/chunks/ 180 KB
54 KB 136ms
131ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-ZPHPJUSI.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

e18ef245415a492b8598e2bfc78730ac92fff7d40a2d43ab097eb92cbf78b29a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycduJMVN_RuC02IU8qhVNZwEdgJlqQ-u7vtw4l2y6NGZ5AID8gPx4HOXRwj6-tbYBqeBShdw1sH0l8fwVLiheIl8HeVV3zg4h
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea760211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Jun 2022 08:48:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"57644e1c66446999b54b4db8475111c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=R4WHvw==, md5=V2ROHGZEaZm1S024R1ERxg==
x-goog-generation: 1655887691828507
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 184773
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:08:50 GMT

GET
H2 200 chunk-K26VGZJD.min.js Show response
app.gitbook.com/public/app/chunks/ 456 B
4 KB 91ms
80ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-K26VGZJD.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

f862f11b9df5603a87c7935660aab36499f1f7dcc52099a6b722a644f8114841

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdsIGZHEaIvkcJaW4TA0g8pNJqM6luhbNsGTL17E7zZXoHcNZ0dS8Zt0Sd6TyUPEjWXz2QEQjMf7PRFe-sQBJa25YVto3i3y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea7e0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Jun 2022 08:48:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ef7d899d94a4e043b4e37286a214a021"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=AkdE/A==, md5=732JnZSk4EO043KGohSgIQ==
x-goog-generation: 1655887691690088
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 456
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:09:34 GMT

GET
H2 200 chunk-MGXHCZSG.min.js Show response
app.gitbook.com/public/app/chunks/ 358 B
4 KB 142ms
131ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-MGXHCZSG.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

cf3a427212e99976f24973f5d6f27470523c432095f5d138f6f1482a3be5972e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdt25fftbUwQ_LvxY2eXtCS1-3jAdGA1-CP24QJDIOu97BgbtMrvgsnYRO1l4q7dcZDG70bfalzunJkq8V5x8iIRW8a-d7Js
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea800211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 May 2022 14:55:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"774c0f849d829e90102f4ab970dc268d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=OAh4mA==, md5=d0wPhJ2CnpAQL0q5cNwmjQ==
x-goog-generation: 1652453738804459
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 358
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 16:43:52 GMT

GET
H2 200 chunk-65NF36VK.min.js Show response
app.gitbook.com/public/app/chunks/ 1 KB
4 KB 88ms
78ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-65NF36VK.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

886d2ff49d24e24776074fe0a2e84450c6ffe42262cba890f073e4e90d982c87

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdsJM_AkAVoaL7aNVCJzc7D3C0NL4y0XU50EcOsV5JiasDr3DUNHeznr8jPxN2bfcXBcAOiXuU9W5gz3ErXt6MHNCBt6s6Xc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea810211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Jun 2022 08:48:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c5f7cfbd40fdfc3b0ac040ce32309b61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=CkUtfw==, md5=xffPvUD9/DsKwEDOMjCbYQ==
x-goog-generation: 1655887691699870
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 1085
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:10:08 GMT

GET
H2 200 chunk-B6GXSXN7.min.js Show response
app.gitbook.com/public/app/chunks/ 3 MB
869 KB 100ms
90ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-B6GXSXN7.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

e614ffcc7e88a0d1d6bece8c5c5cbb527d5c9e48f33c6ab4f7e32d73af0bd61f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdskQNx79XkMi6ALmvZgWC9ML4hj-CkgHOOv_RZYXmVzHxeSPrhNKbCLIUN8B4pi4NOQ2Knrj9lpEDq1HBoy0Ztf
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea830211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Jun 2022 08:48:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"fe101088d33570c1bc8627769844f039"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=HAW20g==, md5=/hAQiNM1cMG8hid2mETwOQ==
x-goog-generation: 1655887692081680
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 3291221
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:04:15 GMT

GET
H2 200 chunk-WBWW7CHP.min.js Show response
app.gitbook.com/public/app/chunks/ 31 KB
13 KB 147ms
137ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-WBWW7CHP.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

04beb72743c48f951047c3f14310974cc79293d7de2861b44052497d08ae7fc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdsypE-JF82634ybQOxEX0h9nM757sQtobLjJH43c7e0HmLAcX9yIywHBzWCpFUVnT-zV91GS9q-SVNWynrdTegg9Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea840211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Jun 2022 14:14:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b358343f1f25220e6bd3ea2f521e12c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=4BkixA==, md5=s1g0Px8lIg5r0+ovUh4SwA==
x-goog-generation: 1654870486742031
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 32075
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:02:22 GMT

GET
H2 200 chunk-3BO3GLLV.min.js Show response
app.gitbook.com/public/app/chunks/ 23 KB
12 KB 96ms
86ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-3BO3GLLV.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

ec783284db8c7302b4a29ef3594adf81bba2d35cf82d6149f733bd5a9d8e6da1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdsgCxuS3bjOnxFN0KgovE12jSr6cJt5SCJk1hPxWzlosQSQY1l7VJ-u8KlDcW2OvW_pgbRw9u7QevblYUvNrz_8TA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea850211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 May 2022 14:55:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"faa90351eee3aa3e49fe3b0e0fe321ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=ukMKtg==, md5=+qkDUe7jqj5J/jsOD+Mh/w==
x-goog-generation: 1652453738662693
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 23295
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 16:41:34 GMT

GET
H2 200 chunk-ERHUJP3G.min.js Show response
app.gitbook.com/public/app/chunks/ 4 KB
5 KB 139ms
130ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-ERHUJP3G.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

fa77b465b0f87b7c5135a79fc441a158a3903247b5982fff3cbeb56091349e6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdux9E4pTfBtzvAHlr5E5k-10lR7V8cVLs-iMmIo_iVEpVMoW8XmTbSzd0Mo0Q4NJAyXJ890rlfm7vVzCE4RcB7wEA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea870211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 May 2022 14:55:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ed4626fbab11e694f34fc923c191e3e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=+K2CAA==, md5=7UYm+6sR5pTzT8kjwZHj4A==
x-goog-generation: 1652453738822605
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 3786
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 16:56:39 GMT

GET
H2 200 chunk-WBHJ4GHW.min.js Show response
app.gitbook.com/public/app/chunks/ 300 KB
115 KB 86ms
77ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-WBHJ4GHW.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

14824a3eeadb2d953b1b31181478c8679cd95dc7fa51c4c1cf6f9af994834d98

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycduSkB4tOJrLHFZx98rjI8an1tej1ltLbe2LZrvi7aL0VjuEKGrPzfxvE5AwCzcRPLeTTIB-avEYw05Y0SkWYxrnWg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea880211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Jun 2022 14:14:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1029587432892c02ac3c7247ade32f90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=qCKPyA==, md5=EClYdDKJLAKsPHJHreMvkA==
x-goog-generation: 1654870486762342
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 306892
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:26:03 GMT

GET
H2 200 chunk-VUDGGAIR.min.js Show response
app.gitbook.com/public/app/chunks/ 48 KB
18 KB 93ms
84ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-VUDGGAIR.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

c7ab45318f970a0f9a86175b4747a3ed97ab505af471d6e9988b3fde688afb4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycducdToozFAnM1q-pYY4JW5ZnX2uVrQVNXdMNjJSORALEjRWdQhzVkaxc7QpblVHX_HZcEZA2lfAoce9k-N4aMgDojAw58y6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea890211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Jun 2022 14:14:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8c2d93b84ae37ef2cf03310699b301ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=bxRyUA==, md5=jC2TuErjfvLPAzEGmbMByg==
x-goog-generation: 1654870486737313
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 48798
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 16:56:43 GMT

GET
H2 200 chunk-QVOZ5XJD.min.js Show response
app.gitbook.com/public/app/chunks/ 89 KB
31 KB 104ms
96ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-QVOZ5XJD.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

7f48c1d188c855cf737242beac652edbbc723d0a44949d05cd8876a74a9304c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdupEDYCEjJS4Yxlibt2SWZybtbTZ7u0guQlX5LifFe-CPvFZ3NgS7n70u3fQwY3g30FahmRCCpkjmkMElgGImwW2Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea8a0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Jun 2022 14:14:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3a4271e469547f2ef7303ac7d6d5184a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=fRm5dQ==, md5=OkJx5GlUfy73MDrH1tUYSg==
x-goog-generation: 1654870486800972
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 90890
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 16:44:58 GMT

GET
H2 200 chunk-ZLRO5LJY.min.js Show response
app.gitbook.com/public/app/chunks/ 162 KB
37 KB 87ms
79ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-ZLRO5LJY.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

c63de90cc4102009161332d7ddee8d972693c776e040e237e4f369f8f87679a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycduZxoBdtTRu0Rb9OQ4RdSal4sta41xdcMzAbUSbv3mL1W_EmKJ6MeMF1z_meujZwtOF1vAxqN4rM2gt3Cy5DTUfvQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea8b0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Jun 2022 14:14:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"a818ee04e539be27b0e407cb5ba8020f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=hoxelQ==, md5=qBjuBOU5view5AfLW6gCDw==
x-goog-generation: 1654870486847656
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 165749
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:14:33 GMT

GET
H2 200 chunk-LCIG2TMV.min.js Show response
app.gitbook.com/public/app/chunks/ 437 KB
135 KB 88ms
80ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-LCIG2TMV.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

c0e7565b8afa0f706b391aa6f09e8991042c8dc0bba2743981ad77950212948a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdt9XN_NabY0q_y-2j4EcGLhhyQ1po_TJVa1yxPGgR6dEH4kKFc_85khl4enK8yJ8mRcFc5PXACoWWP7ZqX5-_hyjA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea8c0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Jun 2022 14:14:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b3434c293d13d88e75802d1b337807bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=IbNbIA==, md5=s0NMKT0T2I51gC0bM3gHvw==
x-goog-generation: 1654870486808040
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 447072
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:10:08 GMT

GET
H2 200 chunk-ICYT6H5B.min.js Show response
app.gitbook.com/public/app/chunks/ 1 KB
4 KB 132ms
124ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-ICYT6H5B.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

3b571458e02fa5102fa3f6eb40dc8652bf9945315266d2deafd0dcdf0ac4571c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdvNHdHgONvtiaPUGp30kKQ0yjlicXlZgnDucasZ_8PrDgNyhI91r6VQ31UoH8rYm0Z9-ccoAEaSV510WMNdVRY1US0M-QTP
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea8d0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 May 2022 14:55:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"45d4abc21e922d9e65ce164224bdbbf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=dPLoqw==, md5=RdSrwh6SLZ5lzhZCJL279A==
x-goog-generation: 1652453738829725
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 1201
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:00:54 GMT

GET
H2 200 chunk-KPP2HHD5.min.js Show response
app.gitbook.com/public/app/chunks/ 317 KB
88 KB 91ms
83ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-KPP2HHD5.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

1ae13729ae127fb186318324404454df39447e3807f86bcd8d45320de6c3e710

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycduTpZK8X7C4cbQ5ULo9ldrUhEkMN3gz6IFJipd5LV2Oz_yyYEHzYyxskUw16TMi1diF0_GYKpx8zfzn4Lrj16NMJg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea8e0211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jun 2022 17:10:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"49320bd65592d75895ddd6da6a2b6013"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=DLHxjA==, md5=STIL1lWS11iV3dbaaitgEw==
x-goog-generation: 1654794605612692
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 324517
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 16:49:15 GMT

GET
H2 200 chunk-2BY25Q75.min.js Show response
app.gitbook.com/public/app/chunks/ 7 KB
7 KB 362ms
354ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-2BY25Q75.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

37214c561baf0573f6191fb98d580111a509fc5f2e1277fcc48c643434962760

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdufTQwB12fLbz5qAjEYWmtfC5dXCJhKPTWayCfPcwZoF7WIU9oGNoFxhW7Hlj1sZCNUts0E8kaZpz0w3IatVBL7rFiru7cb
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea920211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jun 2022 17:10:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"afd04496bba1a8a7ccfaf3391422cef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=ShNzSA==, md5=r9BElruhqKfM+vM5FCLO9A==
x-goog-generation: 1654794605544769
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 6974
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:38:10 GMT

GET
H2 200 chunk-7JB2LWEG.min.js Show response
app.gitbook.com/public/app/chunks/ 422 B
4 KB 142ms
135ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-7JB2LWEG.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

477d98776c08c7e164fbeb5eb13e31ec366343e8862339d117501fe30a466b8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdubvr3ivXRnxnPXc9ZUfpVJ_X5mYZDViMMIoGXM_k9_sgpQXyBRfe6tQMjSc0uqgLj0KcAEiwjVlDsQvryzU-Uo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea930211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 May 2022 14:55:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9e35a96c9790e4fd90919d00dc5f8b09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=xeHvCQ==, md5=njWpbJeQ5P2QkZ0A3F+LCQ==
x-goog-generation: 1652453738786524
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 422
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:35:28 GMT

GET
H2 200 chunk-57DNK6NM.min.js Show response
app.gitbook.com/public/app/chunks/ 2 KB
5 KB 136ms
128ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/public/app/chunks/chunk-57DNK6NM.min.js

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

c3e85a72e22906189591225fc051e876891672f1b023f70eb3abbedd01a2a222

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.gitbook.com/public/app/public-HXXIVPUP.min.js?v=10.9.111-f29d6c373ea4bd66e43ff585ad910f0a664d4cc1-2540985975
Origin: https://www.wr3nch0x1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdtWws45l-bWJjfZjvD_xa5IwQLHOhZfevMV9SRQCHPLMG89z6AiU9qEg2ZtiBPT2mNqv6DATTfbT5a3ou8h7aA17Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
cf-ray: 72073c4eea950211-ZRH
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 May 2022 14:55:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"de77cc507ec65bb2e8355d4a04308d5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=BBO7ag==, md5=3nfMUH7GW7LoNV1KBDCNXA==
x-goog-generation: 1652453738776494
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 1705
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
content-type: application/javascript
expires: Sat, 24 Jun 2023 17:32:24 GMT

GET
H2 200 __session Show response
app.gitbook.com/ 52 B
4 KB 227ms
226ms Fetch
application/json 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/__session?proposed=c8738979-f256-4c77-b6e7-8aaff46f8481R

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-B6GXSXN7.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

d4bd8762176bf436916dce515168af7bd7b00a0f3b26c012ca8873573af45cd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com https://.logrocket.io https://.lr-ingest.io https://.logrocket.com https://.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-magic-hash: 09f5cc8f073619f0b07b1c5c028ff578910727041fa67ad8efd75555e04ff39b
x-powered-by: GitBook
x-cache: MISS
x-release: gitbook-x-prod-10.9.111
vary: Origin, Accept-Encoding
access-control-allow-origin: https://www.wr3nch0x1.com
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"34-sDPWDRni2POBdlTJz4n8nr9EUc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
via: no cache
x-cloud-trace-context: 616f96cd589d99f6d31370768cfeada5
cache-control: private
access-control-allow-credentials: true
function-execution-id: 7fmsb2lxdidn
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com https://*.logrocket.io https://*.lr-ingest.io https://*.logrocket.com https://*.lr-in.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://cdn.lr-in.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.111;
cf-ray: 72073c5309d60204-ZRH
expires: Fri, 24 Jun 2022 17:38:11 GMT

POST
H2 200 / Show response
o1000929.ingest.sentry.io/api/5960429/envelope/ 2 B
279 B 38ms
9ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o1000929.ingest.sentry.io/api/5960429/envelope/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_version=7

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-B6GXSXN7.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.wr3nch0x1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.wr3nch0x1.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 rest Show response
firestore.googleapis.com/$discovery/ 48 KB
8 KB 57ms
22ms Fetch
application/json 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/$discovery/rest

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-B6GXSXN7.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a09d91cee60a78fd1c08521332a4a18ccfb004558214b410681538bf5ad393a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.wr3nch0x1.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 8098
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=UA-163130692-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2002
date: Fri, 24 Jun 2022 17:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 24 Jun 2022 19:04:49 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2141839352&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wr3nch0x1.com%2Fcode-injection%2Ft1038-dll-hijacking-injection&ul=en-us&de=UTF-8&dt=T1038%3A%20DLL%20Hijacking%20%2F%20Injection%20-%20wr3nch0x1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=225865863&gjid=1850981176&cid=917680078.1656092291&tid=UA-163130692-1&_gid=900546576.1656092291&_r=1&gtm=2ou6m0&z=86790023

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-B6GXSXN7.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 17:38:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wr3nch0x1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
app.gitbook.com/__amp/ 7 B
194 B 234ms
234ms XHR
text/html 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/__amp/

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-B6GXSXN7.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=15768000
trace-id: Root=1-62b5f683-4b365fe22ec2cc0b4ad9e713
cf-ray: 72073c558d030211-ZRH
content-length: 7

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 favicon.ico
attack.mitre.org/theme/ 6 KB
7 KB 59ms
18ms Image
image/vnd.microsoft.icon 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attack.mitre.org/theme/favicon.ico
Requested by: Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 954182ac30724d6ba9b75332a189a4f8b851286320a11485190ecf10f092dc23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-fastly-request-id: 6682e12fcc9630f1d74344965046114d637213b5
date: Fri, 24 Jun 2022 17:38:11 GMT
via: 1.1 varnish
age: 534
x-cache: HIT
content-length: 6518
x-served-by: cache-mxp6983-MXP
last-modified: Wed, 25 May 2022 03:01:31 GMT
server: GitHub.com
x-github-request-id: 196C:CAF5:BA018:F59AC:62B5BC7F
x-timer: S1656092291.499385,VS0,VE1
etag: "628d9c0b-1976"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
expires: Fri, 24 Jun 2022 13:40:39 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 favicon.ico
owasp.org/www--site-theme/ 4 KB
6 KB 149ms
110ms Image
image/vnd.microsoft.icon 2606:4700:10::ac43:a27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://owasp.org/www--site-theme/favicon.ico

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:a27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / RankSense/CW

Resource Hash

3d0d321afa7acfbbc0243bd8aa26ae79d91f9ab8560ffa5a2e76152f37499479

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://api.github.com https://.githubusercontent.com https://.google-analytics.com https://owaspadmin.azurewebsites.net https://.twimg.com https://platform.twitter.com https://www.youtube.com https://.doubleclick.net; frame-ancestors 'self'; frame-src https://.vuejs.org https://.stripe.com https://.wufoo.com https://.sched.com https://.google.com https://.twitter.com https://www.youtube.com https://w.soundcloud.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com https://app.diagrams.net https://cdnjs.cloudflare.com https://cse.google.com https://.vuejs.org https://.stripe.com https://.wufoo.com https://.youtube.com https://.meetup.com https://.sched.com https://.google-analytics.com https://unpkg.com https://buttons.github.io https://www.google.com https://.gstatic.com https://.twitter.com https://.twimg.com; style-src 'self' 'unsafe-inline' https://.gstatic.com https://cdnjs.cloudflare.com https://www.google.com https://fonts.googleapis.com https://platform.twitter.com https://.twimg.com data:; font-src 'self' fonts.gstatic.com; manifest-src 'self' https://pay.google.com; img-src 'self' https://.globalappsec.org data: www.w3.org https://licensebuttons.net https://img.shields.io https://.twitter.com https://github.githubassets.com https://.twimg.com https://platform.twitter.com https://.githubusercontent.com https://.vercel.app https://.cloudfront.net https://.coreinfrastructure.org https://.securityknowledgeframework.org https://badges.gitter.im https://travis-ci.org https://api.travis-ci.org https://s3.amazonaws.com https://snyk.io https://coveralls.io https://requires.io https://github.com https://.googleapis.com https://.google.com https://*.gstatic.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://api.github.com https://*.githubusercontent.com https://*.google-analytics.com https://owaspadmin.azurewebsites.net https://*.twimg.com https://platform.twitter.com https://www.youtube.com https://*.doubleclick.net; frame-ancestors 'self'; frame-src https://*.vuejs.org https://*.stripe.com https://*.wufoo.com https://*.sched.com https://*.google.com https://*.twitter.com https://www.youtube.com https://w.soundcloud.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com https://app.diagrams.net https://cdnjs.cloudflare.com https://cse.google.com https://*.vuejs.org https://*.stripe.com https://*.wufoo.com https://*.youtube.com https://*.meetup.com https://*.sched.com https://*.google-analytics.com https://unpkg.com https://buttons.github.io https://www.google.com https://*.gstatic.com https://*.twitter.com https://*.twimg.com; style-src 'self' 'unsafe-inline' https://*.gstatic.com https://cdnjs.cloudflare.com https://www.google.com https://fonts.googleapis.com https://platform.twitter.com https://*.twimg.com data:; font-src 'self' fonts.gstatic.com; manifest-src 'self' https://pay.google.com; img-src 'self' https://*.globalappsec.org data: www.w3.org https://licensebuttons.net https://img.shields.io https://*.twitter.com https://github.githubassets.com https://*.twimg.com https://platform.twitter.com https://*.githubusercontent.com https://*.vercel.app https://*.cloudfront.net https://*.coreinfrastructure.org https://*.securityknowledgeframework.org https://badges.gitter.im https://travis-ci.org https://api.travis-ci.org https://s3.amazonaws.com https://snyk.io https://coveralls.io https://requires.io https://github.com https://*.googleapis.com https://*.google.com https://*.gstatic.com
content-encoding: br
age: 19
x-served-by: cache-fra19160-FRA
referrer-policy: same-origin
x-github-request-id: E692:6623:EFD1A:FA78D:62B227A7
x-timer: S1655842976.610473,VS0,VE1
x-frame-options: SAMEORIGIN
etag: W/"62b22700-e6b"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: max-age=14400
x-cache-hits: 1
x-fastly-request-id: d7df1f74f51b452d3341a6fc9eb8150c29eb6e8a
x-rs-cf-app-version: 1.0.45
date: Fri, 24 Jun 2022 17:38:11 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: RankSense/CW
x-cache: HIT
server: cloudflare
last-modified: Tue, 21 Jun 2022 20:16:00 GMT
x-rs-changes-amount: url_is_excluded
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
expires: Fri, 24 Jun 2022 17:05:47 GMT
permissions-policy: geolocation=(self)
cf-ray: 72073c55df090229-ZRH
x-origin-processing-time: 16.0000
x-proxy-cache: HIT

GET
H2 200 favicon.ico
docs.microsoft.com/ 17 KB
17 KB 121ms
21ms Image
image/x-icon 2a02:26f0:1700:1b0::353e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.microsoft.com/favicon.ico

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:1b0::353e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length: 17174
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 06 Jun 2022 02:30:56 GMT
x-datacenter: wus
date: Fri, 24 Jun 2022 17:38:11 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type: image/x-icon
cache-control: public, max-age=552479
etag: "0x8DA476495C2BB0B"
akamai-cache-status: Hit from child
request-context: appId=cid-v1:b1c5b6ea-7ff0-41d3-9862-84c5e1dc3be7
expires: Fri, 01 Jul 2022 03:06:10 GMT

GET
H2 200 favicon.png
www.offensive-security.com/wp-content/themes/OffSec/ 774 B
1 KB 29ms
6ms Image
image/png 192.124.249.5
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offensive-security.com/wp-content/themes/OffSec/favicon.png

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.5 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10005.sucuri.net

Software

nginx /

Resource Hash

18d8ad50b8569797b56e976768dd2c0fbd5201e072d08eb7523f00164a734c5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
vary: User-Agent
content-length: 774
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Oct 2019 21:12:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 15005
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=2141839352&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wr3nch0x1.com%2Fcode-injection%2Ft1038-dll-hijacking-injection&dp=%2Fcode-injection%2Ft1038-dll-hijacking-injection&ul=en-us&de=UTF-8&dt=T1038%3A%20DLL%20Hijacking%20%2F%20Injection%20-%20wr3nch0x1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAAC~&jid=&gjid=&cid=917680078.1656092291&tid=UA-163130692-1&_gid=900546576.1656092291&gtm=2ou6m0&gcs=G111&z=1950345657

Requested by

Host: www.wr3nch0x1.com
URL: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 20:44:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75195
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 54 B
95 B 166ms
152ms Fetch
text/plain 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fgitbook-x-prod%2Fdatabases%2F(default)&VER=8&RID=58017&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F9.8.1%0D%0AContent-Type%3Atext%2Fplain%0D%0AX-Firebase-GMPID%3A1%3A958285583043%3Aweb%3A9c80475faa8bc9f9cb0876%0D%0A&zx=cw73nkdhf2q7&t=1

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-B6GXSXN7.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c53bf45a3ec4ae6e0d0118d6186d6ea8c8978bbd0f831f6f7f3c256f83418f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Jun 2022 17:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.wr3nch0x1.com
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: ZvdIqUPokFM5nHd9u-nFpU2xiQz2lzivsafxO6sBPn4

GET
H3 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 57 KB
0 644ms
643ms Fetch
text/plain 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fgitbook-x-prod%2Fdatabases%2F(default)&gsessionid=ZvdIqUPokFM5nHd9u-nFpU2xiQz2lzivsafxO6sBPn4&VER=8&RID=rpc&SID=lm6SyrZRVTH493PhFz29lA&CI=0&AID=0&TYPE=xmlhttp&zx=dt3g5oq2mzuc&t=1

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-B6GXSXN7.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.wr3nch0x1.com
cache-control: private, max-age=0
access-control-allow-credentials: true
vary: Referer, origin
x-xss-protection: 0

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 119ms
119ms Fetch
text/plain 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fgitbook-x-prod%2Fdatabases%2F(default)&VER=8&gsessionid=ZvdIqUPokFM5nHd9u-nFpU2xiQz2lzivsafxO6sBPn4&SID=lm6SyrZRVTH493PhFz29lA&RID=58018&AID=22&zx=t20l7m47bz7x&t=1

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-B6GXSXN7.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d63a74928d809f1cda3cc52c16f1a2440f0416d662213f61d84316687f64c0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Jun 2022 17:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.wr3nch0x1.com
vary: origin
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 185ms
185ms Fetch
text/plain 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-B6GXSXN7.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4d5e0d1e224191c6afad5fe739d95d288812f5be42a3045494c1ec82b0d3ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.wr3nch0x1.com/code-injection/t1038-dll-hijacking-injection
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Jun 2022 17:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.wr3nch0x1.com
vary: origin
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wr3nch0x1.com/	1970-01-25 12:04:19	Name: __cuid Value: feac92ed3b124d20b85f3354a38eed08
.wr3nch0x1.com/	1970-01-20 21:32:44	Name: _ga Value: GA1.2.917680078.1656092291
.wr3nch0x1.com/	1970-01-20 04:02:58	Name: _gid Value: GA1.2.900546576.1656092291
.wr3nch0x1.com/	1970-01-20 04:01:32	Name: _gat_gtag_UA_163130692_1 Value: 1
.gitbook.com/	1970-01-23 19:41:51	Name: __session Value: c8738979-f256-4c77-b6e7-8aaff46f8481R
.wr3nch0x1.com/	1970-01-20 12:47:08	Name: amp_fef1e8 Value: c8738979-f256-4c77-b6e7-8aaff46f8481R...1g6bcls6v.1g6bclsb7.1.0.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https:; default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; img-src data: * blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; font-src app.gitbook.com js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com ; form-action api-iam.intercom.io intercom.help; media-src .intercomcdn.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4250176955-files.gitbook.io
app.gitbook.com
attack.mitre.org
cdn.iframe.ly
cdn.polyfill.io
docs.microsoft.com
firestore.googleapis.com
o1000929.ingest.sentry.io
owasp.org
www.gitbook.com
www.google-analytics.com
www.googletagmanager.com
www.offensive-security.com
www.wr3nch0x1.com
13.32.27.91
192.124.249.5
2606:4700:10::ac43:a27
2606:4700::6812:191
2606:4700::6812:86f
2606:4700::6812:91
2606:50c0:8000::153
2a00:1450:4001:811::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
2a02:26f0:1700:1b0::353e
2a04:4e42::282
34.120.195.249
04beb72743c48f951047c3f14310974cc79293d7de2861b44052497d08ae7fc5
12a794daad1cec4f1d56ac5be150571ce00a621ab4ad1ff45fa8742352752e45
142dda220b464de17ccaa3949b42543c6488ede54423361364bffb67ec054a2b
14824a3eeadb2d953b1b31181478c8679cd95dc7fa51c4c1cf6f9af994834d98
1588e257d5d5d137bdf245d5d1e6e9e89a7393e411feab9fcb28eba9fa615779
18d8ad50b8569797b56e976768dd2c0fbd5201e072d08eb7523f00164a734c5d
1ae13729ae127fb186318324404454df39447e3807f86bcd8d45320de6c3e710
288e63ffa962480d3ff4e2f209b70fddca1cb2ee7f53a58ca4232a5de07e3a0e
2d9592332cec1601c89ba5a3dca8ff3928ad270a1842926ab28d9b24575ff165
2e9516397b60a1f72e680cd614eeae501cc05e8336b41677f6ddcf7ca91ce87b
2fc43de0b7192ea8d141166fd138508b806a7742a19d60d376717d299249a721
37214c561baf0573f6191fb98d580111a509fc5f2e1277fcc48c643434962760
391798381365eae6431d5301789e74ae40318b5a909f6732710c938f709dd15b
3b571458e02fa5102fa3f6eb40dc8652bf9945315266d2deafd0dcdf0ac4571c
3d0d321afa7acfbbc0243bd8aa26ae79d91f9ab8560ffa5a2e76152f37499479
3e383bd6d36a8a4c53d4df0c2d2e25c0373e571524a351f32aa28f47abde794f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4527b523271b31ea23e2241eaa32be773ae97e2100a4cde9c4ea807f5bdf345e
474219c4838734328bacdf2229ee7aa9b960e1e22b36aa0b2440dee68b7ded93
477d98776c08c7e164fbeb5eb13e31ec366343e8862339d117501fe30a466b8b
4a505bd87e5188ba1e2cc5095cd40287bc7494c47e06c809e87ae3368e4519e7
5d052530c0238ae4aefeb70bf0ad7deea5141fac18d03f73ed191ec8bb2edecb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73971d2e544090ece7946c253f97ad012433034112729f30460561f1b3f3baa4
7b5b074c25c1d039522ee6547e09a1767c2621b80f559a938d43804750eabdb6
7f48c1d188c855cf737242beac652edbbc723d0a44949d05cd8876a74a9304c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8789224140397e0644f8d3daf8aaa2733d8a357be81b239188de34b81b3cb11c
886d2ff49d24e24776074fe0a2e84450c6ffe42262cba890f073e4e90d982c87
8be2edcbae84d5edd53e879a9a8d6c58a8eea966820ac287c0275a9698495518
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
91edc14c712c0f1f64767c76dc267782a71d64eef6a3fa0b78e3550b67031f7f
954182ac30724d6ba9b75332a189a4f8b851286320a11485190ecf10f092dc23
96c788d4ea050c0546b7ee31748da4f4dd37c98bd559d61101f67db774523e88
99b06c0121019e577fbeb61926a76ab064ebf04641e17b3f3cdd31c5bfada827
a09d91cee60a78fd1c08521332a4a18ccfb004558214b410681538bf5ad393a9
a0d99ac5405f1a2d4e1e0e8acbbab8c00d7f951e534e86de63b6c71a3d763a3e
a142a86af7587c36981e01defd855593cf401f89ea81022b9052e2c9dd95eda1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9181efb23e405a5ae51f5eb9ed17564496ab30195bfa13ecb923460d8a92300
abe67ac80a18e468ba4e9fc2138ddf670e168fb92b38ed1e71da54eecd420d9d
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b37d775bb347246729d437f266c2dfcd705a9171580f6149ab673b10a3500367
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0e7565b8afa0f706b391aa6f09e8991042c8dc0bba2743981ad77950212948a
c3e85a72e22906189591225fc051e876891672f1b023f70eb3abbedd01a2a222
c53bf45a3ec4ae6e0d0118d6186d6ea8c8978bbd0f831f6f7f3c256f83418f0c
c63de90cc4102009161332d7ddee8d972693c776e040e237e4f369f8f87679a5
c7ab45318f970a0f9a86175b4747a3ed97ab505af471d6e9988b3fde688afb4a
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cc85ca1807422f0603716b43ec3f6544ae0a2f395bee02ad3eeb000c2a2aaf86
cf3a427212e99976f24973f5d6f27470523c432095f5d138f6f1482a3be5972e
d4bd8762176bf436916dce515168af7bd7b00a0f3b26c012ca8873573af45cd7
d4d5e0d1e224191c6afad5fe739d95d288812f5be42a3045494c1ec82b0d3ae0
d63a74928d809f1cda3cc52c16f1a2440f0416d662213f61d84316687f64c0fb
e18ef245415a492b8598e2bfc78730ac92fff7d40a2d43ab097eb92cbf78b29a
e30b1c91012dbe8653ed9a767fdf9d78cce4058a00fa66603fd498071c39b870
e614ffcc7e88a0d1d6bece8c5c5cbb527d5c9e48f33c6ab4f7e32d73af0bd61f
ec783284db8c7302b4a29ef3594adf81bba2d35cf82d6149f733bd5a9d8e6da1
f13eed15e949fc5aec4991e75d0a108e4657c0b66d78c4497b20e6dc1e918869
f862f11b9df5603a87c7935660aab36499f1f7dcc52099a6b722a644f8114841
fa77b465b0f87b7c5135a79fc441a158a3903247b5982fff3cbeb56091349e6c
fd513e39886c49bf545dfbb175c2d60ec44fd1d04569d2952b9a2a0123709397

www.wr3nch0x1.com Open in urlscan Pro 2606:4700::6812:191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

77 %IPv6

13 Domains

14 Subdomains

14 IPs

2 Countries

2979 kBTransfer

6695 kBSize

6 Cookies

20 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.wr3nch0x1.com Open in urlscan Pro
2606:4700::6812:191 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

77 %
IPv6

13
Domains

14
Subdomains

14
IPs

2
Countries

2979 kB
Transfer

6695 kB
Size

6
Cookies

63 HTTP transactions
1 data transactions