pentester.land Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pentester.land/writeups/
Submission: On July 14 via manual (July 14th 2023, 4:50:57 pm UTC) from IN — Scanned from NL

Summary HTTP 16 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is pentester.land.
TLS certificate: Issued by R3 on June 28th 2023. Valid for: 3 months.

This is the only time pentester.land was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:335d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	5

12 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

pentester.land	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:335d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	pentester.land pentester.land	602 KB
2	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 5568	116 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1174	7 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 433	31 KB
16	4

	Domain	Requested by
12	pentester.land	pentester.land ajax.googleapis.com static.cloudflareinsights.com
2	cdn.datatables.net	pentester.land
1	static.cloudflareinsights.com	pentester.land
1	ajax.googleapis.com	pentester.land
16	4

This site contains links to these domains. Also see Links.

Domain
github.com
twitter.com
go.intigriti.com
zxsecurity.co.nz
medium.com
labs.withsecure.com
research.aurainfosec.io
portswigger.net
d4ly.medium.com
herolab.usd.de
www.rapid7.com
dimazarno.medium.com
devco.re
mizu.re
www.ghostccamm.com
www.securityjoes.com
www.sonarsource.com
www.synacktiv.com
obmiblog.blogspot.com
cristivlad.medium.com
www.shielder.com
code-white.com
blog.projectdiscovery.io
www.wojciechregula.blog
bhavukjain.com
kuldeep.io
blog.takemyhand.xyz
offsec.almond.consulting
www.klogixsecurity.com
blog.assetnote.io
labs.hakaioffsec.com
www.legitsecurity.com
blog.silentsignal.eu
medium.themayor.tech
neupanemizzle.medium.com
sudhanshukashyap123.medium.com
www.ns-echo.com
www.interruptlabs.co.uk
x64.sh
redmaple.tech
www.rcesecurity.com
blog.prodefense.io
security.lauritz-holtmann.de
www.pmnh.site

Subject Issuer	Validity	Valid
pentester.land R3	`2023-06-28` - `2023-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pentester.land/writeups/
Frame ID: EC0CE8A2224F34D5CE94811ADE6B52D3
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Writeups - Pentester Land

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

756 kB
Transfer

3908 kB
Size

0
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/pentesterland/
Title: GitHub

Search URL Search Domain Scan URL

URL: https://twitter.com/PentesterLand
Title: Twitter

Search URL Search Domain Scan URL

URL: https://go.intigriti.com/plwebsite
Title: Click here to join the Intigriti community

Search URL Search Domain Scan URL

URL: https://zxsecurity.co.nz/research/advisories/race-condition-asp-net-core-signinmanager/
Title: Security Feature Bypass In ASP.NET and Visual Studio – Race Condition

Search URL Search Domain Scan URL

URL: https://medium.com/@abdulparkar9554/story-of-clickjacking-in-microsoft-leads-to-privilege-escalation-account-takeover-of-admin-a04453ed47fc
Title: Story of Clickjacking on Microsoft Leads To Privilege Escalation & Account Takeover Of Admin

Search URL Search Domain Scan URL

URL: https://labs.withsecure.com/publications/executing-arbitrary-code-executables-in-read-only-filesystems
Title: Executing Arbitrary Code & Executables in Read-Only FileSystems

Search URL Search Domain Scan URL

URL: https://research.aurainfosec.io/pentest/bee-yond-capacity/
Title: Bee-yond Capacity: Unauthenticated RCE in Extreme Networks/Aerohive Wireless APs - CVE-2023-35803

Search URL Search Domain Scan URL

URL: https://portswigger.net/research/exploiting-xss-in-hidden-inputs-and-meta-tags?pk_source=portswiggerres&pk_medium=social&pk_campaign=psres
Title: Exploiting XSS in hidden inputs and meta tags

Search URL Search Domain Scan URL

URL: https://d4ly.medium.com/an-interesting-rce-on-a-synack-red-team-target-516edb63fd04
Title: An interesting RCE on a Synack Red Team target!

Search URL Search Domain Scan URL

URL: https://herolab.usd.de/en/critical-foswiki-vulnerablities-a-logic-error-turned-remote-code-execution/
Title: Critical Foswiki Vulnerablities: A Logic Error Turned Remote Code Execution

Search URL Search Domain Scan URL

URL: https://www.rapid7.com/blog/post/2023/07/11/cve-2023-29298-adobe-coldfusion-access-control-bypass/
Title: CVE-2023-29298: Adobe ColdFusion Access Control Bypass

Search URL Search Domain Scan URL

URL: https://dimazarno.medium.com/unexpected-zero-in-mysql-injection-511f632714b0
Title: Unexpected Zero in MySQL Injection

Search URL Search Domain Scan URL

URL: https://devco.re/blog/2023/07/07/a-journey-into-hacking-google-search-appliance-en/
Title: [REL] A Journey Into Hacking Google Search Appliance

Search URL Search Domain Scan URL

URL: https://mizu.re/post/linux-local-electron-application-script-src-self-bypass#final_bypass
Title: Linux local electron application script-src: self bypass

Search URL Search Domain Scan URL

URL: https://www.ghostccamm.com/blog/multi_cockpit_vulns/
Title: Multiple Vulnerabilities In Cockpit CMS <= V2.5.2

Search URL Search Domain Scan URL

URL: https://www.securityjoes.com/post/process-mockingjay-echoing-rwx-in-userland-to-achieve-code-execution
Title: Process Mockingjay: Echoing RWX In Userland To Achieve Code Execution

Search URL Search Domain Scan URL

URL: https://www.sonarsource.com/blog/why-orms-and-prepared-statements-cant-always-win/
Title: Why ORMs and Prepared Statements Can't (Always) Win

Search URL Search Domain Scan URL

URL: https://www.synacktiv.com/sites/default/files/2023-06/synacktiv-ucopia-multiple-vulnerabilities-2022.pdf
Title: Multiple vulnerabilities in UCOPIA <= 6.0.7 (CVE-2022-44719 / CVE-2022-44720)

Search URL Search Domain Scan URL

URL: https://obmiblog.blogspot.com/2022/12/gcp-2022-few-bugs-in-google-cloud-shell.html
Title: [ GCP 2022 ] Few bugs in the google cloud shell

Search URL Search Domain Scan URL

URL: https://cristivlad.medium.com/account-of-the-ceo-takeover-via-password-reset-7e55c0175425
Title: Account (of the CEO) Takeover via Password Reset

Search URL Search Domain Scan URL

URL: https://www.shielder.com/blog/2023/07/aws-codebuild--s3-privilege-escalation/
Title: AWS CodeBuild + S3 == Privilege Escalation

Search URL Search Domain Scan URL

URL: https://code-white.com/blog/2023-07-from-blackbox-dotnet-remoting-to-rce/
Title: From Blackbox .NET Remoting to Unauthenticated Remote Code Execution

Search URL Search Domain Scan URL

URL: https://blog.projectdiscovery.io/moveit-transfer-sql-injection/
Title: CVE-2023-36934 Analysis: MOVEit Transfer SQL Injection

Search URL Search Domain Scan URL

URL: https://www.wojciechregula.blog/post/macos-atlassian-companion-rce/
Title: macOS Atlassian Companion Remote Code Execution

Search URL Search Domain Scan URL

URL: https://bhavukjain.com/blog/2023/07/08/account-takeover-custom-otp/
Title: Account Takeover via Custom OTP, No User Interaction Required!

Search URL Search Domain Scan URL

URL: https://kuldeep.io/posts/fulldisclosure-dom-based-xss/
Title: Full Disclosure - DOM-based XSS And Failures In Bug Bounty Hunting

Search URL Search Domain Scan URL

URL: http://blog.takemyhand.xyz/2023/07/remote-code-execution-in-gitlabs-cli.html
Title: RCE In GitLab's CLI Tool

Search URL Search Domain Scan URL

URL: https://offsec.almond.consulting/windows-msiexec-eop-cve-2020-0911.html
Title: Windows Installer arbitrary content manipulation Elevation of Privilege (CVE-2020-0911)

Search URL Search Domain Scan URL

URL: https://medium.com/@0utlawh4ck3r/story-of-my-first-rce-9d74373fbc11
Title: Story Of My First RCE :)

Search URL Search Domain Scan URL

URL: https://www.klogixsecurity.com/scorpion-labs-blog/chaining-for-critical-unauthorized-to-cloud-administrator
Title: Chaining for Critical: Unauthorized to Cloud Administrator

Search URL Search Domain Scan URL

URL: https://blog.assetnote.io/2023/07/04/citrix-sharefile-rce/
Title: Encrypted Doesn't Mean Authenticated: ShareFile RCE (CVE-2023-24489)

Search URL Search Domain Scan URL

URL: https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/adselfpwnplus/adselfpwnplus.md
Title: Pulling SYSTEM out of Windows GINA

Search URL Search Domain Scan URL

URL: https://medium.com/pinoywhitehat/getting-email-address-of-any-hackerone-user-worth-7-500-afb8076ee395
Title: Getting email address of any HackerOne user worth $7,500

Search URL Search Domain Scan URL

URL: https://www.synacktiv.com/sites/default/files/2023-07/synacktiv-phplist-partial-file-read.pdf
Title: Partial File Read in phpList <= 3.6.12 (CVE-2023-35834)

Search URL Search Domain Scan URL

URL: https://labs.hakaioffsec.com/nginx-alias-traversal/
Title: Hunting for Nginx Alias Traversals in the wild

Search URL Search Domain Scan URL

URL: https://www.legitsecurity.com/blog/-how-we-found-another-github-action-environment-injection-vulnerability-in-a-google-project
Title: How We Found Another GitHub Action Environment Injection Vulnerability in a Google Project

Search URL Search Domain Scan URL

URL: https://blog.silentsignal.eu/2023/07/03/ibm-i-dde-vulnerability-cve-2023-30990/
Title: Technical Details of CVE-2023-30990 - Unauthenticated RCE in IBM i DDM Service

Search URL Search Domain Scan URL

URL: https://medium.themayor.tech/domain-takeover-without-domain-admin-permissions-28a7bd330501
Title: Domain Takeover Without Domain Admin Permissions

Search URL Search Domain Scan URL

URL: https://neupanemizzle.medium.com/server-side-template-injection-leading-to-rce-on-google-vrp-75f0a4bc6ebc
Title: Server-side Template Injection Leading to RCE on Google VRP

Search URL Search Domain Scan URL

URL: https://sudhanshukashyap123.medium.com/chaining-self-blind-xss-with-broken-access-control-to-make-it-non-self-blind-xss-626a70c8bbc7
Title: Chaining Self Blind XSS with Broken Access Control To Make it Non Self Blind XSS

Search URL Search Domain Scan URL

URL: https://www.ns-echo.com/posts/cve_2023_33298.html
Title: CVE-2023-33298 - Perimeter81 Local Privilege Escalation

Search URL Search Domain Scan URL

URL: https://www.interruptlabs.co.uk/articles/pwn2own-2022-hp-printer
Title: Exploiting the HP Printer without the printer (Pwn2Own 2022)

Search URL Search Domain Scan URL

URL: https://x64.sh/posts/ServiceNow-Insecure-access-control-to-admin/
Title: ServiceNow Insecure Access Control To Full Admin Takeover

Search URL Search Domain Scan URL

URL: https://github.com/firsov/onlyoffice/blob/main/CVE-2023-34939-PoC.md
Title: RCE via Path Traversal vulnerability in Onlyoffice CommunityServer < 12.5.2 (CVE-2023-34939)

Search URL Search Domain Scan URL

URL: https://redmaple.tech/blogs/2023/extract-bitwarden-vault-passwords/
Title: Hunting for Bitwarden master passwords stored in memory

Search URL Search Domain Scan URL

URL: https://www.rcesecurity.com/2023/07/patch-diffing-cve-2023-28121-to-compromise-a-woocommerce/
Title: Patch Diffing CVE-2023-28121 to Compromise a WooCommerce

Search URL Search Domain Scan URL

URL: https://blog.prodefense.io/how-abusing-aws-cloudformation-led-to-a-total-takeover-of-an-aws-environment-7f94cabd671d
Title: How Abusing AWS CloudFormation Led to a Total Takeover of an AWS Environment

Search URL Search Domain Scan URL

URL: https://medium.com/@nguhuynh.148/how-did-i-get-200-with-wordpress-vulnerability-4ce80f106709
Title: How did I get 200$ with WordPress vulnerability!!!

Search URL Search Domain Scan URL

URL: https://medium.com/@M0X0101/how-i-was-able-to-get-account-takeover-via-insecure-data-storage-and-webview-with-exported-activity-5308a330ab80
Title: How i was able to get Account Takeover via Insecure Data Storage and WebView With Exported Activity

Search URL Search Domain Scan URL

URL: https://security.lauritz-holtmann.de/post/csti-xss-sso-gadget-chain/
Title: SSO Gadgets II: Unauthenticated Client-Side Template Injection to Account Takeover using SSO Gadget Chain

Search URL Search Domain Scan URL

URL: https://medium.com/@jonathanbouman/laravel-debug-mode-left-on-at-zouikwatzeggen-nl-948a7365409f
Title: Laravel debug mode left on at Zouikwatzeggen.nl leaks admin credentials & potentially submitted reports of improper behaviour at Amsterdam University Medical Centers

Search URL Search Domain Scan URL

URL: https://medium.com/@amolbhavar/how-i-get-1000-bounty-for-discovering-account-takeover-in-android-application-3c4f54fbde39
Title: How I get 1000$ bounty for Discovering Account Takeover in Android Application

Search URL Search Domain Scan URL

URL: https://www.pmnh.site/post/witeup_lhe_graphql_stored_xss/
Title: Bug Writeup: Stored XSS to Account Takeover (ATO) via GraphQL API

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pentester.land/writeups/ 22 KB
7 KB 152ms
42ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pentester.land/writeups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

147f992cfc7ebe8436379c342e7043620f102b026e9d82e4a0ac7e5f08669c2d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 69351
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: HIT
cf-ray: 7e6b44613b49b8f7-AMS
content-encoding: br
content-security-policy: default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
content-type: text/html; charset=utf-8
date: Fri, 14 Jul 2023 16:50:51 GMT
feature-policy: geolocation 'self'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmhhJMC%2BGyIupp8xJ9gSFys0EK1NEK79QEmDVj3RJ7hRug2RSGwsD9PZ5L0ZXjOfktTLeXYbsXKrKxoxjnsJJNA%2B7LjMQaDzqL0F7fzGLa7pox7Kg%2FCi6BWsH%2FZbIJC31g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 jost-v4-latin-regular.woff2
pentester.land/fonts/vendor/jost/ 9 KB
9 KB 40ms
38ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pentester.land/fonts/vendor/jost/jost-v4-latin-regular.woff2

Requested by

Host: pentester.land
URL: https://pentester.land/writeups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ec88467d03e77c12b2583965e33f2f92bdd0ae916dd04f5a4a0d09c7ed21e9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentester.land/
Origin: https://pentester.land
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 184816
alt-svc: h3=":443"; ma=86400
content-length: 8864
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
etag: "c66d6bf64b2951a3498e3148e578a628"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IWnnzfxRd%2Byu3V91kyjowEP1Jsz9YSx6Q6x7EUn2x9zh7aCgY4FV%2BueLBpxIz3ANOP1TOjufrwRgeC6KCK2ZaDgtORzWxUJSmkFe1OhZy4zxBvKjGZEgbRA0cMMNEMPJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: geolocation 'self'
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7e6b44618be2b8f7-AMS

GET
H2 200 jost-v4-latin-500.woff2
pentester.land/fonts/vendor/jost/ 10 KB
10 KB 37ms
36ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pentester.land/fonts/vendor/jost/jost-v4-latin-500.woff2

Requested by

Host: pentester.land
URL: https://pentester.land/writeups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd98748755ec9560f8bf9731a17f3ae1e3be2268d1c3d5c02aff4450c52eb5c7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentester.land/
Origin: https://pentester.land
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 37864
alt-svc: h3=":443"; ma=86400
content-length: 9828
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
etag: "c9269c2fa9c97cee31cd47101a3477fd"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mq9ffRgWzfzqNRGZP9%2Brq10Qp8yukorGttGPPoZ6oXkfMAfrn2g0K%2BjMoaKtir8cJP7H0fhJ9nYx7qXZ4dgsXC4FelybaHkGciRghSa3TLZkVi2iQl%2FxyXZKYJ99lhqyEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: geolocation 'self'
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7e6b44618be6b8f7-AMS

GET
H2 200 jost-v4-latin-700.woff2
pentester.land/fonts/vendor/jost/ 10 KB
10 KB 34ms
33ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pentester.land/fonts/vendor/jost/jost-v4-latin-700.woff2

Requested by

Host: pentester.land
URL: https://pentester.land/writeups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce08214c4185d69121e68d72a56e60f1c25ed5c57946908dd6e5eb99c88a635a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentester.land/
Origin: https://pentester.land
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 184816
alt-svc: h3=":443"; ma=86400
content-length: 9820
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
etag: "b3aaab617f31d1d45956b0056fae7f86"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsG%2FREmSPjv%2B8JkB4RagmxtKJxrb1LB8ktrRS4Ji4Nb%2FS2M1rPkZczyr7AstWKTEtbuqlhVvDc7iHJIh3RFNFUFS%2FKp4dWgodd%2F7y7jWbPJY8%2BV7JrAZHYOqAgCDRrLO1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: geolocation 'self'
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7e6b44618be7b8f7-AMS

GET
H2 200 main.8b6b56833bb9946f89513a9b39e5b1c3aa0c710b4dd0d52a0bfa3ba083deb713da7a4a20aa25be3c04c0ac48d151bd71013707eae0cd775ec563af41b6f46926.css
pentester.land/ 110 KB
21 KB 42ms
41ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pentester.land/main.8b6b56833bb9946f89513a9b39e5b1c3aa0c710b4dd0d52a0bfa3ba083deb713da7a4a20aa25be3c04c0ac48d151bd71013707eae0cd775ec563af41b6f46926.css

Requested by

Host: pentester.land
URL: https://pentester.land/writeups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2440ba0b961b6b11b370af0ed2306fd9fff2efa69686f92d4e42fb70b934cde

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentester.land/
Origin: https://pentester.land
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 37863
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
etag: W/"24abe5d2c76c17e867ddd31c180c6c56"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KLC40dZbFCdw5870dLVMXGGxzUYi9QzhmnB9qtKWfc5polxCMbUkbVMSH5RVsK9uz6jku7UjjFkeuntkHThKEVz0DTcQgiFgY7zuNHUhIyYJ4vBEsvenzhWsPuw%2B4dGRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: geolocation 'self'
vary: Accept-Encoding
cf-ray: 7e6b44618be4b8f7-AMS

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: pentester.land
URL: https://pentester.land/writeups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pentester.land/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2024 08:15:25 GMT

GET
H2 200 jquery.dataTables.css
cdn.datatables.net/1.12.1/css/ 21 KB
3 KB 124ms
37ms Stylesheet
text/css 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.12.1/css/jquery.dataTables.css

Requested by

Host: pentester.land
URL: https://pentester.land/writeups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebf8c0533dff0ea9b9060a066661e7d42c967da1ad3f52c1da742253ef651ce5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pentester.land/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:51 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 9781040
content-length: 2899
last-modified: Fri, 17 Mar 2023 09:19:45 GMT
server: cloudflare
etag: "11410cb-5239-5f71514058027-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7e6b44621e340b4c-AMS
access-control-allow-headers: origin, x-requested-with, content-type
expires: Fri, 22 Mar 2024 11:53:31 GMT

GET
H2 200 jquery.dataTables.js Show response
cdn.datatables.net/1.12.1/js/ 443 KB
113 KB 125ms
38ms Script
application/javascript 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.12.1/js/jquery.dataTables.js

Requested by

Host: pentester.land
URL: https://pentester.land/writeups/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73246c8456348484d4dfb8360acc2ec567c024970d1ffe137b7c46b7dfa98d9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pentester.land/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:51 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 9330666
last-modified: Fri, 17 Mar 2023 09:19:45 GMT
server: cloudflare
etag: "11419bf-6ec13-5f71514058fc7-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
cf-ray: 7e6b44621e350b4c-AMS
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 27 Mar 2024 16:59:45 GMT

GET
H3 200 logo.svg
pentester.land/images/ 15 KB
6 KB 35ms
34ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentester.land/images/logo.svg

Requested by

Host: pentester.land
URL: https://pentester.land/writeups/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d3aefc756ce182b859047749164d335dbce2c8e44cf04f349069616199a4835

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pentester.land/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 192356
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
etag: W/"73b849b54c74d3229a840ec53e2f53ce"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKAgSxp1cQwNue59gCwb7p3Bg8sh5DEZ%2FKdvA%2FsyLTxfxNKmW1JblbaJBOMKEsQhrNPTiHkwtaYdcghOWKBq6PIpLq6c5oduNf58603poMozXsCYvM6NKLL77ILd69VYeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: geolocation 'self'
vary: Accept-Encoding
cf-ray: 7e6b44628ecd0eae-AMS
priority: u=3,i

GET
H3 200 intigriti_iconlogo_landscape_NAVY.png
pentester.land/images/ 29 KB
29 KB 45ms
45ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentester.land/images/intigriti_iconlogo_landscape_NAVY.png

Requested by

Host: pentester.land
URL: https://pentester.land/writeups/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3692e8e36d8553ee6008fb474eee0477eb8f649d94609c515d5665b78cdfc31

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pentester.land/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 192356
alt-svc: h3=":443"; ma=86400
content-length: 29342
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
etag: "f41fd32aa2252484eebb0d31b4c9d8f1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNkZoGfQNeeyINo86MF9A3Ax2TPII7wuixPfm5nNShZ1HeYvcs%2BxCAxT6OjYNM3Y3PDNWb4ZU9wCMTVdJtnXJtmxhpFrA6%2FT02yIZEJMs8pU2wH%2B4c69WcRJwA5bHfK42w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: geolocation 'self'
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7e6b4462aef60eae-AMS
priority: u=3,i

GET
H3 200 bootstrap.min.54bf0932b8a36d0e152b1635b099a6ef1394d35327e2437550a075c9c8ed1bd8aed5847c21b36fc02ed24014c031d9ca24017b0c78b1639d7e2fa8329898b842.js Show response
pentester.land/js/ 78 KB
24 KB 56ms
55ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pentester.land/js/bootstrap.min.54bf0932b8a36d0e152b1635b099a6ef1394d35327e2437550a075c9c8ed1bd8aed5847c21b36fc02ed24014c031d9ca24017b0c78b1639d7e2fa8329898b842.js

Requested by

Host: pentester.land
URL: https://pentester.land/writeups/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c37552fecda8922a6fe77bc3ea11401a8ffc8c2aa6f4ecd9d0cfacace9ff4f5

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentester.land/
Origin: https://pentester.land
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 17405
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
etag: W/"86d3bfdb8f9552a6e619114a059f0aec"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPx3pJOyeSlwL%2BbfQhRmJT1yixrz0F3Fy6cw%2FuREFOatLxEBxvVuZSLZCtCegF%2B71GZ2JxQnFGaW6Hf7c%2BD9RsGmEwYSa09Sl%2FkP9TIOUTAt%2Bhrle92wW2mEqjrTXyGCcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: geolocation 'self'
vary: Accept-Encoding
cf-ray: 7e6b4462bf0a0eae-AMS
priority: u=3,i=?0

GET
H3 200 highlight.min.0f6c84cad9ce723f37693f4d84941b2527f773c7e340ca9e5f2a95e196384659d13b3c46be12bfbe5b14329f2e2aa6c727d3680e6d33f0e8914ad463bc17fc84.js Show response
pentester.land/js/ 48 KB
18 KB 85ms
85ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pentester.land/js/highlight.min.0f6c84cad9ce723f37693f4d84941b2527f773c7e340ca9e5f2a95e196384659d13b3c46be12bfbe5b14329f2e2aa6c727d3680e6d33f0e8914ad463bc17fc84.js

Requested by

Host: pentester.land
URL: https://pentester.land/writeups/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d374042dc4a6b523b96adbe0bfe5a00f5be103ead57d2cc7d40468d2f5192b4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentester.land/
Origin: https://pentester.land
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 17405
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
etag: W/"73a9d268cb0c1d1139a3aa6912255ddc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSryLe6ght11Hg%2BGLBDGcxXw1x3yuyDmx1Hwsm8JPt7WvT%2BMqrtURal6YnUKfq5XG5V2mO0%2Bs6I3l%2FZmyxyQEDy1LfeHUAVJLXMjcHvCvzE4GuHRQX%2FtevOchrvMos178w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: geolocation 'self'
vary: Accept-Encoding
cf-ray: 7e6b4462bf0c0eae-AMS
priority: u=3,i=?0

GET
H3 200 main.min.9dca0982b5ab665da737ca6255450dae5aecc7cd8cda743ecfe6d68825339198bf474d2e17197b5321019114601ebe128515db4816890fd2d11abf8fa3511e67.js Show response
pentester.land/ 22 KB
9 KB 86ms
85ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pentester.land/main.min.9dca0982b5ab665da737ca6255450dae5aecc7cd8cda743ecfe6d68825339198bf474d2e17197b5321019114601ebe128515db4816890fd2d11abf8fa3511e67.js

Requested by

Host: pentester.land
URL: https://pentester.land/writeups/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54919b3f6bda06855ac729452fadc6798afea83143ea316aa9059e9154682105

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentester.land/
Origin: https://pentester.land
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 17405
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
etag: W/"274db2bf5133af3a2c758c15b13d858e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7rd3KOfkoeenHRQsjXD9Vd5%2FqpgCksot3dLGD6i8mQVZL4zZZHub0MNNST2XVDG6EFES2LtH6UsFcyZCUBbJSNsUefZ%2BKWSoIUfeKlpsUPUwGN%2BMOhG1zIlPcfDSe0n1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: geolocation 'self'
vary: Accept-Encoding
cf-ray: 7e6b4462bf0e0eae-AMS
priority: u=3,i=?0

GET
H2 200 v2cb3a2ab87c5498db5ce7e6608cf55231689030342039 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 141ms
85ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
Requested by: Host: pentester.land
URL: https://pentester.land/writeups/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67

Request headers

Referer: https://pentester.land/
Origin: https://pentester.land
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:52 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 23:05:42 GMT
server: cloudflare
etag: W/2023.7.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7e6b44631e1eb97b-AMS

GET
DATA 200
OK truncated
/ 264 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3d7918d8d43e652b28e3d659ad0cbd8884d65b628ab37ed945199fadd7f6c26

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 writeups.json Show response
pentester.land/ 3 MB
460 KB 154ms
153ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pentester.land/writeups.json?_=1689353451913

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef32d98ab4077ef3708825bb5da85328575ab7ffd948208700ebf788e94a888

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://pentester.land/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 16:50:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
etag: W/"dcda49a55ac8abd858f08bc1b4e0ee12"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiJib1Z5huZ8Ecq%2BvtTlqn3af1ys5g%2Bndyj1cqsrr%2FN9AYincGTvx%2Bp%2BA4ObVp0S47NZem4sJ0IHceIVu4Tq9UdAGeAAzVrbr2AXDrvRPmg2UkT1QZD7COJiKw0yg2RNumFw8BvcAXmDOniEtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: geolocation 'self'
vary: Accept-Encoding
cf-ray: 7e6b4463e87e0eae-AMS
priority: u=1,i

POST
H3 204 rum Show response
pentester.land/cdn-cgi/ 0
140 B 113ms
112ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pentester.land/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pentester.land/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

date: Fri, 14 Jul 2023 16:50:52 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://pentester.land
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7e6b446479480eae-AMS

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline'; font-src * data:; img-src * data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.datatables.net
pentester.land
static.cloudflareinsights.com
2606:4700:10::6816:335d
2606:4700::6810:3865
2a00:1450:4001:80b::200a
2a06:98c1:3120::3
147f992cfc7ebe8436379c342e7043620f102b026e9d82e4a0ac7e5f08669c2d
1d374042dc4a6b523b96adbe0bfe5a00f5be103ead57d2cc7d40468d2f5192b4
54919b3f6bda06855ac729452fadc6798afea83143ea316aa9059e9154682105
73246c8456348484d4dfb8360acc2ec567c024970d1ffe137b7c46b7dfa98d9b
9c37552fecda8922a6fe77bc3ea11401a8ffc8c2aa6f4ecd9d0cfacace9ff4f5
9d3aefc756ce182b859047749164d335dbce2c8e44cf04f349069616199a4835
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67
b6ec88467d03e77c12b2583965e33f2f92bdd0ae916dd04f5a4a0d09c7ed21e9
c2440ba0b961b6b11b370af0ed2306fd9fff2efa69686f92d4e42fb70b934cde
c3d7918d8d43e652b28e3d659ad0cbd8884d65b628ab37ed945199fadd7f6c26
cd98748755ec9560f8bf9731a17f3ae1e3be2268d1c3d5c02aff4450c52eb5c7
ce08214c4185d69121e68d72a56e60f1c25ed5c57946908dd6e5eb99c88a635a
cef32d98ab4077ef3708825bb5da85328575ab7ffd948208700ebf788e94a888
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf8c0533dff0ea9b9060a066661e7d42c967da1ad3f52c1da742253ef651ce5
f3692e8e36d8553ee6008fb474eee0477eb8f649d94609c515d5665b78cdfc31

pentester.land Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

756 kBTransfer

3908 kBSize

0 Cookies

53 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

pentester.land Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

756 kB
Transfer

3908 kB
Size

0
Cookies

16 HTTP transactions
1 data transactions