urlscan.io logo urlscan.io
SecurityTrails logo

blog.zsec.uk Open in urlscan Pro
172.67.139.154  Public Scan

Go To Rescan Add Verdict Report
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Submission: On September 18 via manual from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 2 countries across 20 domains to perform 99 HTTP transactions. The main IP is 172.67.139.154, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.zsec.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2021. Valid for: a year.
This is the only time blog.zsec.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 172.67.139.154 13335 (CLOUDFLAR...)
1 142.250.186.170 15169 (GOOGLE)
12 104.16.19.94 13335 (CLOUDFLAR...)
7 142.250.181.226 15169 (GOOGLE)
10 142.250.185.206 15169 (GOOGLE)
1 104.16.95.65 13335 (CLOUDFLAR...)
5 142.250.185.99 15169 (GOOGLE)
2 142.250.186.78 15169 (GOOGLE)
13 192.229.233.25 15133 (EDGECAST)
3 13.224.193.79 16509 (AMAZON-02)
1 2 104.16.123.175 13335 (CLOUDFLAR...)
3 142.250.185.130 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
1 142.251.5.154 15169 (GOOGLE)
3 142.250.185.68 15169 (GOOGLE)
1 142.250.186.134 15169 (GOOGLE)
1 142.250.185.225 15169 (GOOGLE)
1 142.250.186.118 15169 (GOOGLE)
2 142.250.186.99 15169 (GOOGLE)
1 104.244.42.72 13414 (TWITTER)
2 142.250.185.193 15169 (GOOGLE)
2 151.101.192.176 54113 (FASTLY)
1 35.165.21.246 16509 (AMAZON-02)
1 192.229.233.50 15133 (EDGECAST)
99 28
20    172.67.139.154 (United States)

ASN13335 (CLOUDFLARENET, US)
blog.zsec.uk
1    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
12    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
10    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.youtube.com
1    104.16.95.65 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
5    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
2    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
www.google-analytics.com
13    192.229.233.25 (Los Angeles, United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    13.224.193.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-79.fra2.r.cloudfront.net
js.stripe.com
2    104.16.123.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
adservice.google.de
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
adservice.google.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
www.googletagservices.com
1    142.251.5.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f154.1e100.net
stats.g.doubleclick.net
3    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
1    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
static.doubleclick.net
1    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
yt3.ggpht.com
1    142.250.186.118 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f22.1e100.net
i.ytimg.com
2    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.gstatic.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
tpc.googlesyndication.com
2    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
1    35.165.21.246 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-21-246.us-west-2.compute.amazonaws.com
m.stripe.com
1    192.229.233.50 (Los Angeles, United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
Domain Requested by
20 blog.zsec.uk blog.zsec.uk
unpkg.com
static.cloudflareinsights.com
13 platform.twitter.com blog.zsec.uk
platform.twitter.com
12 cdnjs.cloudflare.com blog.zsec.uk
cdnjs.cloudflare.com
10 www.youtube.com blog.zsec.uk
www.youtube.com
7 pagead2.googlesyndication.com blog.zsec.uk
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 www.google.com blog.zsec.uk
www.youtube.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.youtube.com
3 js.stripe.com blog.zsec.uk
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 unpkg.com 1 redirects blog.zsec.uk
2 www.google-analytics.com blog.zsec.uk
www.google-analytics.com
1 cdn.syndication.twimg.com platform.twitter.com
1 m.stripe.com m.stripe.network
1 syndication.twitter.com platform.twitter.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 static.cloudflareinsights.com blog.zsec.uk
1 fonts.googleapis.com blog.zsec.uk
99 27

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-07-09 -
2021-11-03		 4 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2021-11-03		 4 months crt.sh

This page contains 11 frames:

Primary Page: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Frame ID: B04A86EA62801FC05D8D1DC6ED12A9C0
Requests: 59 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
Frame ID: 449ECE9C8BA47AFA380AFE956AAD7086
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Frame ID: 284E1EF87968BD69619C74CBA811066E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
Frame ID: 9B8073E9D9DD3BA19274A528ECE9A988
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5360859507810376&output=html&adk=1812271804&adf=3025194257&lmt=1631934671&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631934671687&bpp=2&bdt=402&idt=78&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=691838561888&frm=20&pv=2&ga_vid=606024588.1631934672&ga_sid=1631934672&ga_hid=962390834&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2615838258392996&pem=166&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=99
Frame ID: F64CF43498D2FEFF61D80E9DD6322655
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fblog.zsec.uk
Frame ID: 5846802B228CF6B6C093DADA56641CC3
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Frame ID: 7C6A5F6492D69429660DB9741816DC56
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: C16850C30A00D0DE3EA841465A250ACD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 37454E9C632D7B707A519C919B66FEF1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3E3E77ED69ADF400F9C7DA767567EDC
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Frame ID: 8B8AE48869C3DE44CBB1FBA664CC8CAE
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

99
Requests

99 %
HTTPS

0 %
IPv6

20
Domains

27
Subdomains

28
IPs

2
Countries

2534 kB
Transfer

7244 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://unpkg.com/@tryghost/portal@~1.4.0/umd/portal.min.js HTTP 302
  • https://unpkg.com/@tryghost/portal@1.4.7/umd/portal.min.js

99 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blog.zsec.uk/cve-2020-1350-honeypoc/ 		448 KB
291 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b32a7a0514c4e37e89dbe6510c6b5eae1d6f48b7767ad8e99bff88b8952bad57
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
blog.zsec.uk
:scheme
https
:path
/cve-2020-1350-honeypoc/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
cache-control
public, max-age=0
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cT%2BV3Qg1A6M9C7CmRlWJfCDFeo%2BIizrS5OUx7bXuVtvWK1mOI9dp747JA%2BVbjEm1rNH7Jz1PeTo7dSGLz11lt5ovJMGgaCGUuxg8V0MTCTuHgoCD55e9Hd1Vbgwl45E%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
690762ae1b1305f5-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
8xhY0UhfM9OufCAxmohRtXJqMKk.js
blog.zsec.uk/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/cdn-cgi/apps/head/8xhY0UhfM9OufCAxmohRtXJqMKk.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4f488d2d4b4fa9ca0668acbcaccddec56af46060aa2d37b556899fca6279391
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/cdn-cgi/apps/head/8xhY0UhfM9OufCAxmohRtXJqMKk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
175020
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
00JPPVDFH0TBTCV1
x-amz-id-2
FqOVW8IJFlYphMhLdSsyY94dsxCNnpvWf1AxVxdAPqPfT3yRVpMP/GxmmuPrDvEZrS5ZtdRF4fg=
last-modified
Thu, 16 Sep 2021 02:08:06 GMT
server
cloudflare
etag
W/"2e6bfa673f122a9a429321b4e81cdc90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uD7Ksyuo5JeJ1g6Yx03fdMyWCDBMda54gnfcrw%2F1GTDLC1q4jdpvB%2Bqngbp5RVHYGII8hZ6MMmG8kKL0PLR9LWLy5rVpoYVClQ0C5OYwlVgcJx1KoqeT3pxME7nCA7s%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
TyzaptNIG6hJt1pTH7OVo348cYQaMcRh
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
690762afac3d05f5-FRA
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,300,600|Oswald:400,700|Montserrat:400,700
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
6df3eea50f5702832bc7352e96f4d1c4e19a671fcf41de861247c395373b8561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 18 Sep 2021 03:11:11 GMT
server
ESF
date
Sat, 18 Sep 2021 03:11:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Sep 2021 03:11:11 GMT
extra.css
blog.zsec.uk/assets/built/css/ 		209 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/css/extra.css?v=1d49490996
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7a30764b5286423769de4a85297de6e43c957494f265cb38fb84328091bbc839
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/css/extra.css?v=1d49490996
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2158449
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"344be-1784ce5cc66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyh0mRRly62B7l%2BismIIkryz807jP%2BEXjyuVhJowr8M%2F9NroLj5I3Qna9YhxjgJFdr4zVpP%2BQPnw2j7s3KsZOZKxtmzgu6Nf7K9qj9%2B8xGr9Pt1FDW%2FLzSCsb5%2Fmj5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
690762afac3e05f5-FRA
cf-bgj
minify
extra-post.css
blog.zsec.uk/assets/built/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/css/extra-post.css?v=1d49490996
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dca7d5de8bf2c12c1c173aa6d795b1b39017e0f7f9625b9ca75a121866bcc560
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/css/extra-post.css?v=1d49490996
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4886409
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"ced-1784ce5cc66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCbOtsP6rR%2FYUdDwzj%2FlnlI3mdm2x99reZlxIm43JseqwQ%2BwhqsADsUgeWiaOv3KAr53c2UXCl%2BFycNL6331JDRPjpfjL1yR2vGiOFcYW1Jzo4uT%2F4%2B5xWBBoWKIRXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=3309
cf-ray
690762afac3f05f5-FRA
cf-bgj
minify
style.css
blog.zsec.uk/assets/built/css/ 		52 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/css/style.css?v=1d49490996
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d72c687f5bc9266ab50f49198cc547413dcd0bddf04588b1e5e1b923e67c67ff
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/css/style.css?v=1d49490996
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2158449
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"d1ad-1784ce5cc62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pXyiz%2BGeV23HESDC68IrYoQv4qfRs8CRRn1xasGV5%2B0YBMvkf3kcbxuQHRbhiH3zrVQAXn4RI0n%2FZPq6Em0ABUJZKmL2n1B3SGYLnTvXNU%2FJopj66ANmrUhh%2FDPvAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=53677
cf-ray
690762afac4005f5-FRA
cf-bgj
minify
tocbot.css
cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.2/ 		565 B
555 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.2/tocbot.css
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
155673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
228
timing-allow-origin
*
last-modified
Sun, 07 Jun 2020 21:41:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5edd5f21-235"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRD5SZEMOrtRVHincz3IySH%2FLeeCr2pvZeeUczYOEDWdhOdkybJ%2B28Dz8E7AXHlYG8yFEwW07hKv8HhUpEHutD9ODp%2FkagpA8F4UJNTzaD55%2BgoOwY6i1vIwj4QP1dutqqcXIUag"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690762afe930278c-PRG
expires
Thu, 08 Sep 2022 03:11:11 GMT
prism-tomorrow.min.css
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/themes/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/themes/prism-tomorrow.min.css
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b15fe2971998a048aebb60f26f6eed76122071db9ef3b995abd003224f52a98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12771813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
471
cf-request-id
099f399b000000278c5e048000000001
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a6-521"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tkoh0EhCf61jw7T%2F1DYFqblEQ65WWKcXsg4jCn2nLFp%2BTk5Xn0MTDLyHhu8tvq6Ra%2FbN0zZ9XohjG50dD4SWXUmbDFYolCTGEPk74aT%2BZ%2BcT5ub%2Fa675BKim88bgrSGBVbvtCC1l"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690762afe931278c-PRG
expires
Thu, 08 Sep 2022 03:11:11 GMT
prism-toolbar.min.css
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/toolbar/ 		1 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/toolbar/prism-toolbar.min.css
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60a9aa4e00309bcc6c2d95ae3a5a7f3e680dc8da36c3feff01f23d1ba5b0e471
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11551896
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
289
cf-request-id
09e7f011b40000412024367000000001
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a4-407"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0c%2FtxCuCe7zfrie%2BzuooRwgxTc29OQmjSH3GNV0mwOjaYPR5O7xML0lTZXneVVQKRzGsnH4diHj3SJpEoLhlMmB14l8BxjL%2BRHe%2FSSzpfTKtemUQ8fZdDbfcUC3U2r%2Bqe9GSbX9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690762afe933278c-PRG
expires
Thu, 08 Sep 2022 03:11:11 GMT
prism-line-numbers.min.css
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/line-numbers/ 		609 B
529 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/line-numbers/prism-line-numbers.min.css
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0244e08ecf5ea74636a7bb1320864cd9cc239d9b02d7c45a823025bb5c6fe50
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
542724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
201
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:55 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a3-261"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUoVvBV0RaBxELbtILqLiB5xBb6lvqJ6pj2sxTILc%2FwUNGGs4aqkZmylCFL0%2F3Km1By5ou9e678VXeWuptALt%2BPIgowMfdmLqPo4%2Bp%2F6LzPZWLaqsLYbPq7G0FL2P3PruWi9eJ98"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690762afe932278c-PRG
expires
Thu, 08 Sep 2022 03:11:11 GMT
BannerPublish-1.png
blog.zsec.uk/content/images/2017/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.zsec.uk/content/images/2017/10/BannerPublish-1.png
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c02fc68565112773536bdc781f6ec47a0bca8c0d41a3282da31bf28419aaac98
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/content/images/2017/10/BannerPublish-1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2140756
x-powered-by
Express
vary
Accept-Encoding
content-length
1637
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 16 Oct 2017 19:38:05 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"665-15f26b17738"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kq1IWoF8LEwKefviTtb72dhnMmNmVDKeF0XCVvz6k0iG4gbKlfdev06Ko2vl26QXATcgn2trB%2F1eokYee6MFYRXJcFjviKiYvHKceGyCU6MqV0lCDcW8y7qv4c34yqA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
690762afdff36933-FRA
xlONkAzIKdwrSMgWvpZ_ECkMjoQ.js
blog.zsec.uk/cdn-cgi/apps/body/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/cdn-cgi/apps/body/xlONkAzIKdwrSMgWvpZ_ECkMjoQ.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cdn-cgi/apps/head/8xhY0UhfM9OufCAxmohRtXJqMKk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bcb84674284a11fce9d961c76916f2b6da1dc14bcda6bbe21860dcd42425135
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/cdn-cgi/apps/body/xlONkAzIKdwrSMgWvpZ_ECkMjoQ.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
186118
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TNGBQ7Z2DX3651S8
x-amz-id-2
nhOBq8d+S4RQ6f84Bvb7pJrHlV1BPdDFpsagKvQxdreiJpKxmUBOjT6OfM3dqQZ2wYhyLOJNn+U=
last-modified
Wed, 15 Sep 2021 23:23:38 GMT
server
cloudflare
etag
W/"ed2c4d93990b58a5a36de23e7b5b77d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9XjGkxXpsxlQ8W5w%2Fj8aqy0l1MP3zjI7DvxIn6fG%2BskrJwo6ZPPoh0DoctaAoCP24Iph059BMw%2FjKTENrTyeZFbDHuvvneRkWMGb%2FPspOAglL3WTX1xpVdhZRxbbIk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
9QI.o1r0Yg7TgoFL.eP9FkJKVsTqefC7
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
690762afdff46933-FRA
truncated
/ 		298 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4489e89ae040fc7c1b4d6ec71d92638326dd36b0d3ca5e28900cbbf559acc73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
extra.js
blog.zsec.uk/assets/built/js/ 		213 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/js/extra.js?v=1d49490996
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
044edff8b3adbc435bf7e3de587d68fc195df36b2f067feb6daca1b0bd2431a8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/js/extra.js?v=1d49490996
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2158449
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"3548f-1784ce5cc5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Rh5HiZeTSG01ygcqB%2FKIgD%2Fhb6mbGFegh%2Fn2F1Ug%2Fi8UIY9Iv4oTfk2MVgCyhzghi%2Fzb5bZwJ%2BiPT5ks%2BuXvk1OTarTyWMVswFu701mi19J%2BqnEG1NwrpXBnt0auj4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=218255
cf-ray
690762b0081e6933-FRA
cf-bgj
minify
extra-post.js
blog.zsec.uk/assets/built/js/ 		331 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/js/extra-post.js?v=1d49490996
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1a661b4acb4f78106d9249b9b0b2f361101487e09581415d583568a4a3ce1946
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/js/extra-post.js?v=1d49490996
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9058145
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"52c1b-1784ce5cc62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDDxHlflJV%2FDNyARzmVjKAF3J2RJetUlqi%2B0Ru5fDDYzCmHGxt6vTGwS8slqY5gCzTO8x%2B%2B3BpaTX%2BQuGrXjYl17PcwBxlNn%2BCb%2BgySzejMk62nJcR9IDNSVujElXmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=338971
cf-ray
690762b008206933-FRA
cf-bgj
minify
main.js
blog.zsec.uk/assets/built/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/js/main.js?v=1d49490996
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
796c043363b34ed6558401863d5a6f62f75b958c4d16b03392b839d1db517922
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/js/main.js?v=1d49490996
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
793795
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"cd3-1784ce5cc5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7Fan4iYeYp1UAdRSC3uEZeQA1cTn6nMBf5ZMss6Imh444bo7p9CA2B%2FynTcTfeEvO9dakex%2BmX%2F9bS%2FWYibwI%2B2kgY3i41msFSb%2BC6sH4PHT7bkc1WEEw55DFMkOEw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=3283
cf-ray
690762b008236933-FRA
cf-bgj
minify
tocbot.min.js
cdnjs.cloudflare.com/ajax/libs/tocbot/4.12.2/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.12.2/tocbot.min.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23028739cb79ca98b9f6f2edf55051f7315eefbc864f46768ae50fb2e374486a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
217247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3215
timing-allow-origin
*
last-modified
Sat, 16 Jan 2021 03:24:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60025c79-2c6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5Mc61UK5smrow0OQ4KB3XQrYw%2BFBqkLso3HA%2FUxsN9cv%2BgxWyHJLiNxaj%2Bo1L%2BAxTQSsyDgkvuh%2BZASSg1hZptu34q4UWQ%2Br7KOqqy53dhoj5wHi2pNuAQhOolMuFuEJQ5on8hu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690762b0298a2794-PRG
expires
Thu, 08 Sep 2022 03:11:11 GMT
tocbot.css
cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/ 		565 B
972 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/tocbot.css
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
968682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
228
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fff-235"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvnAfwxzkRVp1IowUacG9e2IabeSGgm5MvQtbosdiKkCm2C4DOxdlW5oeo5S1vQAWP5ka%2BKMabFamHukhQaJ0CWy4nKTj29DkUQ%2BmqvQP%2FPqkepDfUNguwZy1L3FFEsb%2BwO2VawT"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690762b03d9e2790-PRG
expires
Thu, 08 Sep 2022 03:11:11 GMT
prism.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/prism.min.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2f7534931488bb7af4dd1c1f577aae2f473bbdd85690dc6abfb08f09385158
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7867109
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5720
cf-request-id
0ac39171f60000413255ac9000000001
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a5-414a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcDUs5YVIriQsIib3%2Bgo%2FmJy4XLUeV5DXbOfTKOgwcdGPdUu7Sxqx08qIg83pA2eb%2BFoWSD6nrqWX4FK1T2UOTb9LSNY2Qu8rxbss2V1r50kfPvbcLP5Fsa6%2B5ib8bzhrRyLMTF%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690762b0298d2794-PRG
expires
Thu, 08 Sep 2022 03:11:11 GMT
prism-autoloader.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/autoloader/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/autoloader/prism-autoloader.min.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df7430d25377aa8eed2d92f873bbc32c26a9454b3e80db5045a5483879383abb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1499936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1927
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:54 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a2-13c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U37YR7O5zTNKvWlNxTE%2FN91kmPHdedrTlhT491GrjlkzKa%2FsX1NELBv6WnwK4rXrW5cpvoYgjIzXzezMj9J2bjQLsJNelHh92SJzTLUac2YPQ65%2BiSJgeG5bnet7rUIj0Ovr6Hzm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690762b0298e2794-PRG
expires
Thu, 08 Sep 2022 03:11:11 GMT
prism-toolbar.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/toolbar/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/toolbar/prism-toolbar.min.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8fc875b3ccd7b41d8ea44dc295588f8883180430ed9147cbd452494d72bcb1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7953657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
601
cf-request-id
0abe68d532000041379815f000000001
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:54 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a2-6d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOFKJ%2FPBB4Ej8%2Bj5H6dIKO97u%2FUkGQ9VoKm%2FGZ0tlKxMVxzWjXaSSXVNnfvZ7D%2BxVarDbdVvyxnBKqqAoDLjMcbs%2Fg781y7eLPVCKxpUPGA8uBqRQPiIKD52vF6yh8CzGmxyhlFH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690762b0298b2794-PRG
expires
Thu, 08 Sep 2022 03:11:11 GMT
prism-copy-to-clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/copy-to-clipboard/ 		977 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/copy-to-clipboard/prism-copy-to-clipboard.min.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daba7813f24af897ca353ee89f5965dcfd3190fc685deac73c94a2c3c793da96
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
716920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
427
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:54 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a2-3d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvnSlBc8ACU01fx4b6QubsPsqVdZcXjY4V%2BT1PjJFIAYBFxGjzOVb1i%2BExvK8jMvbVvHQV%2F%2Bci86SiGqaO9ldiY8hK8NZnKLUKzu0qbhuhFGCmpmb3o9Otdsf7j7DscELPNv3CUS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690762b0298c2794-PRG
expires
Thu, 08 Sep 2022 03:11:11 GMT
prism-line-numbers.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/line-numbers/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/line-numbers/prism-line-numbers.min.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d648907a22eb30d672c1f88ab0934769f53da34a7e5b4732d72421355663885
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1510643
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
938
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:54 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a2-a1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2g7I0ZpjvVAON%2BgBN6ofrmqMlOiBmpBRx9Hzz6PcFhhtB1FlyUEkIXRPnDS5B2j0Gn6pm41WvSqLU0SEgRhPnJQmFBGlTJO2oJRcCKcNBSCTeUwUntBITnf4Y%2FUX8npY7mlp%2Bn%2Bn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690762b0298f2794-PRG
expires
Thu, 08 Sep 2022 03:11:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5360859507810376
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
18cbb9f1e279a3f921dd8cb81817f3abd37e24f3f153f1ad07692da548dda2b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49006
x-xss-protection
0
server
cafe
etag
16004008392987470511
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Sep 2021 03:11:11 GMT
dQw4w9WgXcQ
www.youtube.com/embed/ Frame 449E 		56 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/dQw4w9WgXcQ?feature=oembed
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 18 Sep 2021 03:11:11 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=YkEYpHzpo6U; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=2Yi_dprRIq8; Domain=.youtube.com; Expires=Thu, 17-Mar-2022 03:11:11 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rocket-loader.min.js
blog.zsec.uk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
last-modified
Fri, 17 Sep 2021 09:29:40 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"61446004-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3pbYp1OkQfdDQ%2BcedLuG5fGMu84ZYR1vcKwQUdOIxpvFeCdmlLFEtITWxWAtqMLAqxA4BJhOr%2FZKmCJbWPjoqhyWzcfkzVd7vLh4LGaeDvGPWw8Qd8CSBMz19zXlaY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
690762b0182b6933-FRA
expires
Mon, 20 Sep 2021 03:11:11 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 15:43:35 GMT
server
cloudflare
etag
W/2021.8.2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
690762b05d2c27a0-PRG
fa-solid-900.woff2
blog.zsec.uk/assets/built/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/webfonts/fa-solid-900.woff2
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/assets/built/css/extra.css?v=1d49490996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/webfonts/fa-solid-900.woff2
pragma
no-cache
origin
https://blog.zsec.uk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/assets/built/css/extra.css?v=1d49490996
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/assets/built/css/extra.css?v=1d49490996
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2158449
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
75440
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"126b0-1784ce5cc4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QZ%2F5IpaRtZP7Ee1SR8t0LUTFd7DcPK4Go0sjXUgtr1TSVqy8JZZowTVIjYjjLD3aL4PPhxnQOuvmn4PX0l0PtPyCLRvCfmrNR77WPsR%2BL%2BcysRUitlXtS2WwPAdTs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://blog.zsec.uk
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
690762b028496933-FRA
fa-regular-400.woff2
blog.zsec.uk/assets/built/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/webfonts/fa-regular-400.woff2
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/assets/built/css/extra.css?v=1d49490996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/webfonts/fa-regular-400.woff2
pragma
no-cache
origin
https://blog.zsec.uk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/assets/built/css/extra.css?v=1d49490996
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/assets/built/css/extra.css?v=1d49490996
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9507143
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13580
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"350c-1784ce5cc52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fX2CvPFi08m%2BJnMCr58yFWu5UpE8cJjsqwO%2FZH4n3ceXMwNHQ8feIqlrRpJtvWdlJL6uJWqCsLGhhU3i1UtEVvIZv4b1gEsm3Du3XwfaInMNdwwAxdQw6Wa4McbZJNI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://blog.zsec.uk
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
690762b0284a6933-FRA
fa-brands-400.woff2
blog.zsec.uk/assets/built/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/webfonts/fa-brands-400.woff2
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/assets/built/css/extra.css?v=1d49490996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/webfonts/fa-brands-400.woff2
pragma
no-cache
origin
https://blog.zsec.uk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/assets/built/css/extra.css?v=1d49490996
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/assets/built/css/extra.css?v=1d49490996
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9507142
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
74508
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"1230c-1784ce5cc56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3ZFDVZGCeD2CNQ01KGb6T9AB553ztRcTCbAuNHApenNFdnNU8P5KaIM%2FtO3VTl1bq29%2BMcMR9GBqMEjyun%2FOtv3r8IsP38TL0QtM4ABdJofUnamcK1rTF3vxC4bpvs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://blog.zsec.uk
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
690762b0284b6933-FRA
truncated
/ 		8 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d5d9b6b469780ffcd3a780def54a65e3f59f6ae684142855bf7d269398961c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v40/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,600|Oswald:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 04:47:28 GMT
x-content-type-options
nosniff
age
426223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24080
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:47 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 04:47:28 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,600|Oswald:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:18:36 GMT
x-content-type-options
nosniff
age
222755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 13:18:36 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,600|Oswald:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:17:51 GMT
x-content-type-options
nosniff
age
341600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 04:17:51 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,600|Oswald:400,700|Montserrat:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 22:28:30 GMT
x-content-type-options
nosniff
age
189761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 22:28:30 GMT
image-26.png
blog.zsec.uk/content/images/size/w1000/2020/07/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.zsec.uk/content/images/size/w1000/2020/07/image-26.png
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
57b03761fa62bc47729e45de0d85d2597691a68cfbf3c306038dfe93365d7f0d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/content/images/size/w1000/2020/07/image-26.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262281
x-powered-by
Express
vary
Accept-Encoding
content-length
68825
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 18 Jul 2020 10:22:41 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"10cd9-17361728243"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tqdBayPUy08IudRd7Bq4du5KHDJect6W2bzO2uVQfZ%2BAkJCPimSaBtIRZ2ACB9%2BzTreqHOD2SvRt4c2wqK4I5mp0qUc%2FbK838NbOvgK70GCpq7fQxI%2BK7cIXZ2UeUo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
690762b088ca6933-FRA
image-46.png
blog.zsec.uk/content/images/2020/07/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.zsec.uk/content/images/2020/07/image-46.png
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0af8def86e50f37bcd9042ae5bc274bb19417df6f41636317b2945f15543cf11
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/content/images/2020/07/image-46.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
vary
Accept-Encoding
content-length
49528
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 19 Jul 2020 23:52:35 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"c178-173697e5bcd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuwEuu%2BR3ORnrvzHwzVrw%2Brq1gZXmtyhZRkVtegpgl3j1U9%2FJOoiIi%2Blce1otuEPgX2n6P8T2IYawFO9mPgeM2xjEzlsmzIkYpItLhebjePKJJFI5mFzHp3dcmgXV58%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
690762b088cc6933-FRA
image-47.png
blog.zsec.uk/content/images/2020/07/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.zsec.uk/content/images/2020/07/image-47.png
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9bc018da8df1b9da37b998f4eab3857d0784a7528c231891cdc400e7b045ddb4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/content/images/2020/07/image-47.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
407877
x-powered-by
Express
vary
Accept-Encoding
content-length
16260
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 19 Jul 2020 23:52:51 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"3f84-173697e9911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4dQ2h5nj%2FDbcspcnHm2nXk%2B9XdjGIsOUm3UeMktI085yAzISUjxDobn71Lmehc7eHE56EnlQ%2BKFTvBQ5jEpuWDLxq0RVZLW9yt7hPLv9QmUQeleLps9KecBZpsDHpo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
690762b088cd6933-FRA
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1151
date
Sat, 18 Sep 2021 02:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 18 Sep 2021 04:52:00 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/copy-to-clipboard/prism-copy-to-clipboard.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1172652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2905
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-29a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yc25VI51%2FsUVOjbu5q65HO9hNBWEhzgEnaFRLqKhnN%2FFnS0phM5lnQriajZYQBNZnYcAcBf2dmLbd3wzSdeE6PxG1XaAFfnXX9HThlaOO9pCCdFsdKSYzYcUXeBMWiKfz4wmD6d2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690762b1be422790-PRG
expires
Thu, 08 Sep 2022 03:11:11 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 03:11:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/6762)
Age
1040
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28872
/
js.stripe.com/v3/ 		252 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b9862c91e2742469cc312245e954ac34453a0b987b0bf08751708cb2994d3f2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:07 GMT
content-encoding
gzip
vary
Accept-Encoding
age
5
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
4JG0HX5KQMMM4R1W
x-amz-id-2
tsppwBF/RbwQ9NwGIuor4gVSBAZQrXdN/ldi0u7QTMe0wuA2kCG5yRFa3VvMg/s73af23LHkUEs=
last-modified
Fri, 17 Sep 2021 22:34:00 GMT
server
AmazonS3
etag
W/"6fb68e6561c400eafa63f7b66571b087"
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
FRA2-C1
timing-allow-origin
*
x-amz-cf-id
09lqVzdFtBOL5OUtlkLaQBVjVsW21Vv0FbweNp4pTkxWOH8FwdAngA==
portal.min.js
unpkg.com/@tryghost/portal@1.4.7/umd/
Redirect Chain
  • https://unpkg.com/@tryghost/portal@~1.4.0/umd/portal.min.js
  • https://unpkg.com/@tryghost/portal@1.4.7/umd/portal.min.js
323 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@tryghost/portal@1.4.7/umd/portal.min.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb203da91b3fee59f83138992e73681d4c74baa97fbabe103a81185edcb105f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
9396017
fly-request-id
01F73DE09SD8RWNST4D6MCMF72
content-encoding
br
vary
Accept-Encoding
last-modified
Tue, 01 Jun 2021 09:07:26 GMT
server
cloudflare
etag
W/"50aae-Brn8Q0FAczlj/lNbFW0j4tH+IuE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
690762b25f8d4138-PRG

Redirect headers

date
Sat, 18 Sep 2021 03:11:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
EXPIRED
fly-request-id
01FFVE5TSZNME0VTKQACBZ6G84
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/@tryghost/portal@1.4.7/umd/portal.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
690762b1ef4e4138-PRG
truncated
/ 		928 B
928 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c1e9899ade0fb1704299ad5e021e55601a11e37669f77fa395be0817b1c795f

Request headers

Referer
Origin
https://blog.zsec.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 		253 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5360859507810376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
0e932077700b08707120f8b3243472af89cb67c44f3cd2e9b073be8f3939dd69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95713
x-xss-protection
0
server
cafe
etag
14022606753207139456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 18 Sep 2021 03:11:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/ Frame 284E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5360859507810376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210915/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 17 Sep 2021 12:36:30 GMT
expires
Fri, 01 Oct 2021 12:36:30 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
52481
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dQw4w9WgXcQ
www.youtube.com/embed/ Frame 9B80 		56 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/assets/built/js/extra.js?v=1d49490996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
6bd3914bbbab0d69e9057b0d1857fb30e65b52bd12221d2d55dff05a0b522cd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/dQw4w9WgXcQ?feature=oembed
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
accept-encoding
gzip, deflate, br
cookie
YSC=YkEYpHzpo6U; VISITOR_INFO1_LIVE=2Yi_dprRIq8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 18 Sep 2021 03:11:11 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=962390834&t=pageview&_s=1&dl=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&ul=en-us&de=UTF-8&dt=HoneyPoC%3A%20The%20fallout%20data%20after%20I%20trolled%20the%20Internet...%20%7C%20ZeroSec%20-%20Adventures%20In%20Information%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2052890270&gjid=758570460&cid=606024588.1631934672&tid=UA-81202681-1&_gid=73659574.1631934672&_r=1&_slc=1&z=1407987055
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Sep 2021 03:11:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.zsec.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		197 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=blog.zsec.uk&callback=_gfp_s_&client=ca-pub-5360859507810376
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
bfae4355233e8bd2b027dfbe86753711ce42c666271782b8115e2b9bab4e0a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
188
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&tn=CLOUDFLARE-APP&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Sep 2021 03:11:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=blog.zsec.uk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=blog.zsec.uk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F64C 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5360859507810376&output=html&adk=1812271804&adf=3025194257&lmt=1631934671&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631934671687&bpp=2&bdt=402&idt=78&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=691838561888&frm=20&pv=2&ga_vid=606024588.1631934672&ga_sid=1631934672&ga_hid=962390834&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2615838258392996&pem=166&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=99
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5360859507810376&output=html&adk=1812271804&adf=3025194257&lmt=1631934671&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631934671687&bpp=2&bdt=402&idt=78&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=691838561888&frm=20&pv=2&ga_vid=606024588.1631934672&ga_sid=1631934672&ga_hid=962390834&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2615838258392996&pem=166&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=99
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 18 Sep 2021 03:11:11 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 18-Sep-2021 03:26:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1631879122047051"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 18 Sep 2021 03:11:11 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-81202681-1&cid=606024588.1631934672&jid=2052890270&gjid=758570460&_gid=73659574.1631934672&_u=IEBAAEAAAAAAAC~&z=1525059354
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 18 Sep 2021 03:11:11 GMT
content-type
text/plain
access-control-allow-origin
https://blog.zsec.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-81202681-1&cid=606024588.1631934672&jid=2052890270&_u=IEBAAEAAAAAAAC~&z=560978093
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cve-2020-1350-honeypoc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Sep 2021 03:11:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player-webp.css
www.youtube.com/s/player/d7a19ed1/ Frame 9B80 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 01:42:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
5301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46352
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 18 Sep 2022 01:42:50 GMT
www-embed-player.js
www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/ Frame 9B80 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
101222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67291
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Sep 2022 23:04:09 GMT
base.js
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 9B80 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:06:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
101088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
516948
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Sep 2022 23:06:23 GMT
fetch-polyfill.js
www.youtube.com/s/player/d7a19ed1/fetch-polyfill.vflset/ Frame 9B80 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 13:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
48248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 17 Sep 2022 13:47:03 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B80 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 09:07:47 GMT
x-content-type-options
nosniff
age
324204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 09:07:47 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 9B80 		113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
b5b7d050767fda9c2d6bc93f2c6a7a386dcdda6573694dad9ee21e0545d64b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 9B80 		29 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 02:57:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
794
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sat, 18 Sep 2021 03:12:58 GMT
remote.js
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 9B80 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
00e293a8e025b96124111cfe5aec205d29e63d148cd8715fd0dfc9ea4cdcdda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:06:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
101089
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29920
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Sep 2022 23:06:23 GMT
yw_eCSGMjhPjDv0AeozivP1osuGalgpkOu_Nl1-Qc2c.js
www.google.com/js/th/ Frame 9B80 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/yw_eCSGMjhPjDv0AeozivP1osuGalgpkOu_Nl1-Qc2c.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
sffe /
Resource Hash
cb0fde09218c8e13e30efd007a8ce2bcfd68b2e19a960a643aefcd975f907367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 16:15:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
39324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13377
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 13:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 17 Sep 2022 16:15:48 GMT
embed.js
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 9B80 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
100503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7340
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:16:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Sep 2022 23:16:09 GMT
truncated
/ Frame 9B80 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
Si7ZhtmpX84wj6MoJYLs8kwALw2Hm53wzbrPamoU-z3qvCKs2X3zPNYKMSJEvPDLUHzbvTfLcg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 9B80 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/Si7ZhtmpX84wj6MoJYLs8kwALw2Hm53wzbrPamoU-z3qvCKs2X3zPNYKMSJEvPDLUHzbvTfLcg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
f5705be943f978fb4fc651b3a38163760e3ac92117e4f7b752b7bf1c68ebe188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 23:47:28 GMT
x-content-type-options
nosniff
age
12224
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1983
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 06 Sep 2021 18:02:57 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/dQw4w9WgXcQ/ Frame 9B80 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/dQw4w9WgXcQ/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f22.1e100.net
Software
sffe /
Resource Hash
f27791bfdf1ed2b810f77a1cdd427034fc23cd5d12517c729de3e446dcc77c4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:07:40 GMT
x-content-type-options
nosniff
age
212
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30034
x-xss-protection
0
server
sffe
etag
"1631784323"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=300
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 18 Sep 2021 03:12:40 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 9B80 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview"
expires
Sat, 18 Sep 2021 03:11:12 GMT
generate_204
www.youtube.com/ Frame 9B80 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?GYXh7A
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/92/ Frame 9B80 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/92/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 06:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15330
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 15:08:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 18 Sep 2021 06:39:58 GMT
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 5846 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fblog.zsec.uk
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
364297
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Sep 2021 03:11:12 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
/
blog.zsec.uk/members/api/site/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/members/api/site/
Requested by
Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.4.0/umd/portal.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
50920d8441a24f9ef9420f3b3fafc9cf5ce7283c8150c2548e607c49e9ed0c48
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
_ga=GA1.2.606024588.1631934672; _gid=GA1.2.73659574.1631934672; _gat=1; __gads=ID=0cbae6c71214e69f-224e104937c900e8:T=1631934671:RT=1631934671:S=ALNI_Mal_ouYN0cuA3fU-iTEpbFy1xd-lg
:path
/members/api/site/
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 18 Sep 2021 03:11:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
cloudflare
x-frame-options
DENY
etag
W/"663-U071HD8VlVzGuwQSwdz+SHCpOmw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tz7Ql075PlRPOU0JKhV3da%2B7YEy%2BK2ZvIOJCBwAmaI3oR9JHswQCP9Bx95d2lAKqlGoKna3Tg30imEt4I%2F3DWC%2Bsp8T0fULXONdaDLtDG2oBb6LBK%2F4QnyQ9ZmV0tdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cf-ray
690762b59e356933-FRA
/
blog.zsec.uk/members/api/member/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/members/api/member/
Requested by
Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.4.0/umd/portal.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/members/api/member/
pragma
no-cache
cookie
_ga=GA1.2.606024588.1631934672; _gid=GA1.2.73659574.1631934672; _gat=1; __gads=ID=0cbae6c71214e69f-224e104937c900e8:T=1631934671:RT=1631934671:S=ALNI_Mal_ouYN0cuA3fU-iTEpbFy1xd-lg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:12 GMT
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6LvoQr614SZmHM3hlls%2BWv%2BoYt59ARYtRZZBU3Wob%2FDM1GlpgQmXwWddp1OwNIBXcHZsKmZWt0S5HuSt6I5cOAncyZV8b58OU1il2Ekt3MD%2FQrxv2GjTgU3nJiJH1k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
690762b59e366933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
m-outer-9475bd26486e6119b23924eebd3d561a.html
js.stripe.com/v3/ Frame 7C6A 		215 B
944 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/

Response headers

content-type
text/html; charset=utf-8
content-length
215
x-amz-id-2
ay5jsEeYCN8RcAW+FwYUFPua0k+16nIu5J9BU9uUET7rPTLAbOrPtWl1vV81u6k/tjK4Zftdo2k=
x-amz-request-id
RTENWWX1V93NB3PE
last-modified
Wed, 01 Sep 2021 21:34:43 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date
Sat, 18 Sep 2021 03:10:14 GMT
cache-control
max-age=60
etag
"9475bd26486e6119b23924eebd3d561a"
x-cache
Hit from cloudfront
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ZmddP6h27dgwgRj3v0voY6L4O4ZXRbI1J02SxHPxtsrsSLTa9lufBw==
age
59
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210915&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
5d4d97b1aa88aa1c1fd9747a77f8438ee1f788d91e27dcd3b77ec07ddfbb49c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Sep 2021 03:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8565
x-xss-protection
0
rum
blog.zsec.uk/cdn-cgi/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://blog.zsec.uk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
_ga=GA1.2.606024588.1631934672; _gid=GA1.2.73659574.1631934672; _gat=1; __gads=ID=0cbae6c71214e69f-224e104937c900e8:T=1631934671:RT=1631934671:S=ALNI_Mal_ouYN0cuA3fU-iTEpbFy1xd-lg
content-length
1385
:path
/cdn-cgi/rum?
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json

Response headers

date
Sat, 18 Sep 2021 03:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://blog.zsec.uk
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
690762b5be536933-FRA
vary
Origin
settings
syndication.twitter.com/ Frame 5846 		232 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=47c32cd6c3225c83a4064fe9cd6692d653bd59dd
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fblog.zsec.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:12 GMT
content-encoding
gzip
last-modified
Sat, 18 Sep 2021 03:11:12 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
307bf6c8dbf22c901c3bbce5c6073b6c4cef1652aba9c29d716fe4d14111a3dd
content-length
166
m-outer-f045e3b6b64aa0e635a6cabefc84daae.js
js.stripe.com/v3/fingerprinted/js/ Frame 7C6A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:10:37 GMT
content-encoding
gzip
vary
Accept-Encoding
age
36
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
WBVZPD7CJRCAKK5E
x-amz-id-2
elBqWZ1OekxhHF6V6SM4Fwix2936cpmUDbBaCvbCa43kvY2KcgttJ/fxQ9btOrDSRiYwXBXe88Y=
last-modified
Wed, 01 Sep 2021 21:34:46 GMT
server
AmazonS3
etag
W/"01f873d478053c6a0368329ea08f7a10"
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
FRA2-C1
timing-allow-origin
*
x-amz-cf-id
67EstZwfQjEoWgC1d8MahaM6YoH3BjwgsFKUpKVKZbtezx26W7vqRQ==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 03:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 18 Sep 2021 03:11:12 GMT
inner.html
m.stripe.network/ Frame C168 		932 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

server
nginx
content-type
text/html; charset=utf-8
last-modified
Thu, 16 Sep 2021 08:41:34 GMT
etag
W/"6143033e-3a4"
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
public, max-age=300
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Sat, 18 Sep 2021 03:11:12 GMT
age
21
x-served-by
cache-sea4447-SEA, cache-fra19132-FRA
x-cache
HIT, HIT
x-cache-hits
3, 10
x-timer
S1631934672.372806,VS0,VE0
vary
Accept-Encoding
content-length
537
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3745 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 17 Sep 2021 16:46:43 GMT
expires
Sat, 17 Sep 2022 16:46:43 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
37469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A3E3 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
551602f7d417393dee7ab3c9ff79ca9a5947fa492387993a756295f0ad5c9bb8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-maMtlb74OchU1X7ginybcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 18 Sep 2021 03:11:12 GMT
date
Sat, 18 Sep 2021 03:11:12 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-maMtlb74OchU1X7ginybcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
out-4.5.40.js
m.stripe.network/ Frame C168 		85 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.40.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"6143033e-154bc"
age
250
x-cache
HIT, HIT
content-length
18452
x-served-by
cache-sea4424-SEA, cache-fra19132-FRA
last-modified
Thu, 16 Sep 2021 08:41:34 GMT
server
nginx
x-timer
S1631934672.394776,VS0,VE0
date
Sat, 18 Sep 2021 03:11:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 91
sodar
pagead2.googlesyndication.com/pagead/ Frame A3E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210915&jk=2615838258392996&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
6
m.stripe.com/ Frame C168 		156 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.21.246 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-21-246.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d89bc43ee1ea0f5484a5e28c3c3c5839c07355fc69be8d4a7b5d3f28baab9301
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Sep 2021 03:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
horizon_tweet.0c307910a3b82b535f15af7aa5102a10.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.0c307910a3b82b535f15af7aa5102a10.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
bfe1c96d2b61be1e17839f9e3d734ba10701c7be4a38faff1a63f4aedc3d31de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 03:11:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:33:39 GMT
Server
ECS (frb/67D3)
Age
364298
Etag
"4985a73adee036c4a8fe64d49af6033a+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2443
YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js
pagead2.googlesyndication.com/bg/ Frame 3745 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 15:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
41338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13243
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 17 Sep 2022 15:42:14 GMT
Tweet.html
platform.twitter.com/embed/ Frame 8B8A 		487 B
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
fb945ebbec373fc6874ae979c49ef1e5ceb036f999f57f2c62f23470d0106d50

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1128
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Sep 2021 03:11:12 GMT
Etag
"24156a179a1bb41c7fa158bccbd4ba1c"
Last-Modified
Mon, 13 Sep 2021 21:58:35 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
embed.runtime.46cb517d8fc1d7c7990f.js
platform.twitter.com/embed/ Frame 8B8A 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.46cb517d8fc1d7c7990f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
68cb22eeada6da0107da7828b0de8db34f6eceb449fbb079d719c146164ab947

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 03:11:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 21:58:29 GMT
Server
ECS (frb/6796)
Age
364297
Etag
"86f82fbda1a280a9369cd2fb430d6e67+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3550
embed.modules.3b04bfe3371598999823.js
platform.twitter.com/embed/ Frame 8B8A 		513 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.3b04bfe3371598999823.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
ee1d853a3f0f6ec8655c56c1ef060709131a77ed1a1896fb1c7327433417be24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 03:11:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 21:58:34 GMT
Server
ECS (frb/67A7)
Age
364297
Etag
"dab78d98532bdc1925b3a9fbbc2b6103+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
164769
embed.i18n.28f6d473b087998f7917.js
platform.twitter.com/embed/ Frame 8B8A 		146 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.28f6d473b087998f7917.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
ef463dc4400b77b295460ed661ef77b24e420b82b5d5c613f6afa23de1cba444

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 03:11:12 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Mon, 13 Sep 2021 21:58:29 GMT
Server
ECS (frb/67AA)
Age
364297
Etag
"91e77079d645084eb1a5e19814e64f61"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.1196d8a9c495b27853db.js
platform.twitter.com/embed/ Frame 8B8A 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.1196d8a9c495b27853db.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
f8b409782883bf59fbbb55c76fdb402591441eb13b42264a57efa65a5a4158ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 03:11:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 21:58:29 GMT
Server
ECS (frb/6796)
Age
364297
Etag
"49c787cffe912fe06d8531a62e0a3b37+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5726
embed.vendors~ondemand.horizon-web.en-js.60847aef3cd2d92fa581.js
platform.twitter.com/embed/ Frame 8B8A 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.60847aef3cd2d92fa581.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.46cb517d8fc1d7c7990f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) /
Resource Hash
1a09763158fa1dd846d425bec6eb6a6c181fab91076281b00a1abe0bac9107f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 03:11:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 21:58:30 GMT
Server
ECS (frb/675D)
Age
364298
Etag
"ed9e41f7240f96db3c98924635a3b5bd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
8783
embed.ondemand.i18n.en-js.8f41b8dc12f7544a2fc8.js
platform.twitter.com/embed/ Frame 8B8A 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.8f41b8dc12f7544a2fc8.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.46cb517d8fc1d7c7990f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
2a46e6d23e7589261bafc7a2f846e0fc7a7240c1dca2f7a94632e1db39a02ca2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 03:11:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 21:58:29 GMT
Server
ECS (frb/67D5)
Age
364298
Etag
"9ef2826375ff0324a15417e630138bd2+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2088
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.0b2cb4b94d641352e854.js
platform.twitter.com/embed/ Frame 8B8A 		139 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.0b2cb4b94d641352e854.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.46cb517d8fc1d7c7990f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
63097abe81597c090e58ca736089f7b1ca03982148429b6ca59ba9506413c221

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 03:11:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 21:58:32 GMT
Server
ECS (frb/6796)
Age
364298
Etag
"e48198227c2b9edcab23f4ddac11f1ae+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
38938
embed.vendors~ondemand.Tweet.b99020d3a43bb6fed741.js
platform.twitter.com/embed/ Frame 8B8A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.b99020d3a43bb6fed741.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.46cb517d8fc1d7c7990f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
ab8ce407dbde131da92f9b1f2bbb884c995efb49ba61b8d26ac03aed2b2b970f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 03:11:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 21:58:29 GMT
Server
ECS (frb/67D5)
Age
364298
Etag
"dce867877efe4149447b9d1353ebcc42+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5872
embed.ondemand.Tweet.6b7fb8e1466f07338f06.js
platform.twitter.com/embed/ Frame 8B8A 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.6b7fb8e1466f07338f06.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.46cb517d8fc1d7c7990f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
756e0e661c9311090f9f596a8c21ca34d8fe1265e6ddf6bec9afca292075a350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=ZephrFish&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1284462386053865472&lang=en&origin=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&sessionId=47c32cd6c3225c83a4064fe9cd6692d653bd59dd&siteScreenName=ZephrFish&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 18 Sep 2021 03:11:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 21:58:30 GMT
Server
ECS (frb/668D)
Age
364297
Etag
"4c75157123229d0503c61667d812891e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
12871
tweet
cdn.syndication.twimg.com/ Frame 8B8A 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1284462386053865472&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.3b04bfe3371598999823.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
383576f16a9b11bf23ca3df7a5357f7765a9842fb9f9a31bcaca3e2faf28b01c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src https://abs.twimg.com; script-src https://abs.twimg.com about:; style-src https://abs.twimg.com 'unsafe-inline'; font-src https://abs.twimg.com https://twitter.com; connect-src 'none'; object-src 'none'; media-src 'none'; frame-src 'none'; report-uri https://twitter.com/i/csp_report?a=ORTGK%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src 'none'; img-src https://abs.twimg.com; script-src https://abs.twimg.com about:; style-src https://abs.twimg.com 'unsafe-inline'; font-src https://abs.twimg.com https://twitter.com; connect-src 'none'; object-src 'none'; media-src 'none'; frame-src 'none'; report-uri https://twitter.com/i/csp_report?a=ORTGK%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"16-LGRtdrPlUULfESdbhaic1Iw99do"
x-powered-by
Express
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
content-length
1723
x-xss-protection
0
server
tsa_f
x-frame-options
SAMEORIGIN
date
Sat, 18 Sep 2021 03:11:12 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
text/html;charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=1
access-control-allow-credentials
true
x-connection-hash
3bc5301c41384ea6e02e304af55ba41824f4365f73a339966569ac92d48fa21f
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210915&jk=2615838258392996&bg=!GxilGFzNAAaUnz4elJ87ACkAdvg8WrVMqzn8SK6Vrw5_4kQMJ2fN-8wgK-715HkbROY5w28-lDIC8gIAAACgUgAAAAxoAQcKANMx9FtCnzzt5RvsSUz99kg0GPA9fqdlXk6laUz352iS3R37g2Gu5UiJoLb1u2gdUisQ6y7zw12c099pcuHYCiMv3fVNqbSv2AQsaQTG2AHhsPyvgUHYM2RbD-GRRCBDzRL3b8skJ_sI98MuAr5YEg4jk6GE5SnXfVvOO2K8PSBeY1e0vuIzbk-qA3060HxopsYmn56Khnepkkr84HoVMvn2XDU9kr0qkROzoGgvZHYsX2He2FLsVbv12h-Vm1SkvSuso9k6hJkP0h_ICk47bLh1Ve-NmQJwKuFD6SiDRpp4Oxp3P0Vs3DwYqxkWv3xWhkFaQDj1u0p4aajFdqpvBtq3wUnDbbBXQAdDzbeDmmROfGMCpzx0YpFUpwvjyrFGWP47fCRaj0gVPB7XkUHuCJx_DaW0DYGpCM57tgwHroQeAwvzIgA_Ti-MkaXOTjdOWOzKM9abmIMBntmsYjYiunlW1HACvh2-uD3VOEBmTK92vFVbV7czlvSXBBu8BHhqcOtU-Asorpu1slYG93Li_Kel6nQqjGKafD5XBvT_cwV1OTE0KIyqXuzBsIEvDZpyXRY9JU0Y5gUZmc1G5MTvNyrZA67WMtp9Bg-SwkbVwWg8UprxSYbNzPltHH0XDoC-0PsabN_FbFr6rHqorYyAuDYbxZ8o9kw9E5Z5Gy6J7Dm-ICFsxvJ6PQsTQsP9RtiBzKlMoTXJzONm4fhezN4cHnTBXmFuYXvUOlRN6JwjoBXWc3D6wYZKIhsdgN1CmXn6UefdR9Vs96RxNIHHiKyZLE2W3K5J5yyEqLszTaJf9BEAczq6vZE9AcFSLW45yyDEmrXaGlvF-SGGPT2LMLhmcxG8P4aXXMpiqZt-uQZ9hOS9RT5MRxafP5Tcer6Fm_zmHkEm5T6_QmZ1NhOrN8UsuTHDZdlbYySbBssIkfi4EeN8HJcxhX2_oDqfsFnBTPOhu03uoGAMPGrtUNU-fx2lx9VO9K-XH5VOBvQ2vUPrPPTdCcJbuFWnv5qmBRmGAskUd1bF6WWf7WhQ1zgbWNOu9zF7qS4aYuu6eB-FktKPVnDCgcRBApZwJgXRi4wdyOY_RO7dKe_LqzsOjrPlx6pZk9zaZPDn0NEn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://blog.zsec.uk/cve-2020-1350-honeypoc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
jot
syndication.twitter.com/i/ Frame 8B8A 		0
0
log_event
www.youtube.com/youtubei/v1/ Frame 9B80 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/dQw4w9WgXcQ?feature=oembed
X-YouTube-Client-Version
1.20210915.1.2
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgsyWWlfZHByUklxOCjPsZWKBg%3D%3D
X-YouTube-Ad-Signals
dt=1631934671940&flash=0&frm=2&u_tz&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1100%2C618&vis=1&wgl=true&ca_type=image&bid=ANyPxKohgaAf-07EyVPdLcTQZb2gVmpl2FvLELLSrr7MV8K_vmLYHPOzDDrtkhO04WikHmZ7hiQNBn7P102CAhot7gEDa0IGww

Response headers

date
Sat, 18 Sep 2021 03:11:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
syndication.twitter.com
URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1631934672948%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22no-results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22ZephrFish%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22ZephrFish%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%225f6722ab3f792%3A1631570296139%22%2C%22item_ids%22%3A%5B%221284462386053865472%22%5D%2C%22item_details%22%3A%7B%221284462386053865472%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: YkEYpHzpo6U
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 2Yi_dprRIq8
.zsec.uk/ Name: _ga
Value: GA1.2.606024588.1631934672
.zsec.uk/ Name: _gid
Value: GA1.2.73659574.1631934672
.zsec.uk/ Name: _gat
Value: 1
.zsec.uk/ Name: __gads
Value: ID=0cbae6c71214e69f-224e104937c900e8:T=1631934671:RT=1631934671:S=ALNI_Mal_ouYN0cuA3fU-iTEpbFy1xd-lg
.doubleclick.net/ Name: IDE
Value: AHWqTUnO0OS8BRMKRI_giRvcIglgJ__mNBH6TAnme-YIGoMeo0hvKY_cnJahAbT4
m.stripe.com/ Name: m
Value: 7ce219a4-e0f2-428c-980c-681673a4caed32658e
.blog.zsec.uk/ Name: __stripe_mid
Value: 9dddef6d-5c7f-4510-9734-642927d036ffe21bff
.blog.zsec.uk/ Name: __stripe_sid
Value: 28eb934d-5576-4390-814c-afb02fa5c460d249a0

2 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5360859507810376&output=html&adk=1812271804&adf=3025194257&lmt=1631934671&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fblog.zsec.uk%2Fcve-2020-1350-honeypoc%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631934671687&bpp=2&bdt=402&idt=78&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=691838561888&frm=20&pv=2&ga_vid=606024588.1631934672&ga_sid=1631934672&ga_hid=962390834&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2615838258392996&pem=166&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=99
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1284462386053865472&lang=en
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
blog.zsec.uk
cdn.syndication.twimg.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
js.stripe.com
m.stripe.com
m.stripe.network
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
static.cloudflareinsights.com
static.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
syndication.twitter.com
104.16.123.175
104.16.19.94
104.16.95.65
104.244.42.72
13.224.193.79
142.250.181.226
142.250.185.130
142.250.185.193
142.250.185.206
142.250.185.225
142.250.185.226
142.250.185.68
142.250.185.99
142.250.186.118
142.250.186.134
142.250.186.170
142.250.186.66
142.250.186.78
142.250.186.99
142.251.5.154
151.101.192.176
172.217.18.98
172.217.23.98
172.67.139.154
192.229.233.25
192.229.233.50
35.165.21.246
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00e293a8e025b96124111cfe5aec205d29e63d148cd8715fd0dfc9ea4cdcdda8
044edff8b3adbc435bf7e3de587d68fc195df36b2f067feb6daca1b0bd2431a8
0af8def86e50f37bcd9042ae5bc274bb19417df6f41636317b2945f15543cf11
0d5d9b6b469780ffcd3a780def54a65e3f59f6ae684142855bf7d269398961c6
0e932077700b08707120f8b3243472af89cb67c44f3cd2e9b073be8f3939dd69
13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00
18cbb9f1e279a3f921dd8cb81817f3abd37e24f3f153f1ad07692da548dda2b9
1a09763158fa1dd846d425bec6eb6a6c181fab91076281b00a1abe0bac9107f5
1a661b4acb4f78106d9249b9b0b2f361101487e09581415d583568a4a3ce1946
1b15fe2971998a048aebb60f26f6eed76122071db9ef3b995abd003224f52a98
1bcb84674284a11fce9d961c76916f2b6da1dc14bcda6bbe21860dcd42425135
1c1e9899ade0fb1704299ad5e021e55601a11e37669f77fa395be0817b1c795f
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
23028739cb79ca98b9f6f2edf55051f7315eefbc864f46768ae50fb2e374486a
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
2a46e6d23e7589261bafc7a2f846e0fc7a7240c1dca2f7a94632e1db39a02ca2
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085
383576f16a9b11bf23ca3df7a5357f7765a9842fb9f9a31bcaca3e2faf28b01c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae
4f2f7534931488bb7af4dd1c1f577aae2f473bbdd85690dc6abfb08f09385158
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50920d8441a24f9ef9420f3b3fafc9cf5ce7283c8150c2548e607c49e9ed0c48
551602f7d417393dee7ab3c9ff79ca9a5947fa492387993a756295f0ad5c9bb8
57b03761fa62bc47729e45de0d85d2597691a68cfbf3c306038dfe93365d7f0d
5b9862c91e2742469cc312245e954ac34453a0b987b0bf08751708cb2994d3f2
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
5d4d97b1aa88aa1c1fd9747a77f8438ee1f788d91e27dcd3b77ec07ddfbb49c5
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60a9aa4e00309bcc6c2d95ae3a5a7f3e680dc8da36c3feff01f23d1ba5b0e471
62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7
63097abe81597c090e58ca736089f7b1ca03982148429b6ca59ba9506413c221
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68cb22eeada6da0107da7828b0de8db34f6eceb449fbb079d719c146164ab947
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6bd3914bbbab0d69e9057b0d1857fb30e65b52bd12221d2d55dff05a0b522cd7
6df3eea50f5702832bc7352e96f4d1c4e19a671fcf41de861247c395373b8561
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
756e0e661c9311090f9f596a8c21ca34d8fe1265e6ddf6bec9afca292075a350
796c043363b34ed6558401863d5a6f62f75b958c4d16b03392b839d1db517922
7a30764b5286423769de4a85297de6e43c957494f265cb38fb84328091bbc839
8d648907a22eb30d672c1f88ab0934769f53da34a7e5b4732d72421355663885
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9bc018da8df1b9da37b998f4eab3857d0784a7528c231891cdc400e7b045ddb4
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab8ce407dbde131da92f9b1f2bbb884c995efb49ba61b8d26ac03aed2b2b970f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b32a7a0514c4e37e89dbe6510c6b5eae1d6f48b7767ad8e99bff88b8952bad57
b4489e89ae040fc7c1b4d6ec71d92638326dd36b0d3ca5e28900cbbf559acc73
b5b7d050767fda9c2d6bc93f2c6a7a386dcdda6573694dad9ee21e0545d64b24
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bfae4355233e8bd2b027dfbe86753711ce42c666271782b8115e2b9bab4e0a47
bfe1c96d2b61be1e17839f9e3d734ba10701c7be4a38faff1a63f4aedc3d31de
c02fc68565112773536bdc781f6ec47a0bca8c0d41a3282da31bf28419aaac98
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cb0fde09218c8e13e30efd007a8ce2bcfd68b2e19a960a643aefcd975f907367
cb203da91b3fee59f83138992e73681d4c74baa97fbabe103a81185edcb105f1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d4f488d2d4b4fa9ca0668acbcaccddec56af46060aa2d37b556899fca6279391
d72c687f5bc9266ab50f49198cc547413dcd0bddf04588b1e5e1b923e67c67ff
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d89bc43ee1ea0f5484a5e28c3c3c5839c07355fc69be8d4a7b5d3f28baab9301
daba7813f24af897ca353ee89f5965dcfd3190fc685deac73c94a2c3c793da96
dca7d5de8bf2c12c1c173aa6d795b1b39017e0f7f9625b9ca75a121866bcc560
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df7430d25377aa8eed2d92f873bbc32c26a9454b3e80db5045a5483879383abb
e0244e08ecf5ea74636a7bb1320864cd9cc239d9b02d7c45a823025bb5c6fe50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ec8fc875b3ccd7b41d8ea44dc295588f8883180430ed9147cbd452494d72bcb1
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee1d853a3f0f6ec8655c56c1ef060709131a77ed1a1896fb1c7327433417be24
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef463dc4400b77b295460ed661ef77b24e420b82b5d5c613f6afa23de1cba444
f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c
f27791bfdf1ed2b810f77a1cdd427034fc23cd5d12517c729de3e446dcc77c4e
f5705be943f978fb4fc651b3a38163760e3ac92117e4f7b752b7bf1c68ebe188
f8b409782883bf59fbbb55c76fdb402591441eb13b42264a57efa65a5a4158ec
fb945ebbec373fc6874ae979c49ef1e5ceb036f999f57f2c62f23470d0106d50
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62