urlscan.io logo urlscan.io
SecurityTrails logo

offsec.blog Open in urlscan Pro
104.198.102.227  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://offsec.blog/
Effective URL: https://offsec.blog/
Submission: On April 19 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 52 HTTP transactions. The main IP is 104.198.102.227, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is offsec.blog.
TLS certificate: Issued by R3 on April 3rd 2023. Valid for: 3 months.
This is the only time offsec.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 104.198.102.227 15169 (GOOGLE)
1 74.125.24.95 15169 (GOOGLE)
1 74.125.24.97 15169 (GOOGLE)
1 7 172.64.134.9 13335 (CLOUDFLAR...)
1 3 104.18.188.228 13335 (CLOUDFLAR...)
6 104.16.126.16 13335 (CLOUDFLAR...)
3 172.217.194.94 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 172.217.194.138 15169 (GOOGLE)
1 52.10.126.48 16509 (AMAZON-02)
1 54.192.16.30 16509 (AMAZON-02)
1 13.226.123.175 16509 (AMAZON-02)
52 13
28    104.198.102.227 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 227.102.198.104.bc.googleusercontent.com
offsec.blog
1    74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net
fonts.googleapis.com
1    74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net
www.googletagmanager.com
7    172.64.134.9 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.popt.in
display.popt.in
fonts.popt.in
app.popt.in
3    104.18.188.228 (None, )

ASN13335 (CLOUDFLARENET, US)
webforms.pipedrive.com
6    104.16.126.16 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.pdx-1.pipedriveassets.com
cdn.us-east-1.pipedriveassets.com
3    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    172.217.194.138 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f138.1e100.net
www.google-analytics.com
1    52.10.126.48 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-126-48.us-west-2.compute.amazonaws.com
tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws
1    54.192.16.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-16-30.hkg62.r.cloudfront.net
d3lopmpcew67el.cloudfront.net
1    13.226.123.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-123-175.hkg62.r.cloudfront.net
d362h7pxdteoyk.cloudfront.net
Apex Domain
Subdomains		 Transfer
28 offsec.blog
offsec.blog
6 MB
7 popt.in
cdn.popt.in — Cisco Umbrella Rank: 37490
display.popt.in — Cisco Umbrella Rank: 36977
fonts.popt.in — Cisco Umbrella Rank: 99702
app.popt.in — Cisco Umbrella Rank: 186127
70 KB
6 pipedriveassets.com
cdn.pdx-1.pipedriveassets.com
cdn.us-east-1.pipedriveassets.com — Cisco Umbrella Rank: 391452
190 KB
3 gstatic.com
fonts.gstatic.com
24 KB
3 pipedrive.com
webforms.pipedrive.com — Cisco Umbrella Rank: 421528
4 KB
2 cloudfront.net
d3lopmpcew67el.cloudfront.net
d362h7pxdteoyk.cloudfront.net
112 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
34 KB
1 on.aws
tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws — Cisco Umbrella Rank: 96950
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
251 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
78 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
917 B
52 11
Domain Requested by
28 offsec.blog 1 redirects offsec.blog
5 cdn.us-east-1.pipedriveassets.com webforms.pipedrive.com
cdn.us-east-1.pipedriveassets.com
4 cdn.popt.in offsec.blog
cdnjs.cloudflare.com
3 fonts.gstatic.com fonts.googleapis.com
3 webforms.pipedrive.com 1 redirects webforms.pipedrive.com
cdn.us-east-1.pipedriveassets.com
2 cdnjs.cloudflare.com cdn.popt.in
cdnjs.cloudflare.com
1 app.popt.in
1 d362h7pxdteoyk.cloudfront.net tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws
1 d3lopmpcew67el.cloudfront.net cdnjs.cloudflare.com
1 tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws offsec.blog
1 fonts.popt.in 1 redirects
1 display.popt.in cdnjs.cloudflare.com
1 www.google-analytics.com www.googletagmanager.com
1 cdn.pdx-1.pipedriveassets.com offsec.blog
1 www.googletagmanager.com offsec.blog
1 fonts.googleapis.com offsec.blog
52 16

This site contains links to these domains. Also see Links.

Domain
securit360.com
Subject Issuer Validity Valid
offsec.blog
R3		 2023-04-03 -
2023-07-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
pipedrive.com
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
pipedriveassets.com
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://offsec.blog/
Frame ID: 98C836C7FEBD00585E1DD1C694BB4F65
Requests: 46 HTTP requests in this frame

Frame: https://webforms.pipedrive.com/f/310d3oGc1q40yBe6BNpP2gK97KtIG4y8TaIX28CFCoAoX5mzOZYOutYEHrUelaMoz?embeded=1&uuid=idgkqzid
Frame ID: FD1051BF9B4B4DD4A510248FB447FD4E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Offensive Security Blog - SecurIT360 -

Page URL History Show full URLs

  1. http://offsec.blog/ HTTP 301
    https://offsec.blog/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

52
Requests

96 %
HTTPS

0 %
IPv6

11
Domains

16
Subdomains

13
IPs

2
Countries

7019 kB
Transfer

8475 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://offsec.blog/ HTTP 301
    https://offsec.blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://webforms.pipedrive.com/f/loader HTTP 303
  • https://cdn.pdx-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/loader.min.js?v=99886631bd_6038
Request Chain 37
  • https://fonts.popt.in/?family=Poppins&display=swap HTTP 302
  • https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/?family=Poppins&display=swap

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offsec.blog/
Redirect Chain
  • http://offsec.blog/
  • https://offsec.blog/
113 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
f42db766b5c0335c1517b64ddfb068da3f9c43a69a68bd64f81f71104305369b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 19 Apr 2023 18:41:07 GMT
link
<https://offsec.blog/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 3
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Wed, 19 Apr 2023 18:41:06 GMT
Keep-Alive
timeout=20
Location
https://offsec.blog/
Server
nginx
style-blocks.build.css
offsec.blog/wp-content/plugins/genesis-blocks/dist/ 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-content/plugins/genesis-blocks/dist/style-blocks.build.css?ver=1675730260
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c13d111f83f3dcfbdf19aa05f44ca2a6f69e1f9c5e802251d5b0d6e9b32aaea7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Tue, 07 Feb 2023 00:37:40 GMT
server
nginx
etag
W/"63e19d54-b1a9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
offsec.blog/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Fri, 11 Nov 2022 14:56:45 GMT
server
nginx
etag
W/"636e62ad-172a9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
classic-themes.min.css
offsec.blog/wp-includes/css/ 		217 B
366 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Tue, 25 Oct 2022 13:45:16 GMT
server
nginx
etag
W/"6357e86c-d9"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		4 KB
917 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600&subset=latin%2Clatin-ext
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
dc4a2ffe656287d3da5274bce2a83c5a13c3c3e2428fcecfccd1405862e18c01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 18:41:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Apr 2023 18:41:08 GMT
blocks.css
offsec.blog/wp-content/themes/alaska-blog/assets/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-content/themes/alaska-blog/assets/css/blocks.css?ver=6.1.1
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4621c930c95d9ed81fe2f154f3333511735d0f6db5447013da622e0083eec1af

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Thu, 28 Apr 2022 17:07:27 GMT
server
nginx
etag
W/"626ac9cf-24e4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
offsec.blog/wp-content/themes/alaska-blog/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-content/themes/alaska-blog/style.css?ver=6.1.1
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf1ad2853b092223e88d08ef27b01ec40e5af7d6462e5bba6ca81607c6be78a1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Thu, 05 May 2022 15:45:49 GMT
server
nginx
etag
W/"6273f12d-d7b6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
tlpteam.css
offsec.blog/wp-content/plugins/tlp-team/assets/css/ 		164 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-content/plugins/tlp-team/assets/css/tlpteam.css?ver=4.3.2
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
66ad0477248f341876ef604206881029f8fdf5db5e4714773116fd9e7feed655

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Wed, 19 Apr 2023 12:33:31 GMT
server
nginx
etag
W/"643fdf9b-28eca"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
team-sc.css
offsec.blog/wp-content/uploads/tlp-team/ 		5 KB
1013 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-content/uploads/tlp-team/team-sc.css?ver=1657210120
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
485ec5f79babe699112bdfd3d5dc3df6933043e709194efacbaa198d92ad29f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Thu, 07 Jul 2022 16:08:40 GMT
server
nginx
etag
W/"62c70508-135a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
offsec.blog/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Mon, 19 Sep 2022 14:16:24 GMT
server
nginx
etag
W/"632879b8-15e54"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
offsec.blog/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ 		224 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3JNWWDHWSC
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
041765141b29baaaa6d6b8d3d5ba11f9493d9ab500ed03c658100979bc467ee5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79863
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 19 Apr 2023 18:41:09 GMT
pixel.js
cdn.popt.in/ 		221 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.popt.in/pixel.js?id=6422e6f45c3f0
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.134.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52f8e951ff8d0ef447f9f7da1d5bcbba721d2a8498cfcc02e15a15114d5080f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:09 GMT
x-amz-version-id
YHQo.Bp4aVHv5K3ryANGHhG68KcNQEg1
via
1.1 740fccc7c62d49696904618862f889f8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SIN52-P1
age
5518
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 18 Apr 2023 11:07:27 GMT
server
cloudflare
etag
W/"372e4c5e29719a414f3c039ac5708ebd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmpyN5Nv9ANh4YiyKbeQBhUx056adkES3s08hjvEWEV7LljneAB4dkmAGw%2Bvq1YFlx2nMuABRjWhQ4L%2F%2FlEOtCE%2Fp1owTy0n4SpInGbOANOoDIHp2l0jquB3VuYMSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
7ba747b10c85403b-SIN
x-amz-cf-id
az362MjRl1zwwmo9eOJEhTZ99wMGRApEfkf90ksFIxm4BmtKr2kJHA==
cropped-YoutubeBanner.png
offsec.blog/wp-content/uploads/2022/05/ 		760 KB
761 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsec.blog/wp-content/uploads/2022/05/cropped-YoutubeBanner.png
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
7e01e536b0a029328aec3536ad7ddea5e02751c30b8e47b312a094d363d5e878

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
last-modified
Wed, 04 May 2022 23:39:13 GMT
server
nginx
etag
"62730ea1-be0fa"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
778490
Offensive-Security-Testing-Part-5-Wireless-Pentesting.png
offsec.blog/wp-content/uploads/2023/04/ 		988 KB
990 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsec.blog/wp-content/uploads/2023/04/Offensive-Security-Testing-Part-5-Wireless-Pentesting.png
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4ab3250ee6fa4c39a4d0c6253c23c3926c147af1ce93cf947624fab19a1de818

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
last-modified
Wed, 12 Apr 2023 01:22:22 GMT
server
nginx
etag
"643607ce-f716c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1012076
loader.min.js
cdn.pdx-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/
Redirect Chain
  • https://webforms.pipedrive.com/f/loader
  • https://cdn.pdx-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/loader.min.js?v=99886631bd_6038
35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdx-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/loader.min.js?v=99886631bd_6038
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Server
104.16.126.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96453ea6ee53a6316f0256568b682887d81e1324e3b3d4bff03c2f04f4657b1f
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
age
120938
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 18 Apr 2023 06:29:45 GMT
server
cloudflare
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-download-options
noopen
cache-control
public, max-age=31536000
cf-ray
7ba747b81ee4a94a-SYD

Redirect headers

date
Wed, 19 Apr 2023 18:41:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-correlation-id
6fc7ce37-2d38-443d-9671-b17ec1ce1529
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
server
cloudflare
expect-ct
max-age=0
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
x-download-options
noopen
location
https://cdn.pdx-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/loader.min.js?v=99886631bd_6038
access-control-expose-headers
X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
cache-control
no-cache
badi
Routing: pdx-1=>pdx-1; Version: 50bd; Host: 6dd896455d-lrwk5;
cf-ray
7ba747af2ff5aaf5-SYD
dismiss.js
offsec.blog/wp-content/plugins/genesis-blocks/dist/assets/js/ 		923 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-content/plugins/genesis-blocks/dist/assets/js/dismiss.js?ver=1675730260
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ab326900e21f10d902070c93ca7824fb7f14e0901179b86631421e6bc4aaf257

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Tue, 07 Feb 2023 00:37:40 GMT
server
nginx
etag
W/"63e19d54-39b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
skip-link-focus-fix.js
offsec.blog/wp-content/themes/alaska-blog/assets/js/ 		716 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-content/themes/alaska-blog/assets/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
93c964e1bd5719c525c73073cf64f4c2b03dd6d4fa846d5bce3142596b3f1e97

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Thu, 28 Apr 2022 17:07:27 GMT
server
nginx
etag
W/"626ac9cf-2cc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
navigation.js
offsec.blog/wp-content/themes/alaska-blog/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-content/themes/alaska-blog/assets/js/navigation.js?ver=1.0
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
cde3f2c9881c5a64bafceb547c61a1da10811e0706d1e3d77c4efb29fb057986

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Thu, 28 Apr 2022 17:07:27 GMT
server
nginx
etag
W/"626ac9cf-e92"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
imagesloaded.min.js
offsec.blog/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
server
nginx
etag
W/"5ee520a7-15fd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
packery.pkgd.js
offsec.blog/wp-content/themes/alaska-blog/assets/js/ 		87 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-content/themes/alaska-blog/assets/js/packery.pkgd.js?ver=v2.1.2
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
cffafcd449b12a449e89b26dbf55fb41f6290ddad8eb232ffdeb24ff610b7861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Thu, 28 Apr 2022 17:07:28 GMT
server
nginx
etag
W/"626ac9d0-15a99"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
custom.js
offsec.blog/wp-content/themes/alaska-blog/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-content/themes/alaska-blog/assets/js/custom.js?ver=20151215
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
1776a51e7a660c6111335862e263f82cb7c62c6bdeebfba694f4fbca37afd0e3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Thu, 28 Apr 2022 17:07:27 GMT
server
nginx
etag
W/"626ac9cf-d14"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-emoji-release.min.js
offsec.blog/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
content-encoding
br
last-modified
Tue, 12 Apr 2022 05:56:23 GMT
server
nginx
etag
W/"62551487-48b9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offsec.blog
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 07:26:06 GMT
x-content-type-options
nosniff
age
126903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Apr 2024 07:26:06 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offsec.blog
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:26:51 GMT
x-content-type-options
nosniff
age
18858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Apr 2024 13:26:51 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offsec.blog
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 10:37:57 GMT
x-content-type-options
nosniff
age
28992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Apr 2024 10:37:57 GMT
Pentest.png
offsec.blog/wp-content/uploads/2023/04/ 		705 KB
706 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsec.blog/wp-content/uploads/2023/04/Pentest.png
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b56276e510059308f76fd748c4c9a18e6cf1adc9046433559e551bc4fbd1b7cc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
last-modified
Mon, 10 Apr 2023 12:06:18 GMT
server
nginx
etag
"6433fbba-b0555"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
722261
Getting-into-pentesting-without-an-it-background.png
offsec.blog/wp-content/uploads/2023/04/ 		862 KB
863 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsec.blog/wp-content/uploads/2023/04/Getting-into-pentesting-without-an-it-background.png
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
01a11cff49a32e9144967967900fd451df8c4825b31f1b4ebf3c69e992891116

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:08 GMT
last-modified
Tue, 04 Apr 2023 17:10:43 GMT
server
nginx
etag
"642c5a13-d76ea"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
882410
web-3.0.png
offsec.blog/wp-content/uploads/2023/03/ 		610 KB
611 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsec.blog/wp-content/uploads/2023/03/web-3.0.png
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e117f148d15b83bb927cc0ec0880a352a7186e41c648500070c498c42a9a4bfa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:09 GMT
last-modified
Wed, 22 Mar 2023 12:51:20 GMT
server
nginx
etag
"641af9c8-987d4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
624596
NEW-EPISODE.png
offsec.blog/wp-content/uploads/2023/03/ 		745 KB
746 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsec.blog/wp-content/uploads/2023/03/NEW-EPISODE.png
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
554df8cfcada2e6eea1bc43a678cf79b090c73c8e10a37a24aa65319557ed077

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:09 GMT
last-modified
Wed, 22 Mar 2023 12:13:25 GMT
server
nginx
etag
"641af0e5-ba438"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
762936
lastpass-new.png
offsec.blog/wp-content/uploads/2023/02/ 		959 KB
960 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsec.blog/wp-content/uploads/2023/02/lastpass-new.png
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
45ba13a1dabf105c04d14ca4e2712ff1a451ce30caec8a08472a397cd3979ebe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:09 GMT
last-modified
Wed, 01 Mar 2023 03:01:34 GMT
server
nginx
etag
"63fec00e-efa3a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
981562
Criticalthumbnail.png
offsec.blog/wp-content/uploads/2023/02/ 		713 KB
714 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsec.blog/wp-content/uploads/2023/02/Criticalthumbnail.png
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d47d457a382f35012ee30078b7bb25d93aac910602de03c6276ab55d0f9a57fd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:09 GMT
last-modified
Tue, 21 Feb 2023 20:49:40 GMT
server
nginx
etag
"63f52e64-b24f6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
730358
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Requested by
Host: cdn.popt.in
URL: https://cdn.popt.in/pixel.js?id=6422e6f45c3f0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2348777
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27964
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15d95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQoi8JIrvYX647oZW9LISgbMflYWOgM%2BYMJ5%2BvWToUmYpOLf1bpqhjoOk%2Fz6yPDN2gMNFsw7q%2BpXGGXIYMk3q8d%2Bkv4Izo65APk%2BOkcaJFtzPvO3%2BZd03JwHRTwc5j5IN4fzQGVw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba747b4de3ba831-SYD
expires
Mon, 08 Apr 2024 18:41:09 GMT
collect
www.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3JNWWDHWSC&gtm=45je34c0&_p=1163328204&cid=614578834.1681929670&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681929669&sct=1&seg=0&dl=https%3A%2F%2Foffsec.blog%2F&dt=Offensive%20Security%20Blog%20-%20SecurIT360%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3JNWWDHWSC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 18:41:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offsec.blog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vKaATHjmd9XhcWChNfr5.php
offsec.blog/wp-content/plugins/confection/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-content/plugins/confection/vKaATHjmd9XhcWChNfr5.php?&event=pageviewBatch&account_id=30914&uuid=02000203-1229-4504-bc0a-5759fd410c43&value=%7B%22url%22%3A%22https%3A%2F%2Foffsec.blog%2F%22%2C%22title%22%3A%22Offensive%20Security%20Blog%20-%20SecurIT360%20-%22%2C%22language%22%3A%22en-US%22%2C%22device%22%3A%22desktop%22%7D&domain=offsec.blog
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:11 GMT
x-cache-group
normal
x-cacheable
SHORT
server
nginx
x-powered-by
WP Engine
vary
Accept-Encoding,Cookie
x-cache
MISS
content-type
text/html; charset=UTF-8
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
content-length
0
310d3oGc1q40yBe6BNpP2gK97KtIG4y8TaIX28CFCoAoX5mzOZYOutYEHrUelaMoz
webforms.pipedrive.com/f/ Frame FD10 		2 KB
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://webforms.pipedrive.com/f/310d3oGc1q40yBe6BNpP2gK97KtIG4y8TaIX28CFCoAoX5mzOZYOutYEHrUelaMoz?embeded=1&uuid=idgkqzid
Requested by
Host: webforms.pipedrive.com
URL: https://webforms.pipedrive.com/f/loader
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.188.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3b4dcd7d61b0e3f096e69ca4756b647d231353279dc4dc9bf6ea2fc9625c632
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0, 1; mode=block 1; mode=block

Request headers

Referer
https://offsec.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-expose-headers
X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
badi
Routing: pdx-1=>us-east-1; Version: 50bd; Host: 6dd896455d-cssrk;
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7ba747b90bb3aaf5-SYD
content-encoding
br
content-type
text/html
date
Wed, 19 Apr 2023 18:41:11 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-correlation-id
83a878de-8249-4ddf-badf-8b5a08cec856
x-dns-prefetch-control
off
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
0, 1; mode=block 1; mode=block
6422e6f45c3f0
display.popt.in/APIRequest/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.popt.in/APIRequest/6422e6f45c3f0?domain=https%3A%2F%2Foffsec.blog%2F&referrer=&previous_url=&cookies=poptin_old_user%3Dtrue%20poptin_user_id%3D0.4ihmdgtdlxe%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=Offensive%20Security%20Blog%20-%20SecurIT360%20-&origin_landing_page=https%3A%2F%2Foffsec.blog%2F&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Foffsec.blog%2F&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.134.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70a60856e6083d017f93f6df73387ca59f5c97e1b2e0d4761c3a6c4f80ed15f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://offsec.blog/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:11 GMT
content-security-policy
frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FIlSh1J4KYHtsLWu2IRcOHhOfx4Db9ZO5odH4zSPi%2FWsKgsShQI%2FN7BgXqSdUzOeM7QN1wiAOPBtfUGmoktNBvP%2F3qWg3qLgacx7s5yWQzsbmId9xElfdFUhX4qe3I7PYA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, no-store, nocache, private
access-control-allow-credentials
true
cf-ray
7ba747bbfa9b87cf-SIN
access-control-allow-headers
Origin, Content-Type
expires
Fri, 01 Jan 1990 00:00:00 GMT
app.min.js
cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/ Frame FD10 		436 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/app.min.js?v=99886631bd_6038
Requested by
Host: webforms.pipedrive.com
URL: https://webforms.pipedrive.com/f/310d3oGc1q40yBe6BNpP2gK97KtIG4y8TaIX28CFCoAoX5mzOZYOutYEHrUelaMoz?embeded=1&uuid=idgkqzid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.126.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a62812d8b6c54af19f96276edb7b51353ecc2946978b65d1c332e7f09cd6d90
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
age
119208
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 18 Apr 2023 06:29:45 GMT
server
cloudflare
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-download-options
noopen
cache-control
public, max-age=31536000
cf-ray
7ba747bd2a95a94a-SYD
/
tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/
Redirect Chain
  • https://fonts.popt.in/?family=Poppins&display=swap
  • https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/?family=Poppins&display=swap
1015 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/?family=Poppins&display=swap
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
HTTP/1.1
Server
52.10.126.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-126-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
8503bb1f3969798a88dce37ee7f38979711dfd7495f5b8dafd66a19ff24e2d15

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 18:41:12 GMT
x-amzn-Remapped-host
fonts.popt.in
Connection
keep-alive
x-amzn-RequestId
5e27d285-b766-4417-bf4c-65ecc1c441b8
Content-Length
1015
X-Amzn-Trace-Id
root=1-644035c8-3c4fd35615a35d397ddcd2a5;sampled=0;lineage=013914a9:0
Content-Type
text/css; charset=utf-8

Redirect headers

date
Wed, 19 Apr 2023 18:41:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDVW1ENKTG%2BtZuo5yjqHitxsXRMZ%2Flt6gPaXB4EQ27JP9KWcvTSmtIyMEQ5ZBK4NIU7LMWvwyzTHs899jKn9hI1xH8lyA9wZPq0z9GyonjYB40o%2FUZnmeJK%2B36uuE36k"}],"group":"cf-nel","max_age":604800}
location
https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws?family=Poppins&display=swap
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7ba747bf09bd403b-SIN
expires
Thu, 01 Jan 1970 00:00:01 GMT
heb-fonts.min.css
cdn.popt.in/css/ 		22 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.popt.in/css/heb-fonts.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.134.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7459dd5ce48ddd21da15f490514af4be07ff85f0b0b6b9e118542d68ff5ec91

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:11 GMT
x-amz-version-id
qXd_m_chdhWvR5DNrvI834tklGtnWkb9
via
1.1 2db56a73a9d0486b15ff1dc828be02a6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SIN52-C2
age
113597
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 12 Sep 2018 18:05:20 GMT
server
cloudflare
etag
W/"fb58ef8ec15444a0d0cf977973d4f824"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fulO5Gxjtpdmf7QRvJMfCKd%2FGBTCpwEYjA4PUHyr2uPtYrT7OmbiCxxyChzS4PXT5V5BaoVfsNV1CyFk%2BkdyiwYbuya%2FQWMh%2Fhcjx4tVYR3e7vRgvFkKmZE4nIaXrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=30672000
cf-ray
7ba747bf09b6403b-SIN
x-amz-cf-id
VumJKOs_iFTPnIHjVQ38_roN2cb60YtJZ8g9jyXtWqUOCpDHZvLZaA==
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2922967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzvItdThexfDAkQ%2FAG7jUJRtU0zjXS0Nlw2cOk72I3Sk4R%2B%2BKt6wabbKAe4oPRF%2FyNPvKnDB69eKlEQTmzwMy%2B2VT%2FF8GV86tygGQyWom03U6fsqjdyR70guXwRavK%2FYfT2BAV6R"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba747beba43a831-SYD
expires
Mon, 08 Apr 2024 18:41:11 GMT
poptin-style-en.css
cdn.popt.in/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.popt.in/css/poptin-style-en.css?ver=10
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.134.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
380833de27ae130eb2f99b6cf44c809acb17014a836387fc3e842f91376c370e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:11 GMT
x-amz-version-id
UMR67688ddvQLOsKGtxKswujng8gwT6t
via
1.1 52ebaefa6642b86af14a5a485b003264.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
TPE52-C1
age
5422
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 18 Apr 2023 11:07:27 GMT
server
cloudflare
etag
W/"bb382500b6f5a63e19ea2efc3dcde325"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FL6LP%2B%2F98Pc4acNo48I7fo3EeoCGkRGhaKNWhUWkCh9g8u2eSrqna7y6J5vpGjc9ivjHgAirSIicL%2BQKm8hsA%2FMjgfMxL4vXURCHvmmwkkZjjDOaY2R0rpEMNGlMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
7ba747bf09b5403b-SIN
x-amz-cf-id
K5HMgYeOC1y0ODArWDGW2KQ8r_XpBYMwURhf-9jmCmesLfXMSxi1aw==
poptin-animations.css
cdn.popt.in/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.popt.in/css/poptin-animations.css?ver=10
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.134.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
310f7d360d659a851c73aa97dcb6031bf45c659cc822b13e947683c5689619f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:11 GMT
x-amz-version-id
ITLCO4kwC1lxZLx7qhbjzryNA1i_Z1xv
via
1.1 b598b8a5bdf8fe34b02ce70cdf18414c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
TPE52-C1
age
5085
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 18 Apr 2023 11:07:27 GMT
server
cloudflare
etag
W/"407750e10b819ae6ef75e726fcd79341"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryXVrxkN%2B3CMk9o8qco4zeG6UNf%2BtJ%2BInFzApPp%2FnPZV0%2FCpHwtsfHdDPnp3v6NmdlCk5zwhzIMrFL88MPs1W9HpqSgy%2FjUZTBTUCU6ock9UoSxBC6nFaL0VDlh6mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
7ba747bf09b8403b-SIN
x-amz-cf-id
h4IPN1PrVD7r2kl03wLhHgtnS0l0MlxUjTGf3nBcgOaxNW_-wNbRqw==
account_622052c23e74f_poptin_70e1def543369_2022-10-18_23-32-23_version_3.html
d3lopmpcew67el.cloudfront.net/client_6422e6f45c3f0/ 		154 KB
104 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3lopmpcew67el.cloudfront.net/client_6422e6f45c3f0/account_622052c23e74f_poptin_70e1def543369_2022-10-18_23-32-23_version_3.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.16.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-16-30.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4621432ba24fd2aebaa67282697dbd1248dd9aa8ec6b8b40c033932fba10de5a

Request headers

Accept
*/*
Referer
https://offsec.blog/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:13 GMT
x-amz-version-id
1tIy7ndo3K35ES8fm7jN990gcCxsu4py
content-encoding
gzip
via
1.1 79e5bd56174a0ac9fbc66556743812d6.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG62-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 01 Feb 2023 16:20:35 GMT
server
AmazonS3
etag
W/"ff59364233e158b7b4dc0a4549ba7b6e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
UNTFwjuw_NUq_cP3Ga5PRh-JuBWlW69KqLWIa9jqHCXZ-MU2Pkj4Bw==
400.css
cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/node_modules/@fontsource/open-sans/ Frame FD10 		3 KB
695 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/node_modules/@fontsource/open-sans/400.css
Requested by
Host: cdn.us-east-1.pipedriveassets.com
URL: https://cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/app.min.js?v=99886631bd_6038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.126.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb0ac1ee2affd64c512967d22b9c2a48096ec98cbfe6bac9fa0cbcd01fa76a05
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
age
13131679
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 18 Nov 2022 16:03:34 GMT
server
cloudflare
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-download-options
noopen
cache-control
public, max-age=31536000
cf-ray
7ba747bf9c33a94a-SYD
600.css
cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/node_modules/@fontsource/open-sans/ Frame FD10 		3 KB
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/node_modules/@fontsource/open-sans/600.css
Requested by
Host: cdn.us-east-1.pipedriveassets.com
URL: https://cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/app.min.js?v=99886631bd_6038
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.126.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12728c6bd9e9ad57b685bd51d96303b6ac08a4071613a19ed49120f74f1efcf6
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
age
13131679
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 18 Nov 2022 16:03:34 GMT
server
cloudflare
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-download-options
noopen
cache-control
public, max-age=31536000
cf-ray
7ba747bf9c32a94a-SYD
definition
webforms.pipedrive.com/f/310d3oGc1q40yBe6BNpP2gK97KtIG4y8TaIX28CFCoAoX5mzOZYOutYEHrUelaMoz/ Frame FD10 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://webforms.pipedrive.com/f/310d3oGc1q40yBe6BNpP2gK97KtIG4y8TaIX28CFCoAoX5mzOZYOutYEHrUelaMoz/definition
Requested by
Host: cdn.us-east-1.pipedriveassets.com
URL: https://cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/app.min.js?v=99886631bd_6038
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.188.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
832a4f3b8d7661994fd77a6bcc322e81e76a5e4a9de996cbc59da5f29e9bac6f
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block, 1; mode=block

Request headers

x-public-token
webform-310d3oGc1q40yBe6BNpP2gK97KtIG4y8TaIX28CFCoAoX5mzOZYOutYEHrUelaMoz
Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-correlation-id
69b36c27-06f3-4aa9-a494-8eabd87dda37
cf-cache-status
DYNAMIC
content-encoding
br
x-content-type-options
nosniff
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0, 1; mode=block, 1; mode=block
referrer-policy
no-referrer
server
cloudflare
expect-ct
max-age=0
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-expose-headers
X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
cache-control
no-cache
badi
Routing: pdx-1=>us-east-1; Version: 50bd; Host: 6dd896455d-665v8;
cf-ray
7ba747bf9c7adfb5-SYD
x-download-options
noopen
vKaATHjmd9XhcWChNfr5.php
offsec.blog/wp-content/plugins/confection/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://offsec.blog/wp-content/plugins/confection/vKaATHjmd9XhcWChNfr5.php?&event=loadtime&account_id=30914&uuid=02000203-1229-4504-bc0a-5759fd410c43&value=4.059&domain=offsec.blog
Requested by
Host: offsec.blog
URL: https://offsec.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.227 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.102.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:13 GMT
x-cache-group
normal
x-cacheable
SHORT
server
nginx
x-powered-by
WP Engine
vary
Accept-Encoding,Cookie
x-cache
MISS
content-type
text/html; charset=UTF-8
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
content-length
0
pxiEyp8kv8JHgFVrJJfecg.woff2
d362h7pxdteoyk.cloudfront.net/fonts/poppins/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d362h7pxdteoyk.cloudfront.net/fonts/poppins/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws
URL: https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.123.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-123-175.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Request headers

Referer
https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/
Origin
https://offsec.blog
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 11:16:31 GMT
via
1.1 abb12b0f5c7d761186642cc265dbdd32.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG62-C1
age
26683
x-cache
Hit from cloudfront
content-length
7884
last-modified
Wed, 14 Dec 2022 11:49:37 GMT
server
AmazonS3
etag
"9212f6f9860f9fc6c69b02fedf6db8c3"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
YfUwZiNxuP8wrTnyYLR3NduZAU-Ze7livXacjhaS83gvme6ua1lhpg==
open-sans-latin-400-normal.woff2
cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/node_modules/@fontsource/open-sans/files/ Frame FD10 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/node_modules/@fontsource/open-sans/files/open-sans-latin-400-normal.woff2
Requested by
Host: cdn.us-east-1.pipedriveassets.com
URL: https://cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/node_modules/@fontsource/open-sans/400.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.126.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://webforms.pipedrive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
age
13131709
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16740
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 18 Nov 2022 16:03:35 GMT
server
cloudflare
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
x-download-options
noopen
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7ba747c978f5a871-SYD
open-sans-latin-600-normal.woff2
cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/node_modules/@fontsource/open-sans/files/ Frame FD10 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/node_modules/@fontsource/open-sans/files/open-sans-latin-600-normal.woff2
Requested by
Host: cdn.us-east-1.pipedriveassets.com
URL: https://cdn.us-east-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/node_modules/@fontsource/open-sans/600.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.126.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://webforms.pipedrive.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
age
13131709
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16756
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 18 Nov 2022 16:03:35 GMT
server
cloudflare
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
x-download-options
noopen
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7ba747c978f6a871-SYD
credit-new.png
app.popt.in/css/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.popt.in/css/images/credit-new.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.134.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f0594214c4c47b10f7895a3ac0e1f73faccbf22bf1f9279d25ce08169a275d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://offsec.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:41:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3632
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5971
x-xss-protection
1; mode=block
last-modified
Tue, 18 Apr 2023 11:04:24 GMT
server
cloudflare
etag
"643e7938-1753"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nq9tbhUJUPC49FO74cjqe%2FkCJW0JVyvhp8wF7NoiWrK9wTpqJwAWivJDHv9iBoAOZycDJZFqpgh7rfmET3RAM2sGklnxsmd42Zisl14umU6opXoajhiweHb61VQ%2Fmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7ba747ccbe6d403b-SIN
truncated
/ 		98 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f704a9af2f8efb3569d2c66e77c0b580ceb176d7c6a5d3bf0852f77177eaf9c0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| twemoji object| wp object| appConfigChunkLoadingGlobal boolean| pixelAdded boolean| poptin_loadcontrol_fix boolean| poptin_disable_fa boolean| poptin_disable_localstorage boolean| poptin_single_page_app boolean| landing_page_teaser_on object| upgrade_popup_setting object| previous_url_spa object| poptinTimeDelayTrigger boolean| poptinExitPopupShown boolean| poptin_display_trigger number| updateClockInterval function| jQ224 object| poptinSubmitted function| poptinVisible function| onpoptinClose function| onpoptinSubmit boolean| poptinStarted function| runPoptinNow function| runPoptinNowStart function| pageLoadCheck boolean| isPoptinLandingPage boolean| poptinAfterPageLoad function| closePoptinOnXclick function| closeTabPoptinOnXclick function| poptin_display function| poptin_display_form function| closePoptin function| PoptinQueue function| poptinClientLimitLogStatus function| closeUpgradePopup function| poptinUpgradeDontRemindMe function| poptinUpgradeRemindMe function| poptinUpgradePopupClick object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| cookies string| relevent_cookie string| poptin_viewed_session number| poptin_once string| ap_triggers object| loader function| genesisBlocksShare object| alaska_blog_l10n function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Packery string| confection_url number| confection_account_id object| confection string| winie string| font_link string| poptin_style

13 Cookies

Domain/Path Name / Value
offsec.blog/ Name: poptin_old_user
Value: true
offsec.blog/ Name: poptin_user_id
Value: 0.4ihmdgtdlxe
.offsec.blog/ Name: _ga_3JNWWDHWSC
Value: GS1.1.1681929669.1.0.1681929669.0.0.0
.offsec.blog/ Name: _ga
Value: GA1.1.614578834.1681929670
.pipedrive.com/ Name: __cf_bm
Value: bMYwaQ2EwtG.xeuQR5fLuIo3myIL7M2eJ5IqGMXJWcU-1681929670-0-AeSqmvRjvLgJIXCLpsbU7Y2G/GhrDmLhed32wjEStet1f7+zhiKnI9PNY8hylDZRxnmPtXm7ZyZIasKNWPxc2fQ=
.pipedriveassets.com/ Name: __cf_bm
Value: 2iLKoUX9iuWC2q90Fjd2FW29qiA2rY.xvjHcoX9tNm8-1681929670-0-AfLYwq+2WBpvkDwLKU1VAlJcOjBY9P++135s+LEoQCPgLPLbQznRhQ4TAtbrz6MLD85oovQic+3mwuJjiWAu7TY=
offsec.blog/ Name: confection_uuid
Value: 02000203-1229-4504-bc0a-5759fd410c43
offsec.blog/ Name: poptin_user_ip
Value: 173.245.209.39
offsec.blog/ Name: poptin_user_country_code
Value: false
offsec.blog/ Name: poptin_o_v_70e1def543369
Value: 2c446c5c03767
offsec.blog/ Name: poptin_session_account_622052c23e74f
Value: true
offsec.blog/ Name: poptin_session
Value: true
offsec.blog/ Name: poptin_c_visitor
Value: true

2 Console Messages

Source Level URL
Text
other warning URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js(Line 1)
Message:
<link rel=preload> must have a valid `as` value
other warning URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js(Line 1)
Message:
<link rel=preload> must have a valid `as` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.popt.in
cdn.pdx-1.pipedriveassets.com
cdn.popt.in
cdn.us-east-1.pipedriveassets.com
cdnjs.cloudflare.com
d362h7pxdteoyk.cloudfront.net
d3lopmpcew67el.cloudfront.net
display.popt.in
fonts.googleapis.com
fonts.gstatic.com
fonts.popt.in
offsec.blog
tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws
webforms.pipedrive.com
www.google-analytics.com
www.googletagmanager.com
104.16.126.16
104.17.24.14
104.18.188.228
104.198.102.227
13.226.123.175
172.217.194.138
172.217.194.94
172.64.134.9
52.10.126.48
54.192.16.30
74.125.24.95
74.125.24.97
01a11cff49a32e9144967967900fd451df8c4825b31f1b4ebf3c69e992891116
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
041765141b29baaaa6d6b8d3d5ba11f9493d9ab500ed03c658100979bc467ee5
0a62812d8b6c54af19f96276edb7b51353ecc2946978b65d1c332e7f09cd6d90
12728c6bd9e9ad57b685bd51d96303b6ac08a4071613a19ed49120f74f1efcf6
1776a51e7a660c6111335862e263f82cb7c62c6bdeebfba694f4fbca37afd0e3
22f0594214c4c47b10f7895a3ac0e1f73faccbf22bf1f9279d25ce08169a275d
310f7d360d659a851c73aa97dcb6031bf45c659cc822b13e947683c5689619f2
380833de27ae130eb2f99b6cf44c809acb17014a836387fc3e842f91376c370e
45ba13a1dabf105c04d14ca4e2712ff1a451ce30caec8a08472a397cd3979ebe
4621432ba24fd2aebaa67282697dbd1248dd9aa8ec6b8b40c033932fba10de5a
4621c930c95d9ed81fe2f154f3333511735d0f6db5447013da622e0083eec1af
485ec5f79babe699112bdfd3d5dc3df6933043e709194efacbaa198d92ad29f8
4ab3250ee6fa4c39a4d0c6253c23c3926c147af1ce93cf947624fab19a1de818
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
52f8e951ff8d0ef447f9f7da1d5bcbba721d2a8498cfcc02e15a15114d5080f7
554df8cfcada2e6eea1bc43a678cf79b090c73c8e10a37a24aa65319557ed077
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
66ad0477248f341876ef604206881029f8fdf5db5e4714773116fd9e7feed655
70a60856e6083d017f93f6df73387ca59f5c97e1b2e0d4761c3a6c4f80ed15f5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e01e536b0a029328aec3536ad7ddea5e02751c30b8e47b312a094d363d5e878
832a4f3b8d7661994fd77a6bcc322e81e76a5e4a9de996cbc59da5f29e9bac6f
8503bb1f3969798a88dce37ee7f38979711dfd7495f5b8dafd66a19ff24e2d15
93c964e1bd5719c525c73073cf64f4c2b03dd6d4fa846d5bce3142596b3f1e97
96453ea6ee53a6316f0256568b682887d81e1324e3b3d4bff03c2f04f4657b1f
ab326900e21f10d902070c93ca7824fb7f14e0901179b86631421e6bc4aaf257
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b56276e510059308f76fd748c4c9a18e6cf1adc9046433559e551bc4fbd1b7cc
c13d111f83f3dcfbdf19aa05f44ca2a6f69e1f9c5e802251d5b0d6e9b32aaea7
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3b4dcd7d61b0e3f096e69ca4756b647d231353279dc4dc9bf6ea2fc9625c632
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cde3f2c9881c5a64bafceb547c61a1da10811e0706d1e3d77c4efb29fb057986
cf1ad2853b092223e88d08ef27b01ec40e5af7d6462e5bba6ca81607c6be78a1
cffafcd449b12a449e89b26dbf55fb41f6290ddad8eb232ffdeb24ff610b7861
d47d457a382f35012ee30078b7bb25d93aac910602de03c6276ab55d0f9a57fd
d7459dd5ce48ddd21da15f490514af4be07ff85f0b0b6b9e118542d68ff5ec91
dc4a2ffe656287d3da5274bce2a83c5a13c3c3e2428fcecfccd1405862e18c01
e117f148d15b83bb927cc0ec0880a352a7186e41c648500070c498c42a9a4bfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0ac1ee2affd64c512967d22b9c2a48096ec98cbfe6bac9fa0cbcd01fa76a05
f42db766b5c0335c1517b64ddfb068da3f9c43a69a68bd64f81f71104305369b
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f704a9af2f8efb3569d2c66e77c0b580ceb176d7c6a5d3bf0852f77177eaf9c0
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869