blog.talosintelligence.com Open in urlscan Pro
2606:4700::6811:3b4c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/c/*W6gpMd37kPB4hW1sBLTf7BLmMP0/*N32hyMVXXRMyW7R-Whx85KstC0/5/f18dQhb0S8338Z99QFN59r2rlHyjJqV...
Effective URL:
https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALlji...
Submission: On February 19 via api (February 19th 2020, 6:17:18 pm UTC) from US

Summary HTTP 57 Redirects Links 111 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 57 HTTP transactions. The main IP is 2606:4700::6811:3b4c, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.talosintelligence.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on January 3rd 2020. Valid for: 6 months.

This is the only time blog.talosintelligence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6811:7db4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700::68... 2606:4700::6811:3b4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2a00:1450:400... 2a00:1450:4001:809::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2009	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:824::200d	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
57	9

2 2606:4700::6811:7db4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6811:3b4c (United States)

ASN13335 (CLOUDFLARENET, US)

blog.talosintelligence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.talosintelligence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2009 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img2.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	blogspot.com 1.bp.blogspot.com	2 MB
14	talosintelligence.com blog.talosintelligence.com www.talosintelligence.com	49 KB
7	gstatic.com fonts.gstatic.com	90 KB
7	blogger.com 1 redirects www.blogger.com	73 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	blogblog.com img2.blogblog.com resources.blogblog.com	1 KB
2	silobreaker.com 1 redirects info.silobreaker.com	3 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
1	google.com 1 redirects accounts.google.com	402 B
1	googleapis.com fonts.googleapis.com	1 KB
57	10

	Domain	Requested by
24	1.bp.blogspot.com	blog.talosintelligence.com
12	www.talosintelligence.com	blog.talosintelligence.com
7	fonts.gstatic.com	blog.talosintelligence.com
7	www.blogger.com	1 redirects blog.talosintelligence.com www.blogger.com
2	www.google-analytics.com	1 redirects blog.talosintelligence.com
2	blog.talosintelligence.com	info.silobreaker.com blog.talosintelligence.com
2	info.silobreaker.com	1 redirects
1	stats.g.doubleclick.net	blog.talosintelligence.com
1	accounts.google.com	1 redirects
1	resources.blogblog.com	blog.talosintelligence.com
1	img2.blogblog.com	blog.talosintelligence.com
1	fonts.googleapis.com	blog.talosintelligence.com
57	12

This site contains links to these domains. Also see Links.

Domain
www.talosintelligence.com
snort.org
www.clamav.net
www.spamcop.net
talosintelligence.com
1.bp.blogspot.com
twitter.com
attack.mitre.org
docs.microsoft.com
www.cisco.com
visualstudio.microsoft.com
sandsprite.com
github.com
meraki.cisco.com
umbrella.cisco.com
www.snort.org
www.blogger.com
www.facebook.com
www.reddit.com
blogs.cisco.com
blog.snort.org
feedproxy.google.com
blog.clamav.net
www.youtube.com
www.linkedin.com
tools.cisco.com

Subject Issuer	Validity	Valid
info.silobreaker.com CloudFlare Inc ECC CA-2	`2019-12-17` - `2020-10-09`	10 months	crt.sh
ssl400246.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-03` - `2020-07-11`	6 months	crt.sh
*.blogger.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
Frame ID: 89C85A57236E229FF476690BC9563F22
Requests: 56 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=5332709553657170976&blogspotRpcToken=5636078&bpli=1
Frame ID: F60588FE2E83E2A72A2360EB9D020A3D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/c/*W6gpMd37kPB4hW1sBLTf7BLmMP0/*N32hyMVXXRMyW7R-Whx85KstC0/5/f18dQhb0S83... Page URL
https://info.silobreaker.com/events/public/v1/track/c/*W6gpMd37kPB4hW1sBLTf7BLmMP0/*N32hyMVXXRMyW7R-Whx85... HTTP 307
https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1... Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

57
Requests

100 %
HTTPS

100 %
IPv6

10
Domains

12
Subdomains

9
IPs

3
Countries

1944 kB
Transfer

2266 kB
Size

1
Cookies

111 Outgoing links

These are links going to different origins than the main page.

URL: https://www.talosintelligence.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/software
Title: Software

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/vulnerability_info
Title: Vulnerability Information

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/vulnerability_reports
Title: Vulnerability Reports

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/ms_advisories
Title: Microsoft Advisories

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/reputation
Title: Reputation Center

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/reputation_center
Title: IP & Domain Reputation

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/talos_file_reputation
Title: Talos File Reputation

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/support
Title: Reputation Support

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/amp-naming
Title: AMP Threat Naming Conventions

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/documents/ip-blacklist
Title: IP Blacklist Download

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/awbo_intro
Title: AWBO Exercises

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/categories
Title: Categories

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/resources
Title: Library

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/community
Title: Support Communities

Search URL Search Domain Scan URL

URL: https://snort.org/community
Title: Snort Community

Search URL Search Domain Scan URL

URL: https://www.clamav.net/contact.html#ml
Title: ClamAV Community

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/reputation_center/support#reputation_center_support_ticket
Title: Reputation Center Support

Search URL Search Domain Scan URL

URL: https://www.spamcop.net/
Title: SpamCop

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/podcasts
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/podcasts/shows/beers_with_talos
Title: Beers with Talos

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/podcasts/shows/talos_takes
Title: Talos Takes

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/about
Title: About

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/users/auth/saml
Title: Cisco Login

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-SVowxL1lyPo/XkqYp_wJEKI/AAAAAAAAAWw/VLxzLRjypF0ikcdsxoIq3ogUG0Fr4UM8QCEwYBhgL/s1600/image17.png

Search URL Search Domain Scan URL

URL: https://twitter.com/vanjasvajcer
Title: Vanja Svajcer

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1127/
Title: T1127

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1500/
Title: T1500

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/visualstudio/msbuild/msbuild?view%3Dvs-2019
Title: MSBuild

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/threat-grid/index.html
Title: Cisco Threat Grid

Search URL Search Domain Scan URL

URL: https://visualstudio.microsoft.com/
Title: Microsoft Visual Studio

Search URL Search Domain Scan URL

URL: https://twitter.com/subTee
Title: Casey Smith

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview
Title: Windows Applocker

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/visualstudio/msbuild/msbuild-inline-tasks?view%3Dvs-2019
Title: inline task

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-yEcz-dTfPlw/XkqY-FqXQrI/AAAAAAAAAW4/gnm5Ukv5VO4eB1QKna-YpBy4MLt8eellQCEwYBhgL/s1600/image8.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-rfx2MvWYLpo/XkqZTOkYjhI/AAAAAAAAAXA/GQcecLb1R7wyVJeo7QBUZVR42nrHGmklgCEwYBhgL/s1600/image15.png

Search URL Search Domain Scan URL

URL: http://sandsprite.com/blogs/index.php?uid%3D7%26pid%3D152
Title: scdbg

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-9rfLm1ofeUA/XkqaUbX0ohI/AAAAAAAAAXM/BewzJO4tiFUl-ammQuYyKi5SKPmVEgEtwCEwYBhgL/s1600/image16.png

Search URL Search Domain Scan URL

URL: https://github.com/dzzie/VS_LIBEMU
Title: source code

Search URL Search Domain Scan URL

URL: https://github.com/cobbr/Covenant
Title: Covenant

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-FncXW7Z7VYM/Xku0ADg8o2I/AAAAAAAAAXU/ButuLmFwr9ErA7AqTZJZtZEvPLio3FHUgCLcBGAsYHQ/s1600/image11.png

Search URL Search Domain Scan URL

URL: https://github.com/trustedsec/nps_payload
Title: nps_payload

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-n2qq6sBIJyg/Xku0vXiWFoI/AAAAAAAAAXc/5q-bEzOLbngW5bKo9wOEqaQwaAgrHkyIgCLcBGAsYHQ/s1600/image12.jpg

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-YVZNNmQ9AR8/Xku0-VUP-EI/AAAAAAAAAXg/yvajE5nu4iISXIYbNXiHI6xJ_E14mRfNgCLcBGAsYHQ/s1600/image1.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-bKfeeZ0c-Kg/Xku1KlYA55I/AAAAAAAAAXo/OlBjJlAhwnk6NyDqfCo_3gk7d7_k8E24QCLcBGAsYHQ/s1600/image5.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-V3x1hhmTWkg/Xku1aouc9mI/AAAAAAAAAXw/K9auLJ4MQdAO0bBVzkLJv-SfrEsMJ2zvQCLcBGAsYHQ/s1600/image13.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-TUVmOvJ95O4/Xku1o6NANPI/AAAAAAAAAX0/xMX8izsY7FMD7yqu-x9gmM_AjCKAGctTwCLcBGAsYHQ/s1600/image18.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-JbRUt0gERr8/Xku11S5M5BI/AAAAAAAAAX8/FVGnVq0QeLgol2vqeEXJMrJNozlmQAccQCLcBGAsYHQ/s1600/image22.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-93LnJCogfM0/Xku2G34LCGI/AAAAAAAAAYI/lfA9iV4gMsAXh_eRm5l9Gyje0Nn6EHDBgCLcBGAsYHQ/s1600/image21.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-5JahWhPKlbQ/Xku2arHsegI/AAAAAAAAAYQ/HNl9W7DiSkUWoJS6aytqt74ozzzaIhXHACLcBGAsYHQ/s1600/image9.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-Lg7FLtr8g3g/Xku2zXEOxMI/AAAAAAAAAYY/6dnkNrBie2UkQDK2XFWv72QmNJkeYWmcQCLcBGAsYHQ/s1600/image3.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-t3j-4bWHAos/Xku276wz2WI/AAAAAAAAAYc/SWHZThxZt0EO6Ch_aujfSi4UGYszTWlxwCLcBGAsYHQ/s1600/image20.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-kx8eUlElDGA/Xku3Ma5_WmI/AAAAAAAAAYo/7KcDiLA9Plgk4j_ETWG7tsWxzjexP9WogCLcBGAsYHQ/s1600/image2.png

Search URL Search Domain Scan URL

URL: https://github.com/byt3bl33d3r/SILENTTRINITY
Title: Silent Trinity

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-DUtLVD4V0Ig/Xku34kd6QCI/AAAAAAAAAYw/A3UAH8hfSiQXkuHM6NkLhKKPKx63zRL_wCLcBGAsYHQ/s1600/image23.jpg

Search URL Search Domain Scan URL

URL: https://github.com/boo-lang/boo
Title: Boolang

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-ttM6NXUpEX8/Xku4DEvPkYI/AAAAAAAAAY0/5kUpCRrKnWIH-SJG2E0oYmrmH7orl-UNgCLcBGAsYHQ/s1600/image19.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-dW8132Ef7bg/Xku4M_cO8iI/AAAAAAAAAY8/zLQMhxejrwY9zHdYmI3zfWgRF7_IymD_ACLcBGAsYHQ/s1600/image7.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-Ng58b_VRFzQ/Xku4YDqGNEI/AAAAAAAAAZE/DBgIoo3S5KYiN31sZt9QSU3XThVr8VyEACLcBGAsYHQ/s1600/image6.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-XvQe9Veyk1w/Xku4rFCqkBI/AAAAAAAAAZQ/t-PkuHqqRMs46j6LKcBbuRx1e-vT5CUxwCLcBGAsYHQ/s1600/image4.png

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html
Title: Cisco AMP for Endpoints

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-xhIrBZgXIGM/Xku419kN8II/AAAAAAAAAZU/kqR-n91oKzMX6cF-Ojz4w3Gl7m7tDXbpQCLcBGAsYHQ/s1600/image14.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-vFkKf_Rc7X8/Xku5B7hM8pI/AAAAAAAAAZc/TBBbCJ0-LrYwrRHd3gTTR-EnfTjkniv4QCLcBGAsYHQ/s1600/image24.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-qJbz0WqNHm0/Xku5KGcFyHI/AAAAAAAAAZk/eclaviCPb2oRBM5EWTXPFDIG8EptifxuQCLcBGAsYHQ/s1600/image10.png

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/advanced-malware-protection
Title: AMP

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/cloud-web-security/index.html
Title: CWS

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/web-security-appliance/index.html
Title:

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/email-security-appliance/index.html
Title: Email Security

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/firewalls/index.html
Title: NGFW

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/security/intrusion-prevention-system-ips/index.html
Title: NGIPS

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/products/routers/branch-routers/index.html
Title:

Search URL Search Domain Scan URL

URL: https://meraki.cisco.com/products/appliances
Title:

Search URL Search Domain Scan URL

URL: https://www.cisco.com/c/en/us/solutions/enterprise-networks/amp-threat-grid/index.html
Title: AMP Threat Grid

Search URL Search Domain Scan URL

URL: https://umbrella.cisco.com/
Title: Umbrella

Search URL Search Domain Scan URL

URL: https://www.snort.org/products
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/18152595187998952871
Title: Vanja Svajcer

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=1029833275466591797&postID=5332709553657170976&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html&text=Building%20a%20bypass%20with%20MSBuild
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html&text=Building%20a%20bypass%20with%20MSBuild
Title:

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html&title=Building%20a%20bypass%20with%20MSBuild
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=5332709553657170976&blogspotRpcToken=5636078

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1029833275466591797&widgetType=HTML&widgetId=HTML1&action=editWidget&sectionId=sidebar
Title:

Search URL Search Domain Scan URL

URL: https://www.talosintelligence.com/blog_subscription
Title: Subscribe via Email

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1029833275466591797&widgetType=Subscribe&widgetId=Subscribe1&action=editWidget&sectionId=sidebar
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1029833275466591797&widgetType=BlogArchive&widgetId=BlogArchive1&action=editWidget&sectionId=sidebar
Title:

Search URL Search Domain Scan URL

URL: https://blogs.cisco.com/
Title: Cisco Blog

Search URL Search Domain Scan URL

URL: https://blogs.cisco.com/collaboration/is-your-contact-center-in-the-zone
Title: Is Your Contact Center “In the Zone”?

Search URL Search Domain Scan URL

URL: https://blog.snort.org/
Title: Snort Blog

Search URL Search Domain Scan URL

URL: https://feedproxy.google.com/~r/Snort/~3/3jl0MBKRMOQ/snort-rule-update-for-feb-18-2020.html
Title: Snort rule update for Feb. 18, 2020

Search URL Search Domain Scan URL

URL: http://blog.clamav.net/
Title: ClamAV® blog

Search URL Search Domain Scan URL

URL: https://feedproxy.google.com/~r/Clamav/~3/2jx-LxzGd6A/clamav-bugzilla-upgrade.html
Title: ClamAV Bugzilla Upgrade

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1029833275466591797&widgetType=BlogList&widgetId=BlogList1&action=editWidget&sectionId=sidebar
Title:

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/software
Title: Software

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/reputation_center
Title: Reputation Center

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/vulnerability_info
Title: Vulnerability Information

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/ms_advisories
Title: Microsoft Advisory Snort Rules

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/amp-naming
Title: AMP Naming Conventions

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/talos_file_reputation
Title: Talos File Reputation

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/awbo_intro
Title: AWBO Exercises

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/resources
Title: Library

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/community
Title: Support Communities

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/about
Title: About

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://talosintelligence.com/newsletters
Title: Threat Source Newsletter

Search URL Search Domain Scan URL

URL: https://twitter.com/talossecurity
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLFT-9JpKjRTDn_qtGN238gzycJfaVzMqD
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cisco-talos-intelligence-group/
Title:

Search URL Search Domain Scan URL

URL: https://tools.cisco.com/security/center/home.x
Title:

Search URL Search Domain Scan URL

URL: https://www.cisco.com/web/siteassets/legal/privacy_full.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/c/*W6gpMd37kPB4hW1sBLTf7BLmMP0/*N32hyMVXXRMyW7R-Whx85KstC0/5/f18dQhb0S8338Z99QFN59r2rlHyjJqVRYJF663BmrMN3hHhcNXL0jYVnQ9Qq8-ydbTW7Mcn0v4dNN-BW8W1JJt49krHrW8WBG_Z5mZ50NW58jf-C8XxZnCW5nDbFL30b0qzN4h_9myHBXg_W7qYg0b4fNtfrW75KQNZ6NtbTSVYSMLQ6G7FblW4DFfS36RrjzYN69Wb0qDLTkCW3zXP4k3KQrVsW8x14kw8n0wRSW6PkBj_2TxzYbW2gNM775PdpyGW4M16fr3SQhF6W2p3DX35t-Mf0W2xZQYJ1dBqv2W36pR8f2zSClDW42hmYk6ZY_JdW1HQYJ36PB4H9W8nGlh149kJ93W7Bp5bt3Cdk0dW3wv7Sm4bJcfNW2Rvxnj6ldTHsW2KCCGP1JkSWZW1xV7PD4J35SnW2N3DcQ5w3QzKW169fg05dN_WVW9302f15QkPXcW5vBYgk2ZqtjYN2dpqD7cTSRKVcSmDX6Wjslp102 Page URL
https://info.silobreaker.com/events/public/v1/track/c/*W6gpMd37kPB4hW1sBLTf7BLmMP0/*N32hyMVXXRMyW7R-Whx85KstC0/5/f18dQhb0S8338Z99QFN59r2rlHyjJqVRYJF663BmrMN3hHhcNXL0jYVnQ9Qq8-ydbTW7Mcn0v4dNN-BW8W1JJt49krHrW8WBG_Z5mZ50NW58jf-C8XxZnCW5nDbFL30b0qzN4h_9myHBXg_W7qYg0b4fNtfrW75KQNZ6NtbTSVYSMLQ6G7FblW4DFfS36RrjzYN69Wb0qDLTkCW3zXP4k3KQrVsW8x14kw8n0wRSW6PkBj_2TxzYbW2gNM775PdpyGW4M16fr3SQhF6W2p3DX35t-Mf0W2xZQYJ1dBqv2W36pR8f2zSClDW42hmYk6ZY_JdW1HQYJ36PB4H9W8nGlh149kJ93W7Bp5bt3Cdk0dW3wv7Sm4bJcfNW2Rvxnj6ldTHsW2KCCGP1JkSWZW1xV7PD4J35SnW2N3DcQ5w3QzKW169fg05dN_WVW9302f15QkPXcW5vBYgk2ZqtjYN2dpqD7cTSRKVcSmDX6Wjslp102?_ud=62132a4b-9c03-4b7b-b6e9-c85e0a0661c9&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=5332709553657170976&blogspotRpcToken=5636078 HTTP 302
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D1029833275466591797%26postID%3D5332709553657170976%26blogspotRpcToken%3D5636078%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D1029833275466591797%26postID%3D5332709553657170976%26blogspotRpcToken%3D5636078%26bpli%3D1&passive=true&go=true HTTP 302
https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=5332709553657170976&blogspotRpcToken=5636078&bpli=1

Request Chain 55

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=126655674&t=pageview&_s=1&dl=https%3A%2F%2Fblog.talosintelligence.com%2F2020%2F02%2Fbuilding-bypass-with-msbuild.html%3F_hsenc%3Dp2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow%26_hsmi%3D83585063&ul=en-us&de=UTF-8&dt=Talos%20Blog%20%7C%7C%20Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence%3A%20Building%20a%20bypass%20with%20MSBuild&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=731234295&gjid=1733190550&cid=62783340.1582136222&tid=UA-30016562-3&_gid=1496389781.1582136222&_r=1&z=1359826068 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30016562-3&cid=62783340.1582136222&jid=731234295&_gid=1496389781.1582136222&gjid=1733190550&_v=j81&z=1359826068

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 f18dQhb0S8338Z99QFN59r2rlHyjJqVRYJF663BmrMN3hHhcNXL0jYVnQ9Qq8-ydbTW7Mcn0v4dNN-BW8W1JJt49krHrW8WBG_Z5mZ50NW58jf-C8XxZnCW5nDbFL30b0qzN4h_9myHBXg_W7qYg0b4fNtfrW75KQNZ6NtbTSVYSMLQ6G7FblW4DFfS36RrjzYN69... Show response
info.silobreaker.com/e2t/c/*W6gpMd37kPB4hW1sBLTf7BLmMP0/*N32hyMVXXRMyW7R-Whx85KstC0/5/ 9 KB
3 KB 59ms
59ms Document
text/html 2606:4700::6811:7db4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/c/*W6gpMd37kPB4hW1sBLTf7BLmMP0/*N32hyMVXXRMyW7R-Whx85KstC0/5/f18dQhb0S8338Z99QFN59r2rlHyjJqVRYJF663BmrMN3hHhcNXL0jYVnQ9Qq8-ydbTW7Mcn0v4dNN-BW8W1JJt49krHrW8WBG_Z5mZ50NW58jf-C8XxZnCW5nDbFL30b0qzN4h_9myHBXg_W7qYg0b4fNtfrW75KQNZ6NtbTSVYSMLQ6G7FblW4DFfS36RrjzYN69Wb0qDLTkCW3zXP4k3KQrVsW8x14kw8n0wRSW6PkBj_2TxzYbW2gNM775PdpyGW4M16fr3SQhF6W2p3DX35t-Mf0W2xZQYJ1dBqv2W36pR8f2zSClDW42hmYk6ZY_JdW1HQYJ36PB4H9W8nGlh149kJ93W7Bp5bt3Cdk0dW3wv7Sm4bJcfNW2Rvxnj6ldTHsW2KCCGP1JkSWZW1xV7PD4J35SnW2N3DcQ5w3QzKW169fg05dN_WVW9302f15QkPXcW5vBYgk2ZqtjYN2dpqD7cTSRKVcSmDX6Wjslp102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c22f0c026dbd314f0d8d829c3e8aaf13e6e9c4c3d65127900b5bc1a529411c86

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/c/*W6gpMd37kPB4hW1sBLTf7BLmMP0/*N32hyMVXXRMyW7R-Whx85KstC0/5/f18dQhb0S8338Z99QFN59r2rlHyjJqVRYJF663BmrMN3hHhcNXL0jYVnQ9Qq8-ydbTW7Mcn0v4dNN-BW8W1JJt49krHrW8WBG_Z5mZ50NW58jf-C8XxZnCW5nDbFL30b0qzN4h_9myHBXg_W7qYg0b4fNtfrW75KQNZ6NtbTSVYSMLQ6G7FblW4DFfS36RrjzYN69Wb0qDLTkCW3zXP4k3KQrVsW8x14kw8n0wRSW6PkBj_2TxzYbW2gNM775PdpyGW4M16fr3SQhF6W2p3DX35t-Mf0W2xZQYJ1dBqv2W36pR8f2zSClDW42hmYk6ZY_JdW1HQYJ36PB4H9W8nGlh149kJ93W7Bp5bt3Cdk0dW3wv7Sm4bJcfNW2Rvxnj6ldTHsW2KCCGP1JkSWZW1xV7PD4J35SnW2N3DcQ5w3QzKW169fg05dN_WVW9302f15QkPXcW5vBYgk2ZqtjYN2dpqD7cTSRKVcSmDX6Wjslp102
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Wed, 19 Feb 2020 18:17:00 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d108c5b7b22f5d2a35220972bd5664d9b1582136220; expires=Fri, 20-Mar-20 18:17:00 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=eeb30e34cabccc9c5d8ab88891fefc00af0e2c0c-1582136220; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 567a3c33c8edd6e5-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request building-bypass-with-msbuild.html Show response
blog.talosintelligence.com/2020/02/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/c/*W6gpMd37kPB4hW1sBLTf7BLmMP0/*N32hyMVXXRMyW7R-Whx85KstC0/5/f18dQhb0S8338Z99QFN59r2rlHyjJqVRYJF663BmrMN3hHhcNXL0jYVnQ9Qq8-ydbTW7Mcn0v4dNN-BW8W1J...
https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063

181 KB
35 KB

508ms
474ms

Document
text/html

2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/c/*W6gpMd37kPB4hW1sBLTf7BLmMP0/*N32hyMVXXRMyW7R-Whx85KstC0/5/f18dQhb0S8338Z99QFN59r2rlHyjJqVRYJF663BmrMN3hHhcNXL0jYVnQ9Qq8-ydbTW7Mcn0v4dNN-BW8W1JJt49krHrW8WBG_Z5mZ50NW58jf-C8XxZnCW5nDbFL30b0qzN4h_9myHBXg_W7qYg0b4fNtfrW75KQNZ6NtbTSVYSMLQ6G7FblW4DFfS36RrjzYN69Wb0qDLTkCW3zXP4k3KQrVsW8x14kw8n0wRSW6PkBj_2TxzYbW2gNM775PdpyGW4M16fr3SQhF6W2p3DX35t-Mf0W2xZQYJ1dBqv2W36pR8f2zSClDW42hmYk6ZY_JdW1HQYJ36PB4H9W8nGlh149kJ93W7Bp5bt3Cdk0dW3wv7Sm4bJcfNW2Rvxnj6ldTHsW2KCCGP1JkSWZW1xV7PD4J35SnW2N3DcQ5w3QzKW169fg05dN_WVW9302f15QkPXcW5vBYgk2ZqtjYN2dpqD7cTSRKVcSmDX6Wjslp102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa3cf173967cdb9b805ecbdd85792899b5b6f09d5f2b593e3136f286b8280696

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: blog.talosintelligence.com
:scheme: https
:path: /2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://info.silobreaker.com/e2t/c/*W6gpMd37kPB4hW1sBLTf7BLmMP0/*N32hyMVXXRMyW7R-Whx85KstC0/5/f18dQhb0S8338Z99QFN59r2rlHyjJqVRYJF663BmrMN3hHhcNXL0jYVnQ9Qq8-ydbTW7Mcn0v4dNN-BW8W1JJt49krHrW8WBG_Z5mZ50NW58jf-C8XxZnCW5nDbFL30b0qzN4h_9myHBXg_W7qYg0b4fNtfrW75KQNZ6NtbTSVYSMLQ6G7FblW4DFfS36RrjzYN69Wb0qDLTkCW3zXP4k3KQrVsW8x14kw8n0wRSW6PkBj_2TxzYbW2gNM775PdpyGW4M16fr3SQhF6W2p3DX35t-Mf0W2xZQYJ1dBqv2W36pR8f2zSClDW42hmYk6ZY_JdW1HQYJ36PB4H9W8nGlh149kJ93W7Bp5bt3Cdk0dW3wv7Sm4bJcfNW2Rvxnj6ldTHsW2KCCGP1JkSWZW1xV7PD4J35SnW2N3DcQ5w3QzKW169fg05dN_WVW9302f15QkPXcW5vBYgk2ZqtjYN2dpqD7cTSRKVcSmDX6Wjslp102

Response headers

status: 200
date: Wed, 19 Feb 2020 18:17:01 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d42fe025470d10c0f155c69c85424ed4f1582136221; expires=Fri, 20-Mar-20 18:17:01 GMT; path=/; domain=.talosintelligence.com; HttpOnly; SameSite=Lax; Secure
expires: Wed, 19 Feb 2020 18:17:01 GMT
cache-control: private, max-age=0
last-modified: Wed, 19 Feb 2020 13:43:16 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 567a3c359a16178a-FRA
content-encoding: br

Redirect headers

status: 307
date: Wed, 19 Feb 2020 18:17:01 GMT
location: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
cf-ray: 567a3c343a87d6e5-FRA
link: <https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
server: cloudflare

GET
H2 200 3597120983-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
8 KB 27ms
6ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3597120983-css_bundle_v2.css

Requested by

Host: blog.talosintelligence.com
URL: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

869176cab64c36f92c6c1f8ffbe85919575d6b9995a54850e5925289f3a75078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 29 Jan 2020 18:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Jan 2020 13:14:54 GMT
server: sffe
age: 1815079
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7979
x-xss-protection: 0
expires: Thu, 28 Jan 2021 18:05:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1e2b40e2a910617d6e814ec22df7e52437bb6dc8fc0b6d6c75517455960708d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Feb 2020 18:17:01 GMT
server: ESF
date: Wed, 19 Feb 2020 18:17:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Feb 2020 18:17:01 GMT

GET
H2 200 image17.png
1.bp.blogspot.com/-SVowxL1lyPo/XkqYp_wJEKI/AAAAAAAAAWw/VLxzLRjypF0ikcdsxoIq3ogUG0Fr4UM8QCEwYBhgL/s640/ 193 KB
194 KB 32ms
11ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SVowxL1lyPo/XkqYp_wJEKI/AAAAAAAAAWw/VLxzLRjypF0ikcdsxoIq3ogUG0Fr4UM8QCEwYBhgL/s640/image17.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

51edda486902376b73da28df376694a01ee7124c22eade6ba992d24c71070639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image17.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 197946
x-xss-protection: 0
server: fife
etag: "v16c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 13:07:59 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
668 B 135ms
117ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1029833275466591797&zx=f9409e05-9514-4807-be11-e47c6e392e3a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 19 Feb 2020 18:17:01 GMT
server: GSE
date: Wed, 19 Feb 2020 18:17:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 image8.png
1.bp.blogspot.com/-yEcz-dTfPlw/XkqY-FqXQrI/AAAAAAAAAW4/gnm5Ukv5VO4eB1QKna-YpBy4MLt8eellQCEwYBhgL/s640/ 63 KB
63 KB 38ms
32ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-yEcz-dTfPlw/XkqY-FqXQrI/AAAAAAAAAW4/gnm5Ukv5VO4eB1QKna-YpBy4MLt8eellQCEwYBhgL/s640/image8.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bd4424ff4c90c9860cdfe22e34f2af008b62c5ae11840d7912be183e1db8e8b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image8.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 64096
x-xss-protection: 0
server: fife
etag: "v16e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 13:15:30 GMT

GET
H2 200 image15.png
1.bp.blogspot.com/-rfx2MvWYLpo/XkqZTOkYjhI/AAAAAAAAAXA/GQcecLb1R7wyVJeo7QBUZVR42nrHGmklgCEwYBhgL/s640/ 196 KB
197 KB 36ms
30ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rfx2MvWYLpo/XkqZTOkYjhI/AAAAAAAAAXA/GQcecLb1R7wyVJeo7QBUZVR42nrHGmklgCEwYBhgL/s640/image15.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e16838a5484ab27d1800cc62cac561b4503ffebfa11fd4b116a5f9eff4bcb4c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image15.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 201068
x-xss-protection: 0
server: fife
etag: "v170"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 13:15:30 GMT

GET
H2 200 image16.png
1.bp.blogspot.com/-9rfLm1ofeUA/XkqaUbX0ohI/AAAAAAAAAXM/BewzJO4tiFUl-ammQuYyKi5SKPmVEgEtwCEwYBhgL/s640/ 84 KB
84 KB 35ms
29ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-9rfLm1ofeUA/XkqaUbX0ohI/AAAAAAAAAXM/BewzJO4tiFUl-ammQuYyKi5SKPmVEgEtwCEwYBhgL/s640/image16.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8065844523ae0f7b0d2191b0d087ee3179cba0b6356082234081f3d0b2feccbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image16.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 85544
x-xss-protection: 0
server: fife
etag: "v173"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 13:15:30 GMT

GET
H2 200 image11.png
1.bp.blogspot.com/-FncXW7Z7VYM/Xku0ADg8o2I/AAAAAAAAAXU/ButuLmFwr9ErA7AqTZJZtZEvPLio3FHUgCLcBGAsYHQ/s640/ 113 KB
113 KB 34ms
29ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-FncXW7Z7VYM/Xku0ADg8o2I/AAAAAAAAAXU/ButuLmFwr9ErA7AqTZJZtZEvPLio3FHUgCLcBGAsYHQ/s640/image11.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb7c712befd9134921e69e20d35d317813e918d0eee0dc049504f42c5abbbbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image11.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 115761
x-xss-protection: 0
server: fife
etag: "v176"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:11 GMT

GET
H2 200 image12.jpg
1.bp.blogspot.com/-n2qq6sBIJyg/Xku0vXiWFoI/AAAAAAAAAXc/5q-bEzOLbngW5bKo9wOEqaQwaAgrHkyIgCLcBGAsYHQ/s640/ 10 KB
10 KB 34ms
28ms Image
image/jpeg 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-n2qq6sBIJyg/Xku0vXiWFoI/AAAAAAAAAXc/5q-bEzOLbngW5bKo9wOEqaQwaAgrHkyIgCLcBGAsYHQ/s640/image12.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4f4cb666814825ae53899ceb67a612bbbe773ae8c8d5957de1579d0a803eb7c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image12.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10560
x-xss-protection: 0
server: fife
etag: "v179"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:11 GMT

GET
H2 200 image1.png
1.bp.blogspot.com/-YVZNNmQ9AR8/Xku0-VUP-EI/AAAAAAAAAXg/yvajE5nu4iISXIYbNXiHI6xJ_E14mRfNgCLcBGAsYHQ/s640/ 44 KB
44 KB 33ms
28ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-YVZNNmQ9AR8/Xku0-VUP-EI/AAAAAAAAAXg/yvajE5nu4iISXIYbNXiHI6xJ_E14mRfNgCLcBGAsYHQ/s640/image1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

459a4fcc636138264d5d1f044f24571257e1438948ac833e7a8ac87af8f18573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:39:37 GMT
x-content-type-options: nosniff
age: 2244
status: 200
content-disposition: inline;filename="image1.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 45143
x-xss-protection: 0
server: fife
etag: "v17b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:12 GMT

GET
H2 200 image5.png
1.bp.blogspot.com/-bKfeeZ0c-Kg/Xku1KlYA55I/AAAAAAAAAXo/OlBjJlAhwnk6NyDqfCo_3gk7d7_k8E24QCLcBGAsYHQ/s640/ 83 KB
83 KB 33ms
27ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-bKfeeZ0c-Kg/Xku1KlYA55I/AAAAAAAAAXo/OlBjJlAhwnk6NyDqfCo_3gk7d7_k8E24QCLcBGAsYHQ/s640/image5.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

adf4bebb7e38a82cda79716b1af2430016e918481c5f37ad9d5dc43ab0052df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image5.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 85312
x-xss-protection: 0
server: fife
etag: "v17b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:11 GMT

GET
H2 200 image13.png
1.bp.blogspot.com/-V3x1hhmTWkg/Xku1aouc9mI/AAAAAAAAAXw/K9auLJ4MQdAO0bBVzkLJv-SfrEsMJ2zvQCLcBGAsYHQ/s640/ 36 KB
36 KB 32ms
27ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-V3x1hhmTWkg/Xku1aouc9mI/AAAAAAAAAXw/K9auLJ4MQdAO0bBVzkLJv-SfrEsMJ2zvQCLcBGAsYHQ/s640/image13.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

252715a48b1d172741e11030b6e805620794883d6534081a441402bf477ed7a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image13.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 36596
x-xss-protection: 0
server: fife
etag: "v17e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:12 GMT

GET
H2 200 image18.png
1.bp.blogspot.com/-TUVmOvJ95O4/Xku1o6NANPI/AAAAAAAAAX0/xMX8izsY7FMD7yqu-x9gmM_AjCKAGctTwCLcBGAsYHQ/s640/ 36 KB
36 KB 32ms
27ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-TUVmOvJ95O4/Xku1o6NANPI/AAAAAAAAAX0/xMX8izsY7FMD7yqu-x9gmM_AjCKAGctTwCLcBGAsYHQ/s640/image18.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b4e2f477f2e9fc887015e5e8be6cc14a48a7b3cfbdd2e07dc7457f2fd278fdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image18.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 36604
x-xss-protection: 0
server: fife
etag: "v180"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:12 GMT

GET
H2 200 image22.png
1.bp.blogspot.com/-JbRUt0gERr8/Xku11S5M5BI/AAAAAAAAAX8/FVGnVq0QeLgol2vqeEXJMrJNozlmQAccQCLcBGAsYHQ/s640/ 61 KB
61 KB 31ms
26ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-JbRUt0gERr8/Xku11S5M5BI/AAAAAAAAAX8/FVGnVq0QeLgol2vqeEXJMrJNozlmQAccQCLcBGAsYHQ/s640/image22.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a65e629cebf7cadd25ec10af3b6753376c8e647ddeab4008527315a0ae082873

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image22.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: fife
etag: "v181"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:12 GMT

GET
H2 200 image21.png
1.bp.blogspot.com/-93LnJCogfM0/Xku2G34LCGI/AAAAAAAAAYI/lfA9iV4gMsAXh_eRm5l9Gyje0Nn6EHDBgCLcBGAsYHQ/s640/ 90 KB
90 KB 30ms
25ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-93LnJCogfM0/Xku2G34LCGI/AAAAAAAAAYI/lfA9iV4gMsAXh_eRm5l9Gyje0Nn6EHDBgCLcBGAsYHQ/s640/image21.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

75ea37f0b11d6370e353247578091c66fc3ae6a6be27e6932b76d32a5b2cd3a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image21.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92410
x-xss-protection: 0
server: fife
etag: "v183"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:12 GMT

GET
H2 200 image9.png
1.bp.blogspot.com/-5JahWhPKlbQ/Xku2arHsegI/AAAAAAAAAYQ/HNl9W7DiSkUWoJS6aytqt74ozzzaIhXHACLcBGAsYHQ/s640/ 18 KB
18 KB 30ms
25ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5JahWhPKlbQ/Xku2arHsegI/AAAAAAAAAYQ/HNl9W7DiSkUWoJS6aytqt74ozzzaIhXHACLcBGAsYHQ/s640/image9.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

07946aa14beed0e252d9d3d9352e6cf776212dac9cbf3def7a4d7b5f0554e378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image9.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18769
x-xss-protection: 0
server: fife
etag: "v185"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:12 GMT

GET
H2 200 image3.png
1.bp.blogspot.com/-Lg7FLtr8g3g/Xku2zXEOxMI/AAAAAAAAAYY/6dnkNrBie2UkQDK2XFWv72QmNJkeYWmcQCLcBGAsYHQ/s640/ 119 KB
120 KB 29ms
24ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Lg7FLtr8g3g/Xku2zXEOxMI/AAAAAAAAAYY/6dnkNrBie2UkQDK2XFWv72QmNJkeYWmcQCLcBGAsYHQ/s640/image3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b48d885fd43520848167f8a77f4910deae63a1ef74f51dac07be9c2367ce133e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image3.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 122315
x-xss-protection: 0
server: fife
etag: "v188"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:12 GMT

GET
H2 200 image20.png
1.bp.blogspot.com/-t3j-4bWHAos/Xku276wz2WI/AAAAAAAAAYc/SWHZThxZt0EO6Ch_aujfSi4UGYszTWlxwCLcBGAsYHQ/s640/ 124 KB
124 KB 20ms
15ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-t3j-4bWHAos/Xku276wz2WI/AAAAAAAAAYc/SWHZThxZt0EO6Ch_aujfSi4UGYszTWlxwCLcBGAsYHQ/s640/image20.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

487081aeec2c30b74f0e7445ea097cbb460da77f5a5cffae1e335c1c89cbc781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image20.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 127053
x-xss-protection: 0
server: fife
etag: "v189"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:12 GMT

GET
H2 200 image2.png
1.bp.blogspot.com/-kx8eUlElDGA/Xku3Ma5_WmI/AAAAAAAAAYo/7KcDiLA9Plgk4j_ETWG7tsWxzjexP9WogCLcBGAsYHQ/s640/ 30 KB
30 KB 19ms
14ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-kx8eUlElDGA/Xku3Ma5_WmI/AAAAAAAAAYo/7KcDiLA9Plgk4j_ETWG7tsWxzjexP9WogCLcBGAsYHQ/s640/image2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0416627ce1dca94f674d4119fe5aefb867a44b60fcd49deadb6fdd7b9c9c5fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image2.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30455
x-xss-protection: 0
server: fife
etag: "v18b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:12 GMT

GET
H2 200 image23.jpg
1.bp.blogspot.com/-DUtLVD4V0Ig/Xku34kd6QCI/AAAAAAAAAYw/A3UAH8hfSiQXkuHM6NkLhKKPKx63zRL_wCLcBGAsYHQ/s640/ 16 KB
16 KB 18ms
14ms Image
image/jpeg 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-DUtLVD4V0Ig/Xku34kd6QCI/AAAAAAAAAYw/A3UAH8hfSiQXkuHM6NkLhKKPKx63zRL_wCLcBGAsYHQ/s640/image23.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e76e72182f4f6b321f236e39a9bd64c80dc9459c5a89d70845538e52b782fafb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image23.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16115
x-xss-protection: 0
server: fife
etag: "v18e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:13 GMT

GET
H2 200 image19.png
1.bp.blogspot.com/-ttM6NXUpEX8/Xku4DEvPkYI/AAAAAAAAAY0/5kUpCRrKnWIH-SJG2E0oYmrmH7orl-UNgCLcBGAsYHQ/s640/ 82 KB
82 KB 26ms
22ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ttM6NXUpEX8/Xku4DEvPkYI/AAAAAAAAAY0/5kUpCRrKnWIH-SJG2E0oYmrmH7orl-UNgCLcBGAsYHQ/s640/image19.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

80592c64c392e852756a0b951655be1cdfbb0bdbec1402bc4b91156924ba7773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image19.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84111
x-xss-protection: 0
server: fife
etag: "v190"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:13 GMT

GET
H2 200 image7.png
1.bp.blogspot.com/-dW8132Ef7bg/Xku4M_cO8iI/AAAAAAAAAY8/zLQMhxejrwY9zHdYmI3zfWgRF7_IymD_ACLcBGAsYHQ/s640/ 84 KB
85 KB 25ms
21ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-dW8132Ef7bg/Xku4M_cO8iI/AAAAAAAAAY8/zLQMhxejrwY9zHdYmI3zfWgRF7_IymD_ACLcBGAsYHQ/s640/image7.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

67b234f4695714bc282c2d4cbcd7514edf0fe758c9c4bb873cd5a8232ee05cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image7.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 86517
x-xss-protection: 0
server: fife
etag: "v192"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:13 GMT

GET
H2 200 image6.png
1.bp.blogspot.com/-Ng58b_VRFzQ/Xku4YDqGNEI/AAAAAAAAAZE/DBgIoo3S5KYiN31sZt9QSU3XThVr8VyEACLcBGAsYHQ/s640/ 76 KB
76 KB 24ms
19ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Ng58b_VRFzQ/Xku4YDqGNEI/AAAAAAAAAZE/DBgIoo3S5KYiN31sZt9QSU3XThVr8VyEACLcBGAsYHQ/s640/image6.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e8e8761e1f722fc370dc9f3484c1e23be4c06be0f0ed5d577516aaf0c179dec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image6.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 77844
x-xss-protection: 0
server: fife
etag: "v193"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:13 GMT

GET
H2 200 image4.png
1.bp.blogspot.com/-XvQe9Veyk1w/Xku4rFCqkBI/AAAAAAAAAZQ/t-PkuHqqRMs46j6LKcBbuRx1e-vT5CUxwCLcBGAsYHQ/s640/ 38 KB
38 KB 23ms
18ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-XvQe9Veyk1w/Xku4rFCqkBI/AAAAAAAAAZQ/t-PkuHqqRMs46j6LKcBbuRx1e-vT5CUxwCLcBGAsYHQ/s640/image4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7c811ad76167dea3268f42bb56b18e89b519bc326c05ebd7e7c6bc993e9183fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image4.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38461
x-xss-protection: 0
server: fife
etag: "v196"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:13 GMT

GET
H2 200 image14.png
1.bp.blogspot.com/-xhIrBZgXIGM/Xku419kN8II/AAAAAAAAAZU/kqR-n91oKzMX6cF-Ojz4w3Gl7m7tDXbpQCLcBGAsYHQ/s640/ 36 KB
36 KB 22ms
18ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-xhIrBZgXIGM/Xku419kN8II/AAAAAAAAAZU/kqR-n91oKzMX6cF-Ojz4w3Gl7m7tDXbpQCLcBGAsYHQ/s640/image14.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bad1b0db448c0b3b52b4ad21b8a17b8200b51c719689d6a5457d85087d4fd993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image14.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37081
x-xss-protection: 0
server: fife
etag: "v198"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:13 GMT

GET
H2 200 image24.png
1.bp.blogspot.com/-vFkKf_Rc7X8/Xku5B7hM8pI/AAAAAAAAAZc/TBBbCJ0-LrYwrRHd3gTTR-EnfTjkniv4QCLcBGAsYHQ/s640/ 43 KB
43 KB 21ms
17ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-vFkKf_Rc7X8/Xku5B7hM8pI/AAAAAAAAAZc/TBBbCJ0-LrYwrRHd3gTTR-EnfTjkniv4QCLcBGAsYHQ/s640/image24.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cc75743e30500df3656b7e0e48ded7e9796e0d9f2353f5183bf3ab3829055cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image24.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43679
x-xss-protection: 0
server: fife
etag: "v19a"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:13 GMT

GET
H2 200 image10.png
1.bp.blogspot.com/-qJbz0WqNHm0/Xku5KGcFyHI/AAAAAAAAAZk/eclaviCPb2oRBM5EWTXPFDIG8EptifxuQCLcBGAsYHQ/s1600/ 31 KB
31 KB 20ms
16ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-qJbz0WqNHm0/Xku5KGcFyHI/AAAAAAAAAZk/eclaviCPb2oRBM5EWTXPFDIG8EptifxuQCLcBGAsYHQ/s1600/image10.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9592ee00cf58b080c405caa22d076284c8fb874d984f40edef0c59f0bdb1d830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 17:44:16 GMT
x-content-type-options: nosniff
age: 1965
status: 200
content-disposition: inline;filename="image10.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31846
x-xss-protection: 0
server: fife
etag: "v19b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 Feb 2020 12:36:13 GMT

GET
H2 200 icon18_edit_allbkg.gif
img2.blogblog.com/img/ 162 B
491 B 53ms
7ms Image
image/gif 2a00:1450:4001:821::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 17:13:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 Feb 2020 17:23:34 GMT
server: sffe
age: 90228
content-type: image/gif
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 162
x-xss-protection: 0
expires: Tue, 25 Feb 2020 17:13:13 GMT

GET
H2 200 icon_fb-share_grey.svg
www.talosintelligence.com/assets/ 851 B
637 B 79ms
42ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_fb-share_grey.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5753dfae9cdac414e27b1b74973e9041d76173a44fe2151bdecc03e13599da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68677
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: e978cfbc-a5bb-493d-abda-edd5f57b5e04
x-runtime: 0.002565
server: cloudflare
etag: W/"ba5753dfae9cdac414e27b1b74973e9041d76173a44fe2151bdecc03e13599da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=60
cf-ray: 567a3c392c4b178a-FRA
expires: Wed, 19 Feb 2020 18:18:01 GMT

GET
H2 200 icon_tw-share_grey.svg
www.talosintelligence.com/assets/ 1 KB
908 B 89ms
52ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_tw-share_grey.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f23e9081ad69daedd9c1e7c4cd22513ba3ac3160b3a032d55a307c91be730920

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68677
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: a01e71ea-b78c-4301-906e-a2889e5ee62a
x-runtime: 0.002467
server: cloudflare
etag: W/"f23e9081ad69daedd9c1e7c4cd22513ba3ac3160b3a032d55a307c91be730920"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=60
cf-ray: 567a3c392c46178a-FRA
expires: Wed, 19 Feb 2020 18:18:01 GMT

GET
H2 200 icon_re-share_grey.svg
www.talosintelligence.com/assets/ 3 KB
1 KB 74ms
37ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_re-share_grey.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fb32319c8ca714cbddda23041581d8ebae13d6ad925913f5b26e1664d680d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68677
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: fb8929ea-7c4b-40d8-9632-c52e11d465b4
x-runtime: 0.002813
server: cloudflare
etag: W/"b0fb32319c8ca714cbddda23041581d8ebae13d6ad925913f5b26e1664d680d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=60
cf-ray: 567a3c392c4a178a-FRA
expires: Wed, 19 Feb 2020 18:18:01 GMT

GET
H2 200 icon_em-share_grey.svg
www.talosintelligence.com/assets/ 835 B
645 B 104ms
67ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_em-share_grey.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1179f7c2d10f3ea42022f84cca8cadf9cc17acb9d2e928c79961d753b5d89275

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68676
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: 65ab83c5-0b35-4e66-ad8a-060bfdf40a49
x-runtime: 0.002158
server: cloudflare
etag: W/"1179f7c2d10f3ea42022f84cca8cadf9cc17acb9d2e928c79961d753b5d89275"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=60
cf-ray: 567a3c392c44178a-FRA
expires: Wed, 19 Feb 2020 18:18:01 GMT

GET
H2 200 887538653-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 12 KB
12 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/887538653-comment_from_post_iframe.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ced42c9b3db0678b5cce67b9797e6ec7c045da3309d13eda38663e91844ea48f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 13 Feb 2020 23:31:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Feb 2020 21:26:24 GMT
server: sffe
age: 499506
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11990
x-xss-protection: 0
expires: Fri, 12 Feb 2021 23:31:55 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
613 B 15ms
11ms Image
image/png 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 04:29:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 Feb 2020 14:18:47 GMT
server: sffe
age: 49678
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 475
x-xss-protection: 0
expires: Wed, 26 Feb 2020 04:29:03 GMT

GET
H2 200 icon_rss_orange.svg
www.talosintelligence.com/assets/ 1 KB
883 B 66ms
30ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_rss_orange.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29ec20506c9a93aaf3444bd98e2ecd22fe41b085002c9cdf1b1e1f8c2dc931f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72794
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: 4f5264f8-3274-48ca-aa3d-e56ba2283b29
x-runtime: 0.002772
server: cloudflare
etag: W/"29ec20506c9a93aaf3444bd98e2ecd22fe41b085002c9cdf1b1e1f8c2dc931f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=60
cf-ray: 567a3c392c49178a-FRA
expires: Wed, 19 Feb 2020 18:18:01 GMT

GET
H2 200 icon_email_orange.svg
www.talosintelligence.com/assets/ 839 B
667 B 62ms
25ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_email_orange.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f352db86262c5cbe0af82f15f00b097c7bb8fae116d50cd615540970f03b3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68676
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: bc728138-2012-4790-b1d5-9e3591b3d5a7
x-runtime: 0.002621
server: cloudflare
etag: W/"3f352db86262c5cbe0af82f15f00b097c7bb8fae116d50cd615540970f03b3da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=60
cf-ray: 567a3c392c45178a-FRA
expires: Wed, 19 Feb 2020 18:18:01 GMT

GET
H2 200 footer_icon_tw.svg
www.talosintelligence.com/assets/ 1 KB
919 B 34ms
34ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/footer_icon_tw.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc0e96790d3264696a88a27c94294f32187c98547bcc5f0aaa422f8ddfb69dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68676
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: e5ec57d3-4245-49b6-b5cf-4b068118532e
x-runtime: 0.002447
server: cloudflare
etag: W/"bc0e96790d3264696a88a27c94294f32187c98547bcc5f0aaa422f8ddfb69dd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=60
cf-ray: 567a3c395cdb178a-FRA
expires: Wed, 19 Feb 2020 18:18:01 GMT

GET
H2 200 footer_icon_yt.svg
www.talosintelligence.com/assets/ 1 KB
797 B 43ms
43ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/footer_icon_yt.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b812952e2ecbdd529f7423a246bca7bdba383e2bb484730a7895dc884e87446c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68676
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: 20968cfa-25fc-4378-8b4b-c18f24ca7836
x-runtime: 0.006927
server: cloudflare
etag: W/"b812952e2ecbdd529f7423a246bca7bdba383e2bb484730a7895dc884e87446c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=60
cf-ray: 567a3c396d10178a-FRA
expires: Wed, 19 Feb 2020 18:18:01 GMT

GET
H2 200 footer_icon_li.svg
www.talosintelligence.com/assets/ 1013 B
896 B 33ms
33ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/footer_icon_li.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd0ddcd91a27b1c50c11176142adcf7f1f7bd4ab581b1f04518f681674889461

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68676
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: d6ca52c9-9b98-4257-8b1d-855d78f462d5
x-runtime: 0.003685
server: cloudflare
etag: W/"bd0ddcd91a27b1c50c11176142adcf7f1f7bd4ab581b1f04518f681674889461"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=60
cf-ray: 567a3c397d18178a-FRA
expires: Wed, 19 Feb 2020 18:18:01 GMT

GET
H2 200 logo_cisco_grey.svg
www.talosintelligence.com/assets/ 7 KB
2 KB 31ms
31ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/logo_cisco_grey.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26f5ea290915effad3bcafe2acabaad611aefc3a6ecee6fa50322de01686545c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68676
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: 72ca7a1f-e6b8-4039-9b86-a27b07bad9d8
x-runtime: 0.002017
server: cloudflare
etag: W/"26f5ea290915effad3bcafe2acabaad611aefc3a6ecee6fa50322de01686545c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=60
cf-ray: 567a3c397d42178a-FRA
expires: Wed, 19 Feb 2020 18:18:01 GMT

GET
H2 200 cookienotice.js Show response
blog.talosintelligence.com/js/ 6 KB
2 KB 78ms
75ms Script
text/javascript 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.talosintelligence.com/js/cookienotice.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 167700
status: 200
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 0
last-modified: Mon, 17 Feb 2020 18:15:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
cf-ray: 567a3c38fb6f178a-FRA
expires: Wed, 26 Feb 2020 18:17:01 GMT

GET
H2 200 2913858171-widgets.js Show response
www.blogger.com/static/v1/widgets/ 140 KB
52 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2913858171-widgets.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e568821d9f0cbdef3fab2c414be5281ca48fb751c67364350ebdebebaa6fcf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 23:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Feb 2020 22:07:19 GMT
server: sffe
age: 154020
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 52797
x-xss-protection: 0
expires: Tue, 16 Feb 2021 23:30:01 GMT

GET
H2 200 logo_cisco_white.svg
www.talosintelligence.com/assets/ 4 KB
1 KB 50ms
43ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/logo_cisco_white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5d2405df2a95c974d5c0771e3a45b2dea1a2c2824cf6a917a605bf4a967c86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68676
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: 35a1b955-1340-49ff-b86e-b61e73951b42
x-runtime: 0.003244
server: cloudflare
etag: W/"e5d2405df2a95c974d5c0771e3a45b2dea1a2c2824cf6a917a605bf4a967c86d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=60
cf-ray: 567a3c392c42178a-FRA
expires: Wed, 19 Feb 2020 18:18:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono
Origin: https://blog.talosintelligence.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:12:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 2361886
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:12:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono
Origin: https://blog.talosintelligence.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 19:10:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2329590
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 22 Jan 2021 19:10:31 GMT

GET
H2 200 7cHrv4okm5zmbt6TDvs7wH8Dnzcj.woff2
fonts.gstatic.com/s/exo2/v7/ 14 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v7/7cHrv4okm5zmbt6TDvs7wH8Dnzcj.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64a6c8dff13dc643ac3093a429f0b2fc38df71f321707ee8cc12bd52dc9c6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono
Origin: https://blog.talosintelligence.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 19:34:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Sep 2019 20:42:34 GMT
server: sffe
age: 1291331
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14772
x-xss-protection: 0
expires: Wed, 03 Feb 2021 19:34:50 GMT

GET
H2 200 7cHmv4okm5zmbtYoK-4W4nIp.woff2
fonts.gstatic.com/s/exo2/v7/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v7/7cHmv4okm5zmbtYoK-4W4nIp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e1f19a7e29d14226024f5c7a3347a91f90aa24fb5079a2661bccf7655a02d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono
Origin: https://blog.talosintelligence.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 18 Jan 2020 01:28:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Sep 2019 20:42:49 GMT
server: sffe
age: 2825321
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14552
x-xss-protection: 0
expires: Sun, 17 Jan 2021 01:28:20 GMT

GET
H2 200 7cHrv4okm5zmbt7bCPs7wH8Dnzcj.woff2
fonts.gstatic.com/s/exo2/v7/ 14 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v7/7cHrv4okm5zmbt7bCPs7wH8Dnzcj.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5880a3ec5786106a403afe265075af7c97914adec4d5bd610edacc2cd07ef24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono
Origin: https://blog.talosintelligence.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 18 Jan 2020 01:07:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Sep 2019 20:42:52 GMT
server: sffe
age: 2826569
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14552
x-xss-protection: 0
expires: Sun, 17 Jan 2021 01:07:32 GMT

GET
H2 200 N0bX2SlFPv1weGeLZDtgJv7Ss9XZYQ.woff2
fonts.gstatic.com/s/firamono/v8/ 11 KB
11 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firamono/v8/N0bX2SlFPv1weGeLZDtgJv7Ss9XZYQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3fcb25354cf1e6fe068a6a83a9819574421125e1f475d0a4eac07aa912b4dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono
Origin: https://blog.talosintelligence.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 02:18:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:48:06 GMT
server: sffe
age: 1785535
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 29 Jan 2021 02:18:06 GMT

GET
H2

200

comment-iframe.g
www.blogger.com/ Frame F605
Redirect Chain

https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=5332709553657170976&blogspotRpcToken=5636078
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D1029833275466591797%26postID%3D5332709553657170976%26blogspotRpcToken%3D5636078%26bpli%3D1&follow...
https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=5332709553657170976&blogspotRpcToken=5636078&bpli=1

0
0

190ms
190ms

Document
text/html

2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=5332709553657170976&blogspotRpcToken=5636078&bpli=1

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/887538653-comment_from_post_iframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /comment-iframe.g?blogID=1029833275466591797&postID=5332709553657170976&blogspotRpcToken=5636078&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 19 Feb 2020 18:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1743
server: GSE
set-cookie: S=blogger=s1szDINjAcbNoGMaQzM2wmtqHKe1u8DC; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 19 Feb 2020 18:17:02 GMT
location: https://www.blogger.com/comment-iframe.g?blogID=1029833275466591797&postID=5332709553657170976&blogspotRpcToken=5636078&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-qg+QakYXrOdT7Ob4HwOv1A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 256
server: GSE
set-cookie: GAPS=1:TqlcQacxDbfZminajLt4ceN0f7fgcQ:VAzaQZUwikfM5FB1;Path=/;Expires=Fri, 18-Feb-2022 18:17:02 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 icon_search.svg
www.talosintelligence.com/assets/ 1 KB
723 B 34ms
34ms Image
image/svg+xml 2606:4700::6811:3b4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talosintelligence.com/assets/icon_search.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3b4c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ec2e33c88eec72d7050b474be41d3e79282421602d9120efc96d620b911c60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 18:17:01 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68676
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-request-id: 6ffa36d4-3518-4b78-a655-3482c1829193
x-runtime: 0.003551
server: cloudflare
etag: W/"1ec2e33c88eec72d7050b474be41d3e79282421602d9120efc96d620b911c60e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=60
cf-ray: 567a3c396cf4178a-FRA
expires: Wed, 19 Feb 2020 18:18:01 GMT

GET
H2 200 7cHrv4okm5zmbt6DCfs7wH8Dnzcj.woff2
fonts.gstatic.com/s/exo2/v7/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v7/7cHrv4okm5zmbt6DCfs7wH8Dnzcj.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24aaaace90646eb2bcba2bb7752bd66268e6e8643eaa2064c0da850d29256e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400|Exo+2:500,400,300,100,700|Fira+Mono
Origin: https://blog.talosintelligence.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 00:01:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Sep 2019 20:42:30 GMT
server: sffe
age: 497708
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14368
x-xss-protection: 0
expires: Sat, 13 Feb 2021 00:01:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6209
date: Wed, 19 Feb 2020 16:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 19 Feb 2020 18:33:32 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
114 B 571ms
570ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1029833275466591797&zx=f9409e05-9514-4807-be11-e47c6e392e3a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 19 Feb 2020 18:17:02 GMT
server: GSE
date: Wed, 19 Feb 2020 18:17:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=126655674&t=pageview&_s=1&dl=https%3A%2F%2Fblog.talosintelligence.com%2F2020%2F02%2Fbuilding-bypass-with-msbuild.html%3F_hsenc%3Dp2ANqtz--5Ge...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30016562-3&cid=62783340.1582136222&jid=731234295&_gid=1496389781.1582136222&gjid=1733190550&_v=j81&z=1359826068

35 B
102 B

14ms
14ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30016562-3&cid=62783340.1582136222&jid=731234295&_gid=1496389781.1582136222&gjid=1733190550&_v=j81&z=1359826068

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 19 Feb 2020 18:17:01 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Feb 2020 18:17:01 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30016562-3&cid=62783340.1582136222&jid=731234295&_gid=1496389781.1582136222&gjid=1733190550&_v=j81&z=1359826068
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.blogger.com/	1969-12-31 23:59:59	Name: S Value: blogger=s1szDINjAcbNoGMaQzM2wmtqHKe1u8DC

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/c/W6gpMd37kPB4hW1sBLTf7BLmMP0/N32hyMVXXRMyW7R-Whx85KstC0/5/f18dQhb0S8338Z99QFN59r2rlHyjJqVRYJF663BmrMN3hHhcNXL0jYVnQ9Qq8-ydbTW7Mcn0v4dNN-BW8W1JJt49krHrW8WBG_Z5mZ50NW58jf-C8XxZnCW5nDbFL30b0qzN4h_9myHBXg_W7qYg0b4fNtfrW75KQNZ6NtbTSVYSMLQ6G7FblW4DFfS36RrjzYN69Wb0qDLTkCW3zXP4k3KQrVsW8x14kw8n0wRSW6PkBj_2TxzYbW2gNM775PdpyGW4M16fr3SQhF6W2p3DX35t-Mf0W2xZQYJ1dBqv2W36pR8f2zSClDW42hmYk6ZY_JdW1HQYJ36PB4H9W8nGlh149kJ93W7Bp5bt3Cdk0dW3wv7Sm4bJcfNW2Rvxnj6ldTHsW2KCCGP1JkSWZW1xV7PD4J35SnW2N3DcQ5w3QzKW169fg05dN_WVW9302f15QkPXcW5vBYgk2ZqtjYN2dpqD7cTSRKVcSmDX6Wjslp102(Line 13) Message: toS
console-api	log	URL: https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html?_hsenc=p2ANqtz--5GelBBXhv6V37gvsu1gtghw8yRme6dBZ9ALljiIL5xQSMrfZQ0RfOy9P7ErfOsTMMHzjCv2JArFUUXMa6ED0MPmckow&_hsmi=83585063(Line 4993) Message: testing

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
accounts.google.com
blog.talosintelligence.com
fonts.googleapis.com
fonts.gstatic.com
img2.blogblog.com
info.silobreaker.com
resources.blogblog.com
stats.g.doubleclick.net
www.blogger.com
www.google-analytics.com
www.talosintelligence.com
2606:4700::6811:3b4c
2606:4700::6811:7db4
2a00:1450:4001:809::2009
2a00:1450:4001:80b::200e
2a00:1450:4001:819::2003
2a00:1450:4001:81e::200a
2a00:1450:4001:820::2001
2a00:1450:4001:821::2009
2a00:1450:4001:824::200d
2a00:1450:400c:c00::9c
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0416627ce1dca94f674d4119fe5aefb867a44b60fcd49deadb6fdd7b9c9c5fdf
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07946aa14beed0e252d9d3d9352e6cf776212dac9cbf3def7a4d7b5f0554e378
1179f7c2d10f3ea42022f84cca8cadf9cc17acb9d2e928c79961d753b5d89275
1ec2e33c88eec72d7050b474be41d3e79282421602d9120efc96d620b911c60e
24aaaace90646eb2bcba2bb7752bd66268e6e8643eaa2064c0da850d29256e43
252715a48b1d172741e11030b6e805620794883d6534081a441402bf477ed7a2
26f5ea290915effad3bcafe2acabaad611aefc3a6ecee6fa50322de01686545c
29ec20506c9a93aaf3444bd98e2ecd22fe41b085002c9cdf1b1e1f8c2dc931f8
3f352db86262c5cbe0af82f15f00b097c7bb8fae116d50cd615540970f03b3da
459a4fcc636138264d5d1f044f24571257e1438948ac833e7a8ac87af8f18573
487081aeec2c30b74f0e7445ea097cbb460da77f5a5cffae1e335c1c89cbc781
4f4cb666814825ae53899ceb67a612bbbe773ae8c8d5957de1579d0a803eb7c9
51edda486902376b73da28df376694a01ee7124c22eade6ba992d24c71070639
5880a3ec5786106a403afe265075af7c97914adec4d5bd610edacc2cd07ef24b
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e568821d9f0cbdef3fab2c414be5281ca48fb751c67364350ebdebebaa6fcf8
67b234f4695714bc282c2d4cbcd7514edf0fe758c9c4bb873cd5a8232ee05cda
6e1f19a7e29d14226024f5c7a3347a91f90aa24fb5079a2661bccf7655a02d69
75ea37f0b11d6370e353247578091c66fc3ae6a6be27e6932b76d32a5b2cd3a6
7c811ad76167dea3268f42bb56b18e89b519bc326c05ebd7e7c6bc993e9183fd
80592c64c392e852756a0b951655be1cdfbb0bdbec1402bc4b91156924ba7773
8065844523ae0f7b0d2191b0d087ee3179cba0b6356082234081f3d0b2feccbc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
869176cab64c36f92c6c1f8ffbe85919575d6b9995a54850e5925289f3a75078
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9592ee00cf58b080c405caa22d076284c8fb874d984f40edef0c59f0bdb1d830
a65e629cebf7cadd25ec10af3b6753376c8e647ddeab4008527315a0ae082873
adf4bebb7e38a82cda79716b1af2430016e918481c5f37ad9d5dc43ab0052df4
b0fb32319c8ca714cbddda23041581d8ebae13d6ad925913f5b26e1664d680d5
b48d885fd43520848167f8a77f4910deae63a1ef74f51dac07be9c2367ce133e
b4e2f477f2e9fc887015e5e8be6cc14a48a7b3cfbdd2e07dc7457f2fd278fdca
b812952e2ecbdd529f7423a246bca7bdba383e2bb484730a7895dc884e87446c
ba5753dfae9cdac414e27b1b74973e9041d76173a44fe2151bdecc03e13599da
bad1b0db448c0b3b52b4ad21b8a17b8200b51c719689d6a5457d85087d4fd993
bc0e96790d3264696a88a27c94294f32187c98547bcc5f0aaa422f8ddfb69dd1
bd0ddcd91a27b1c50c11176142adcf7f1f7bd4ab581b1f04518f681674889461
bd4424ff4c90c9860cdfe22e34f2af008b62c5ae11840d7912be183e1db8e8b7
c22f0c026dbd314f0d8d829c3e8aaf13e6e9c4c3d65127900b5bc1a529411c86
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cc75743e30500df3656b7e0e48ded7e9796e0d9f2353f5183bf3ab3829055cd2
ced42c9b3db0678b5cce67b9797e6ec7c045da3309d13eda38663e91844ea48f
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d64a6c8dff13dc643ac3093a429f0b2fc38df71f321707ee8cc12bd52dc9c6b4
e16838a5484ab27d1800cc62cac561b4503ffebfa11fd4b116a5f9eff4bcb4c4
e1e2b40e2a910617d6e814ec22df7e52437bb6dc8fc0b6d6c75517455960708d
e5d2405df2a95c974d5c0771e3a45b2dea1a2c2824cf6a917a605bf4a967c86d
e76e72182f4f6b321f236e39a9bd64c80dc9459c5a89d70845538e52b782fafb
e8e8761e1f722fc370dc9f3484c1e23be4c06be0f0ed5d577516aaf0c179dec3
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f23e9081ad69daedd9c1e7c4cd22513ba3ac3160b3a032d55a307c91be730920
f3fcb25354cf1e6fe068a6a83a9819574421125e1f475d0a4eac07aa912b4dd4
fa3cf173967cdb9b805ecbdd85792899b5b6f09d5f2b593e3136f286b8280696
fb7c712befd9134921e69e20d35d317813e918d0eee0dc049504f42c5abbbbe4

blog.talosintelligence.com Open in urlscan Pro 2606:4700::6811:3b4c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

100 %IPv6

10 Domains

12 Subdomains

9 IPs

3 Countries

1944 kBTransfer

2266 kBSize

1 Cookies

111 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.talosintelligence.com Open in urlscan Pro
2606:4700::6811:3b4c Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

100 %
IPv6

10
Domains

12
Subdomains

9
IPs

3
Countries

1944 kB
Transfer

2266 kB
Size

1
Cookies

57 HTTP transactions
0 data transactions