urlscan.io logo urlscan.io
SecurityTrails logo

blog.zsec.uk Open in urlscan Pro
2606:4700:3034::6815:46d2  Public Scan

Go To Rescan Add Verdict Report
URL: https://blog.zsec.uk/nmap-rtfm/
Submission: On May 07 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3034::6815:46d2, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.zsec.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2020. Valid for: a year.
This is the only time blog.zsec.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    2606:4700:3034::6815:46d2 (United States)

ASN13335 (CLOUDFLARENET, US)
blog.zsec.uk
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js.stripe.com
2    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)
images.unsplash.com
2    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
m.stripe.network
1    34.208.121.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-121-230.us-west-2.compute.amazonaws.com
m.stripe.com
Domain Requested by
17 blog.zsec.uk blog.zsec.uk
ajax.cloudflare.com
unpkg.com
12 cdnjs.cloudflare.com blog.zsec.uk
ajax.cloudflare.com
cdnjs.cloudflare.com
7 pagead2.googlesyndication.com ajax.cloudflare.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
4 www.google-analytics.com blog.zsec.uk
www.google-analytics.com
3 js.stripe.com ajax.cloudflare.com
js.stripe.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 unpkg.com 1 redirects blog.zsec.uk
1 m.stripe.com m.stripe.network
1 m.stripe.network js.stripe.com
1 images.unsplash.com blog.zsec.uk
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ajax.cloudflare.com blog.zsec.uk
1 fonts.googleapis.com blog.zsec.uk
64 21

This site contains links to these domains. Also see Links.

Domain
leanpub.com
github.com
www.paypal.me
nmap.org
stackoverflow.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-04-14 -
2021-08-04		 4 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
imgix2.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-14 -
2021-07-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-16 -
2021-08-04		 4 months crt.sh

This page contains 6 frames:

Primary Page: https://blog.zsec.uk/nmap-rtfm/
Frame ID: 08FCA60B9D0450E6A8020A6694D00C1C
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210504/r20190131/zrt_lookup.html
Frame ID: 7A727F5AE0B1D3A8F5E855538539BD5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5360859507810376&output=html&adk=1812271804&adf=4235265862&lmt=1620345639&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fblog.zsec.uk%2Fnmap-rtfm%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620345638615&bpp=10&bdt=1457&idt=579&shv=r20210504&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1568031865756&frm=20&pv=2&ga_vid=1769220849.1620345638&ga_sid=1620345639&ga_hid=1796255752&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C182982100&oid=3&pvsid=3129405483472464&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=612
Frame ID: 6B93E0F0F7B4FEA62683126A648B6894
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
Frame ID: F0D6BE095CACC2EB1E36DDAD2EDAED54
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 1D69EDD803ED6A1FA93E742392123540
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 960F292321D4974EAB0D69D78ECF1BD6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

64
Requests

100 %
HTTPS

81 %
IPv6

15
Domains

21
Subdomains

21
IPs

3
Countries

1118 kB
Transfer

2773 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://unpkg.com/@tryghost/portal@~1.0.0/umd/portal.min.js HTTP 302
  • https://unpkg.com/@tryghost/portal@1.0.2/umd/portal.min.js

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blog.zsec.uk/nmap-rtfm/ 		54 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/nmap-rtfm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9d9c4034cf66cdc7ed16bc723aa65b6233262772259fefdcd6d76f7e972b117f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
blog.zsec.uk
:scheme
https
:path
/nmap-rtfm/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636; expires=Sun, 06-Jun-21 00:00:36 GMT; path=/; domain=.zsec.uk; HttpOnly; SameSite=Lax; Secure
x-powered-by
Express
cache-control
public, max-age=0
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
cf-request-id
09e5b95fea00004e7af99a9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TLSI7S33X4El0gOKledMiUH2H4WAvQGtLLHnIZNHwrigJ4A6EZKfSluJZeOBDH%2BBxwTmWBySRpUfWBYoZbN3hpKW5jFmf9%2BMhtWTR49Rcbafql27jUktTL8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
64b62b4649d54e7a-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
T1yD9DLCXRcTVPMZyuU7nvkM29E.js
blog.zsec.uk/cdn-cgi/apps/head/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/cdn-cgi/apps/head/T1yD9DLCXRcTVPMZyuU7nvkM29E.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5fb47c81bbed3f443dad85c60698e903b3a10ec4998ad1b172fb2fe155b30ef
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/cdn-cgi/apps/head/T1yD9DLCXRcTVPMZyuU7nvkM29E.js
pragma
no-cache
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
784244
content-type
application/javascript; charset=utf-8
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
C4JB1M570WBYEY67
x-amz-id-2
EZM0SzW5gaS4A46QjvK9NLmooPQr4e4QxDJ1bwiONj/YWJfuuVHBeM7peuJvPKVKEaYajCkLpug=
last-modified
Sun, 15 Oct 2017 11:41:33 GMT
server
cloudflare
etag
W/"0d6c3073020a19c718b471f7df0c0a4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JFRHwVshxfmh6qbqyxwInJz5OuVa4bBnNyXhgeq8kZyqF%2F6epW7QxOxKcvZWxlEM%2BNOhI7%2BGGiTk4eFWDkFvR9u184oC7E6liET66%2BiCCgCxCNKJF3VmeXo%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id
SBw9zcPjwsr_fnG9qWHbNoXr8ozHVOWZ
cache-control
public, max-age=31536000
cf-request-id
09e5b9615c00004e4af6aef000000001
cf-ray
64b62b489cb84e4a-FRA
css
fonts.googleapis.com/ 		11 KB
845 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,300,600|Oswald:400,700|Montserrat:400,700
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1c2675310ec47689b8ad0068908e615dcd7d7f1abd5e11b2e0ec061194443d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 May 2021 00:00:37 GMT
server
ESF
date
Fri, 07 May 2021 00:00:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 May 2021 00:00:37 GMT
extra.css
blog.zsec.uk/assets/built/css/ 		209 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/css/extra.css?v=2387841756
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7a30764b5286423769de4a85297de6e43c957494f265cb38fb84328091bbc839
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/css/extra.css?v=2387841756
pragma
no-cache
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
217181
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"344be-1784ce5cc66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MdfLRBqPNmbx1OdLww5Cfj8ZCk4VQCuSTbswjlkIFqmTbaqMX61vmWYHGTVSczvFq%2Bp8sumkpgsq7SOXvkrb7tUOIXwrHbT%2BrmOHnodTJrnvmIO0wJh2CWg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-request-id
09e5b9615d00004e4ab3113000000001
cf-ray
64b62b489cbb4e4a-FRA
cf-bgj
minify
extra-post.css
blog.zsec.uk/assets/built/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/css/extra-post.css?v=2387841756
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dca7d5de8bf2c12c1c173aa6d795b1b39017e0f7f9625b9ca75a121866bcc560
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/css/extra-post.css?v=2387841756
pragma
no-cache
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
265856
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"ced-1784ce5cc66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XhFmPE3dVM9gk5uGO68naQ8wBXldVP915Noddt855zmLmwjAJHeOk%2FOBfdwQRRzpZ5%2FFmuf3OIn5JaWWM4%2BMODq8mmdXugqbQpQN0kIkhsZQbQgBNtM9np0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=3309
cf-request-id
09e5b9615d00004e4a31909000000001
cf-ray
64b62b489cbd4e4a-FRA
cf-bgj
minify
style.css
blog.zsec.uk/assets/built/css/ 		52 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/css/style.css?v=2387841756
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d72c687f5bc9266ab50f49198cc547413dcd0bddf04588b1e5e1b923e67c67ff
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/css/style.css?v=2387841756
pragma
no-cache
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
49838
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"d1ad-1784ce5cc62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QOjBd1uPdbRY%2BlCXhDHWYZoMZiwiheFZCnWmKZu9xRuiuDKVwOfDslfg5IYf61qEn8FmFcGzNJlNiFkvmlyTqXaSHXEowoo%2FE%2B7WO9o6z%2FvXxZBqReyXFE8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=53677
cf-request-id
09e5b9615d00004e4a16be4000000001
cf-ray
64b62b489cb94e4a-FRA
cf-bgj
minify
tocbot.css
cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.2/ 		565 B
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.2/tocbot.css
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://blog.zsec.uk
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1187486
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
228
cf-request-id
09e5b9616c000096f8341bd000000001
timing-allow-origin
*
last-modified
Sun, 07 Jun 2020 21:41:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5edd5f21-235"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A0qsLcashnzVl9YNT0892riZHVM1WMWjzfF%2FM9k%2BSaAqEmF9IQ1uZs7%2BCzBvBlbbVL3%2FNTeJPHDfCbIt1ivSOSwHUYDHL%2Flj0cWRTUoLIhN3hF1O%2Fwb6yH4%2BzkX6lonx8A%3D%3D"}],"group":"cf-nel"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64b62b48ad4196f8-FRA
expires
Wed, 27 Apr 2022 00:00:37 GMT
prism-tomorrow.min.css
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/themes/ 		1 KB
819 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/themes/prism-tomorrow.min.css
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b15fe2971998a048aebb60f26f6eed76122071db9ef3b995abd003224f52a98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://blog.zsec.uk
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1185417
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471
cf-request-id
09e5b9616d000096f8303a4000000001
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a6-521"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4nAZ%2Fd7G3BUQwB9I%2FcXJYcwQod9Kl71vMnD1Sgedi7xV688OMyEdU6xl%2FoBEjQ9vem32OYBPcUtgABxGqfdl%2BfjEvU9nDje9%2F2ZD8s1nfJWUfEKF2oA8SmXYhjgxtt2h7A%3D%3D"}],"group":"cf-nel"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64b62b48ad4296f8-FRA
expires
Wed, 27 Apr 2022 00:00:37 GMT
prism-toolbar.min.css
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/toolbar/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/toolbar/prism-toolbar.min.css
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60a9aa4e00309bcc6c2d95ae3a5a7f3e680dc8da36c3feff01f23d1ba5b0e471
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://blog.zsec.uk
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1318127
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
289
cf-request-id
09e5b9616d000096f838a26000000001
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a4-407"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1wJV4hXk5QASL2BDaVqE5o2RA0mR5%2F07yJyS5Bop9XbwTefjnPi9c4pfJURKmcqwyVxvcPhgjnBj09icN6Hk8ItOB%2B8uvP0axJz%2Bzvx%2B4oRU5rwp8a8lpgn605AJ0jtd9w%3D%3D"}],"group":"cf-nel"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64b62b48ad4396f8-FRA
expires
Wed, 27 Apr 2022 00:00:37 GMT
prism-line-numbers.min.css
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/line-numbers/ 		609 B
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/line-numbers/prism-line-numbers.min.css
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0244e08ecf5ea74636a7bb1320864cd9cc239d9b02d7c45a823025bb5c6fe50
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://blog.zsec.uk
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1184044
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
201
cf-request-id
09e5b9616e000096f83610f000000001
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:55 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a3-261"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BSpejFCOTKX4anMKjQoa3ZQYnpXEXOhp%2FSYvluPQfq0v%2B%2FoWbqZ2j9j2hk%2FfwUTbL%2Bg6x2k4YKubEuzhClJznwop5yR1aGz8ll%2Fou1KzpUgJ7uWlmL2sleMEJD4LI9dXsw%3D%3D"}],"group":"cf-nel"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64b62b48ad4496f8-FRA
expires
Wed, 27 Apr 2022 00:00:37 GMT
BannerPublish-1.png
blog.zsec.uk/content/images/2017/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.zsec.uk/content/images/2017/10/BannerPublish-1.png
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c02fc68565112773536bdc781f6ec47a0bca8c0d41a3282da31bf28419aaac98
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/content/images/2017/10/BannerPublish-1.png
pragma
no-cache
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1041276
x-powered-by
Express
vary
Accept-Encoding
content-length
1637
cf-request-id
09e5b9621500004e4ab88e4000000001
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 16 Oct 2017 19:38:05 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"665-15f26b17738"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f%2BNSIid5nbi5doVfRzlLXe2iSlcmLoLmmcxECeR0SUyuRPCd68D6mjLrn3q5fke%2Bj0oVUe2y%2FVkUXWyDoek%2BxZaufhlZEJHwz0z066JzF98RAeUG7G%2Fp9Gc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
64b62b49bf1a4e4a-FRA
email-decode.min.js
blog.zsec.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"max_age":604800,"report_to":"cf-nel"}
vary
Accept-Encoding
cf-request-id
09e5b9621700004e4ad9b22000000001
last-modified
Fri, 30 Apr 2021 09:06:15 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"608bc887-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nnm1NvS6TKF009tLxxu8o%2FnFiy4eAbLdc35423Uy%2F6C3a5byAEwGbEkf5k23yJR15oTa2TSAiuiw4jEtwXPYPN5ca4YryYjARN2AbzuIWKr%2BgVaBqP0o2lM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
64b62b49bf184e4a-FRA
expires
Sun, 09 May 2021 00:00:37 GMT
tocbot.css
cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/ 		565 B
978 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/tocbot.css
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1186786
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
228
cf-request-id
09e5b9621d00004e2b3dad3000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fff-235"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ztfTua2BSOaPDf%2BWJN%2BvAWzoyXo8QmvL%2B2I%2B%2FwFowWddRB4P882EdXBqQox3paoM%2F%2B6%2B1Os4u6LN6XNv9MaS%2BjF5vbzcdX0oGTsnKHKXo8Y7yozAdKZsEs3ddKwDZ4h6%2Fw%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64b62b49cc654e2b-FRA
expires
Wed, 27 Apr 2022 00:00:37 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"max_age":604800,"report_to":"cf-nel"}
vary
Accept-Encoding
cf-request-id
09e5b9625c000005e4a23d5000000001
last-modified
Fri, 30 Apr 2021 09:06:15 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"608bc887-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y706HBUZPnNGyXhdfgzPB3QHQwCAzdHz0qV%2FrzWTs2Wn4aUlnKrlOIeIJjFAGwOzQVNYltFQLKVrnXiQ%2FuzbZLiBpoUkOGcEK%2BhWi2NfPHoCf95YxMSsphqbyzAHWnWD"}],"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
64b62b4a2e0f05e4-FRA
expires
Sun, 09 May 2021 00:00:37 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cdn-cgi/apps/head/T1yD9DLCXRcTVPMZyuU7nvkM29E.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5625
date
Thu, 06 May 2021 22:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 07 May 2021 00:26:52 GMT
8vjFsP3vhVdwiUtPzhnKLepvkHw.js
blog.zsec.uk/cdn-cgi/apps/body/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/cdn-cgi/apps/body/8vjFsP3vhVdwiUtPzhnKLepvkHw.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/cdn-cgi/apps/head/T1yD9DLCXRcTVPMZyuU7nvkM29E.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a31e4c9fb5d42941bcccd1251e4874b8c79b62e039f3816bdefc356751a1864
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/cdn-cgi/apps/body/8vjFsP3vhVdwiUtPzhnKLepvkHw.js
pragma
no-cache
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
801774
content-type
application/javascript; charset=utf-8
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
C4RAZDQYYNJAG1NE
x-amz-id-2
jTEixHKxs49rJqMr822Vn+pl4SZWyQR/uCfHuxVJjU1G9Xmp3tZSFYxGzqEfkuTKj8Kp8pLyIOc=
last-modified
Sun, 15 Oct 2017 11:41:33 GMT
server
cloudflare
etag
W/"63563227973055f0a973129e6c4782b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=abYSZysWb8%2FA0OylEv7TkmGL%2BNojoRz6PsCGlzAbseBdchqM9Rdo%2FClIXqk0RG%2BUM3A5gZoi3zaUtYQEQ8TEgVjufsk5cNUdXLHWtvHkHTNCv26vbfGl0eg%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id
xD9.Hw6JMxeLo5i0Lup1hzzGHLPqPj7M
cache-control
public, max-age=31536000
cf-request-id
09e5b9621500004e4ab311f000000001
cf-ray
64b62b49bf1b4e4a-FRA
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,600|Oswald:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.zsec.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 22:04:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
age
179785
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
expires
Wed, 04 May 2022 22:04:12 GMT
fa-solid-900.woff2
blog.zsec.uk/assets/built/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/webfonts/fa-solid-900.woff2
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/assets/built/css/extra.css?v=2387841756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://blog.zsec.uk
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
:path
/assets/built/webfonts/fa-solid-900.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/assets/built/css/extra.css?v=2387841756
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://blog.zsec.uk
Referer
https://blog.zsec.uk/assets/built/css/extra.css?v=2387841756
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
939417
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75440
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"126b0-1784ce5cc4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=beF8CVooLS7v7j%2BZhuwl%2FFqb57y5Jf6Kw0G8Ch8nWJVXmlovgGqvAsa6h%2BLrfCM7LoR4Ko2nKoP3CkflTKvB3PKln3%2F0EPWaQ1cH3SykcRKM7oqZaMhbjCQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
https://blog.zsec.uk
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-request-id
09e5b9625b00004e4ad3330000000001
accept-ranges
bytes
cf-ray
64b62b4a283b4e4a-FRA
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,600|Oswald:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.zsec.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 21:35:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:31:19 GMT
server
sffe
age
181497
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24064
x-xss-protection
0
expires
Wed, 04 May 2022 21:35:40 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,600|Oswald:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.zsec.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 10:38:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:37:32 GMT
server
sffe
age
48135
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47272
x-xss-protection
0
expires
Fri, 06 May 2022 10:38:22 GMT
fa-regular-400.woff2
blog.zsec.uk/assets/built/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/webfonts/fa-regular-400.woff2
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/assets/built/css/extra.css?v=2387841756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://blog.zsec.uk
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
:path
/assets/built/webfonts/fa-regular-400.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/assets/built/css/extra.css?v=2387841756
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://blog.zsec.uk
Referer
https://blog.zsec.uk/assets/built/css/extra.css?v=2387841756
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
660599
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13580
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"350c-1784ce5cc52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yKd%2B%2BmGau5jaJmTnzONGfllSHkcwPP9Z1DuPRW6ipV296nDBWOt2%2BKBNitYNtibE8Oyn6weCyUXvC32Y%2Bv02mV6E3wsrjiT8ngksPwIUl1Ve6V%2BATSvulMg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
https://blog.zsec.uk
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-request-id
09e5b9625b00004e4ace3fd000000001
accept-ranges
bytes
cf-ray
64b62b4a283f4e4a-FRA
fa-brands-400.woff2
blog.zsec.uk/assets/built/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/webfonts/fa-brands-400.woff2
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/assets/built/css/extra.css?v=2387841756
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://blog.zsec.uk
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
:path
/assets/built/webfonts/fa-brands-400.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/assets/built/css/extra.css?v=2387841756
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://blog.zsec.uk
Referer
https://blog.zsec.uk/assets/built/css/extra.css?v=2387841756
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:37 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
939417
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74508
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"1230c-1784ce5cc56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xLkCigtOgLOJXaz9ai%2FFx9qwmOpfA4DFo3WACLKTU3QNwVPbrT08LhTvvof9OJ6xfHP7ONVezPM37ZpuGiI5ePEzcsXts2xqnQat6UIUrC47hbliXozyJd0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
https://blog.zsec.uk
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-request-id
09e5b9625b00004e4ab88ed000000001
accept-ranges
bytes
cf-ray
64b62b4a28404e4a-FRA
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,600|Oswald:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.zsec.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 04:11:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
416947
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
expires
Mon, 02 May 2022 04:11:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcb15ff20a1b1dd556cb6976d64dc8bc45c29048d7aceccd019290f6be5f19f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47995
x-xss-protection
0
server
cafe
etag
2150384643788330774
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 07 May 2021 00:00:38 GMT
tocbot.min.js
cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/tocbot.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f41451ee670abd2cf15681d5d3c8497db9266c141d545a6cc8e2f98505512e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1186787
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3203
cf-request-id
09e5b964dc00004e2b82b14000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fff-2b9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vzwC7zIG0LoqyxP1suhnTUROYw4bbBNyRl0W1KDZGqwgur95nL8cvs5EeC1vdBhmyDfbmLMOXHgh%2FWLZ7INOY7uEIcRyxmal%2B04VkwBvRdwgzThSpF5GZcZYYs4p6jAakw%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64b62b4e2e854e2b-FRA
expires
Wed, 27 Apr 2022 00:00:38 GMT
main.js
blog.zsec.uk/assets/built/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/js/main.js?v=2387841756
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
796c043363b34ed6558401863d5a6f62f75b958c4d16b03392b839d1db517922
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/js/main.js?v=2387841756
pragma
no-cache
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
272265
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"cd3-1784ce5cc5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BVvxAYRb8QD4Kfmvcg3vtv7IefUSG0723Ig0b%2BkHcj2NjB4uEHt4oFJli%2BE3ENUfwDh8AGuJ36ZGHCJV8bBROf1VvYDQkgFVo5Q%2F2UTAzDGocKbmjAMaiZw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=3283
cf-request-id
09e5b964db00004e4a1fa13000000001
cf-ray
64b62b4e2f7f4e4a-FRA
cf-bgj
minify
extra-post.js
blog.zsec.uk/assets/built/js/ 		331 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/js/extra-post.js?v=2387841756
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1a661b4acb4f78106d9249b9b0b2f361101487e09581415d583568a4a3ce1946
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/js/extra-post.js?v=2387841756
pragma
no-cache
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
208502
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"52c1b-1784ce5cc62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8pdS%2Fg0oV8AgB6aorLCxd%2FFzsIBn1gQtVHKBf%2F0zhRJl%2BOW%2Bcgb8%2FObGITKybLf5XXKJdF1b0jydzJt8lkw85J9r%2FXczBTRJ%2B1egn4psLPayV3kNmWXJFIY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=338971
cf-request-id
09e5b964dc00004e4a229b6000000001
cf-ray
64b62b4e2f804e4a-FRA
cf-bgj
minify
extra.js
blog.zsec.uk/assets/built/js/ 		213 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/assets/built/js/extra.js?v=2387841756
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
044edff8b3adbc435bf7e3de587d68fc195df36b2f067feb6daca1b0bd2431a8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/built/js/extra.js?v=2387841756
pragma
no-cache
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
217182
x-powered-by
Express
strict-transport-security
max-age=2592000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 23:50:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"3548f-1784ce5cc5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UItAluqxDYgbJUvE513pE44irdIXWce1bRZPSxgrKOxxHiL%2F%2FpEr9BQPuHMuLBEppAWbkXIVTOSrjbc0M14on4aSus4nBDQRzrgvdpIkaViemezTbpqY%2FkI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=218255
cf-request-id
09e5b964dc00004e4a0b12e000000001
cf-ray
64b62b4e2f824e4a-FRA
cf-bgj
minify
/
js.stripe.com/v3/ 		230 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
389d25fcb4aedc73321f09a65085bf2ff4adea5868600b29053a101ec232d04e
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:38 GMT
content-encoding
br
vary
Accept-Encoding
age
18
via
1.1 varnish
x-cache
HIT
content-length
55561
x-amz-id-2
IzQi6eVID7gedEMrlLWBIFOiy0VkWaHZ45UWOSyH2tY/kZkliih8+s86LWqDy5q0iTknJ09tbO8=
x-served-by
cache-fra19178-FRA
timing-allow-origin
*
last-modified
Wed, 05 May 2021 21:04:10 GMT
server
AmazonS3
etag
"f6611af41ef2fd456fc0626641f6d4f3"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
D0BYGFZZA84CXMWX
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
11
portal.min.js
unpkg.com/@tryghost/portal@1.0.2/umd/
Redirect Chain
  • https://unpkg.com/@tryghost/portal@~1.0.0/umd/portal.min.js
  • https://unpkg.com/@tryghost/portal@1.0.2/umd/portal.min.js
311 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@tryghost/portal@1.0.2/umd/portal.min.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6d46a12c9a3a026f3666a1b709aeaf81d5dc89c45224db7575bfe395c3fc020
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3896147
vary
Accept-Encoding
cf-request-id
09e5b9664300002be956340000000001
last-modified
Fri, 19 Mar 2021 07:24:54 GMT
server
cloudflare
etag
W/"4dbbd-pYjNzZxc2Ea44eM9pf9aFvSpgI8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
df1fe7e6718116af6adb2261a152b9a9
cache-control
public, max-age=31536000
cf-ray
64b62b506b382be9-FRA

Redirect headers

date
Fri, 07 May 2021 00:00:38 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
342
vary
Accept, Accept-Encoding
cf-request-id
09e5b9658600002be93f8d5000000001
fly-request-id
01F521P0Z35XAS0RCT2MDE8BQF
server
cloudflare
location
/@tryghost/portal@1.0.2/umd/portal.min.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=600, max-age=60
cf-ray
64b62b4f38c72be9-FRA
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1796255752&t=pageview&_s=1&dl=https%3A%2F%2Fblog.zsec.uk%2Fnmap-rtfm%2F&ul=en-us&de=UTF-8&dt=NMAP%20Tips%3A%20RTFM%3F%20%7C%20ZeroSec%20-%20Adventures%20In%20Information%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1307214937&gjid=10063181&cid=1769220849.1620345638&tid=UA-81202681-1&_gid=103095098.1620345638&_r=1&_slc=1&z=783260089
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 07 May 2021 00:00:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.zsec.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-81202681-1&cid=1769220849.1620345638&jid=1307214937&gjid=10063181&_gid=103095098.1620345638&_u=YEBAAUAAAAAAAC~&z=1297947648
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 07 May 2021 00:00:38 GMT
content-type
text/plain
access-control-allow-origin
https://blog.zsec.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-81202681-1&cid=1769220849.1620345638&jid=1307214937&_u=YEBAAUAAAAAAAC~&z=243016327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 00:00:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-81202681-1&cid=1769220849.1620345638&jid=1307214937&_u=YEBAAUAAAAAAAC~&z=243016327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 00:00:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210504/r20190131/ 		224 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210504/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5c385bee34ff69aae909c712e0dd08b64e3963e534430800b054a72a051126e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84599
x-xss-protection
0
server
cafe
etag
157588344034437020
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 07 May 2021 00:00:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210504/r20190131/ Frame 7A72 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210504/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210504/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.zsec.uk/nmap-rtfm/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://blog.zsec.uk/nmap-rtfm/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 06 May 2021 16:57:50 GMT
expires
Thu, 20 May 2021 16:57:50 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
25368
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		197 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=blog.zsec.uk&callback=_gfp_s_&client=ca-pub-5360859507810376
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210504/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e4bca76018c14830857f7cee3dd7a0a549062db95a58e4ac96337f8f6c216deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
188
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=blog.zsec.uk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210504/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=blog.zsec.uk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210504/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6B93 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5360859507810376&output=html&adk=1812271804&adf=4235265862&lmt=1620345639&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fblog.zsec.uk%2Fnmap-rtfm%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620345638615&bpp=10&bdt=1457&idt=579&shv=r20210504&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1568031865756&frm=20&pv=2&ga_vid=1769220849.1620345638&ga_sid=1620345639&ga_hid=1796255752&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C182982100&oid=3&pvsid=3129405483472464&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=612
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210504/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5360859507810376&output=html&adk=1812271804&adf=4235265862&lmt=1620345639&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fblog.zsec.uk%2Fnmap-rtfm%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620345638615&bpp=10&bdt=1457&idt=579&shv=r20210504&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1568031865756&frm=20&pv=2&ga_vid=1769220849.1620345638&ga_sid=1620345639&ga_hid=1796255752&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C182982100&oid=3&pvsid=3129405483472464&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=612
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.zsec.uk/nmap-rtfm/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://blog.zsec.uk/nmap-rtfm/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 07 May 2021 00:00:39 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 07-May-2021 00:15:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210504/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30b250c89aa882cdf15a274e8e754f9b1f8106191180cfa81cd3c0d005f4cca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620214051398855"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
expires
Fri, 07 May 2021 00:00:39 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5627
date
Thu, 06 May 2021 22:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 07 May 2021 00:26:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcb15ff20a1b1dd556cb6976d64dc8bc45c29048d7aceccd019290f6be5f19f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47995
x-xss-protection
0
server
cafe
etag
2150384643788330774
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 07 May 2021 00:00:39 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1796255752&t=pageview&_s=2&dl=https%3A%2F%2Fblog.zsec.uk%2Fnmap-rtfm%2F&ul=en-us&de=UTF-8&dt=NMAP%20Tips%3A%20RTFM%3F%20%7C%20ZeroSec%20-%20Adventures%20In%20Information%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABAAAAAC~&jid=&gjid=&cid=1769220849.1620345638&tid=UA-81202681-1&_gid=103095098.1620345638&z=1968225257
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 21:59:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7259
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
prism.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/prism.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2f7534931488bb7af4dd1c1f577aae2f473bbdd85690dc6abfb08f09385158
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://blog.zsec.uk
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1190372
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5720
cf-request-id
09e5b969aa00004ab67cb8a000000001
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a5-414a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dAu6bnBMUixc8NpToKTVlT8ryIcVMNPLIx4fshKmbwVtLhv33HQmatvwSCOvfC96uJ9BL5sFTkPoWrcLdxft%2B5%2BcKFnF8AYf3UYJjMZKK%2Ff2DArBLaZZa6asmbO0dIo8aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64b62b55dffb4ab6-FRA
expires
Wed, 27 Apr 2022 00:00:39 GMT
photo-1478071573747-403b24bf59a9
images.unsplash.com/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1478071573747-403b24bf59a9?ixlib=rb-1.2.1&q=80&fm=jpg&crop=entropy&cs=tinysrgb&w=1080&fit=max&ixid=eyJhcHBfaWQiOjExNzczfQ
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1d7e39f6f8f384adf690188705d6a4b751b6e2fd16566700424171caf5106d4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Apr 2021 08:21:51 GMT
server
imgix
age
661127
x-cache
HIT, MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-imgix-id
34a5add8cd9da84c1c33d864c16799c5d7770c18
accept-ranges
bytes
content-length
91778
x-served-by
cache-sjc10076-SJC, cache-hhn4032-HHN
ZSIcon.png
blog.zsec.uk/content/images/2017/10/ 		814 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.zsec.uk/content/images/2017/10/ZSIcon.png
Requested by
Host: blog.zsec.uk
URL: https://blog.zsec.uk/nmap-rtfm/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
41d9b00eb3f443e1eb77b8c37a7694c21a21d2f2e7116c0095254a19889ce3e7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/content/images/2017/10/ZSIcon.png
pragma
no-cache
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636; _ga=GA1.2.1769220849.1620345638; _gid=GA1.2.103095098.1620345638; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
937657
x-powered-by
Express
vary
Accept-Encoding
content-length
814
cf-request-id
09e5b969b400004e4ab5bfd000000001
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 16 Oct 2017 19:38:21 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"32e-15f26b1b4ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6usLVolLx631fLadgN0DqOuWso4ZDPyanT9mU7Ha3UDoat92adk7VyskOl7OyOp8zR8ADlfEzzjDgmsNwx8ykgY5AuFNvTADyazj%2BhdOHVSxpdkKVi7ddoM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
64b62b55edc54e4a-FRA
prism-autoloader.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/autoloader/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/autoloader/prism-autoloader.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df7430d25377aa8eed2d92f873bbc32c26a9454b3e80db5045a5483879383abb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://blog.zsec.uk
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3057474
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1927
cf-request-id
09e5b96a1a00004ab64082c000000001
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:54 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a2-13c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pVtw024YnO%2F53unPucGSajY%2FU7NRgu4rd7OopFOZkeCnHL7Kt4AetBbp64jWCRP2VROOd%2B4XZtSC0thhhacYOj9sbYiLmx8DseBWcZi4OqdE7FgEnVBBrU9LB4Iv3yN9Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64b62b56996d4ab6-FRA
expires
Wed, 27 Apr 2022 00:00:39 GMT
prism-toolbar.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/toolbar/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/toolbar/prism-toolbar.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8fc875b3ccd7b41d8ea44dc295588f8883180430ed9147cbd452494d72bcb1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://blog.zsec.uk
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2399598
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
601
cf-request-id
09e5b96ae300004ab665869000000001
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:54 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a2-6d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X9iFnVR9%2F1qF3Uub6mxNFGLc2N92RwPZnstpuzP8AvreDV6l%2FvI0HkJBlWdGPGFe08sLJKStjfQZlrRzKgvavg6%2FycYINEYYsOzA%2FpxTM8pR2ngLb8cazV%2BxH9WYnKHDbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64b62b57dc784ab6-FRA
expires
Wed, 27 Apr 2022 00:00:39 GMT
prism-copy-to-clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/copy-to-clipboard/ 		977 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/copy-to-clipboard/prism-copy-to-clipboard.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daba7813f24af897ca353ee89f5965dcfd3190fc685deac73c94a2c3c793da96
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://blog.zsec.uk
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2399598
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
427
cf-request-id
09e5b96af900004ab662888000000001
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:54 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a2-3d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FnYeBc%2BSkPxJl00EsNfUPmXo%2B0%2FnzlmXEYHLMgJvubfykyzlVElxOQ6aDysX8VMhrnT2%2BCr6y3pFWpREbQCSQhaiE6wkeFK5G%2FwHUA7GkvBd7HZKqKf2Ek%2BCXntIQaXXEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64b62b57fcd34ab6-FRA
expires
Wed, 27 Apr 2022 00:00:39 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/copy-to-clipboard/prism-copy-to-clipboard.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3898066
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2905
cf-request-id
09e5b96b2900004e2b2a8f3000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-29a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u9QgrN6i6ZMxa3t8tkFbvWH9kL7iTkUFwXzpQiaG0wNpqvUoAFCnVLvGPimGRqID0LtUSTJeZMrZziBPGkPPNYqTiOcuqnwXF0IOqkrLeDqasr1MQ%2BueYoe3eBaKbbHvCQ%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64b62b5848544e2b-FRA
expires
Wed, 27 Apr 2022 00:00:39 GMT
prism-line-numbers.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/line-numbers/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/line-numbers/prism-line-numbers.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d648907a22eb30d672c1f88ab0934769f53da34a7e5b4732d72421355663885
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://blog.zsec.uk
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3057474
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
938
cf-request-id
09e5b96b2b00004ab660331000000001
timing-allow-origin
*
last-modified
Thu, 31 Dec 2020 20:37:54 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a2-a1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KwmVK9uXtJmbllr6FmGyhHFZw%2BA2F9DHEBnVSZ%2FHcF2GsoOBEG4RZuCqB2m677XTdRuPoU9n0icNTMw5IgBSCTrqI4NIpMd%2BKKru9A4%2FRm3Ei9mkc4lxXzbkPS0nFwaZrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64b62b584d9c4ab6-FRA
expires
Wed, 27 Apr 2022 00:00:39 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb8bd823562a4ad508a4ca1a249940c0f171218b7470ed3fc3f39ed0bdbb5f62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47999
x-xss-protection
0
server
cafe
etag
3614157148867540868
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 07 May 2021 00:00:39 GMT
/
blog.zsec.uk/members/api/site/ 		754 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/members/api/site/
Requested by
Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.0.0/umd/portal.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1e8825a3938321ef0a8aa3f6f21ab968565f41ed6b15c36440f92e54e21351fb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636; _ga=GA1.2.1769220849.1620345638; _gid=GA1.2.103095098.1620345638; _gat=1; __gads=ID=c9b93260920cc6a0-22dd62f90ac8005e:T=1620345639:RT=1620345639:S=ALNI_MbkmtPyovbrgNuU7Y42c-mIseLfhw
:path
/members/api/site/
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
x-powered-by
Express
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
cloudflare
x-frame-options
DENY
etag
W/"2f2-fnEcFTFpIHnvjphtJxj22AP8QNA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jE1NebFPJ%2FkrLyl2QsrfY8LwwdmR6d62HLrj%2BSmGwjipYFnlxSfW1jUYSgoWQgEWDeWovbCcaT3%2BxYRgNEAsgvcBCGEz%2BMjMPlPu4jzRk3cU9%2FiU4yA23qI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cf-request-id
09e5b96bba00004e4a1abef000000001
cf-ray
64b62b592c194e4a-FRA
m-outer-0369f5784d64b5d8df5e262d4b12f588.html
js.stripe.com/v3/ Frame F0D6 		215 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc59d406a4a87dc2cae39fbb74414e4694b7720ee57f4d1b8710e515e65a83e7
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.zsec.uk/nmap-rtfm/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://blog.zsec.uk/nmap-rtfm/

Response headers

x-amz-id-2
LM2/XV9S90ziItfwVgNI8MNCb4+FYqM3nzgTyIFN1okx3j5YIqavgX9/MewQ84/YbqOKHkKipZM=
x-amz-request-id
50E6Q0VV7QA0BXP8
last-modified
Mon, 03 May 2021 20:41:45 GMT
etag
"0369f5784d64b5d8df5e262d4b12f588"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Fri, 07 May 2021 00:00:39 GMT
via
1.1 varnish
age
194
x-served-by
cache-fra19178-FRA
x-cache
HIT
x-cache-hits
168
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length
129
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210504&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210504/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40d9379eba5600564e84c9cbf197ffa1b9331ca8cc9d689a21c38256f350f0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 May 2021 00:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7628
x-xss-protection
0
/
blog.zsec.uk/members/api/member/ 		34 B
584 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://blog.zsec.uk/members/api/member/
Requested by
Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.0.0/umd/portal.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:46d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6daf49c318d8ec76d13f99cea7556912407bd2d2c20f7686fdd9814da1773121
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/members/api/member/
pragma
no-cache
cookie
__cfduid=d4dcb76bc6775164dd69da559c6d60e061620345636; _ga=GA1.2.1769220849.1620345638; _gid=GA1.2.103095098.1620345638; _gat=1; __gads=ID=c9b93260920cc6a0-22dd62f90ac8005e:T=1620345639:RT=1620345639:S=ALNI_MbkmtPyovbrgNuU7Y42c-mIseLfhw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
blog.zsec.uk
referer
https://blog.zsec.uk/nmap-rtfm/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:40 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OKGFENail1WUyA%2FQ9pn%2F60XzzqdqWMuSnuByy2%2FbM16Zsxn8zjUcPdT8Pp3OfJKPacAN2qnw21QLOzBH%2FSzHVBY8%2F8EhGeFueGH6Wi39SBZQfats8nUZiBw%3D"}],"max_age":604800,"group":"cf-nel"}
access-control-allow-origin
*
cf-request-id
09e5b96c5200004e4ace0b5000000001
cf-ray
64b62b5a1d8a4e4a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210504/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5360859507810376&plah=blog.zsec.uk&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 07 May 2021 00:00:40 GMT
m-outer-b43290c4d50222c50d9f53f06af22482.js
js.stripe.com/v3/fingerprinted/js/ Frame F0D6 		1 KB
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-b43290c4d50222c50d9f53f06af22482.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 00:00:40 GMT
content-encoding
br
vary
Accept-Encoding
age
163
via
1.1 varnish
x-cache
HIT
content-length
628
x-amz-id-2
A82wmh9WghK3jKvi5doo9tw2jNc+dJf4HRwnT8XKQp81gTcdmixgwZvOm1RKCeP6QqxdzSrBIes=
x-served-by
cache-fra19178-FRA
timing-allow-origin
*
last-modified
Mon, 03 May 2021 20:41:41 GMT
server
AmazonS3
etag
"356a16407e7a019ffdf35f454b7438a9"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
ABGAZ7Q1EZ7SZEPP
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
130
inner.html
m.stripe.network/ Frame 1D69 		33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-b43290c4d50222c50d9f53f06af22482.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.stripe.com/

Response headers

server
nginx
content-type
text/html; charset=utf-8
last-modified
Fri, 04 Dec 2020 19:17:49 GMT
etag
W/"5fca8b5d-84a0"
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
public, max-age=300
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Fri, 07 May 2021 00:00:40 GMT
age
198
x-served-by
cache-sea4481-SEA, cache-hhn4032-HHN
x-cache
HIT, HIT
x-cache-hits
1, 131
x-timer
S1620345640.160191,VS0,VE0
vary
Accept-Encoding
content-length
12226
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 960F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.zsec.uk/nmap-rtfm/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://blog.zsec.uk/nmap-rtfm/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 06 May 2021 18:55:17 GMT
expires
Fri, 06 May 2022 18:55:17 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
18323
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
h4bqBfzbNhyfW_h1rVmWXBQaJ_zHuZxkYqdqs1GA3F4.js
pagead2.googlesyndication.com/bg/ Frame 960F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/h4bqBfzbNhyfW_h1rVmWXBQaJ_zHuZxkYqdqs1GA3F4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8786ea05fcdb361c9f5bf875ad59965c141a27fcc7b99c6462a76ab35180dc5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 16:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
199335
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
expires
Wed, 04 May 2022 16:38:25 GMT
6
m.stripe.com/ Frame 1D69 		156 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.121.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-121-230.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
55568de9c92660eeebdd1d9c35b0ad2a34d112651b6bc7dcf5c6a2e8e62c7028
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 07 May 2021 00:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210504&jk=3129405483472464&bg=!3d6l3prNAAYP3QOmD907ACkAdvg8WloT81tO4JHzyWrTsDI0ZNBgeJczhPPa5b4M9fVh5E_Yp5l5mwIAAAEoUgAAADRoAQcKAJNFZHtLuHBknCJEANEQmUKW5_3Qfl3RZnxQIaOUAb1bejDTPmbtnW5pxGdITXcsUhx96lMT4hejWppCuU4vssE_ZXtJi7I8F7kuAyZkvrjvHVG0XDEk2LHDJB61IqyXhJHXVmtSKu1fu94Xh5NkleF4fWjakKeu2UwQWy4C7sO1RnqBZzZdw51pZ-_bpRlieNmjgZ6ZAjm8w3-CLH6T6pI_VT_otQnEf7bvYSJXR5Wvc9UNgfuAEy7ORbS43pccpdAPqmV_hrq6e8FXUNigihFoa0FoPouXy47khR1n0DZD2K1mJIQVwWCAJMBIZ-VCV9CSBSl4ec08qb8mGTfV2nOfF1Gl6XkvhhlwqCXagQKRZfwdnQz3g_FsojgabzQ2wz5D1fMXekvpA8wxVQqSv-joKvki326JnvahynPx2FIO2mXGE-ejces9ZHaTIn5EzgrG5FaCpL48hBMc9_C_1AXqBTtnn8uXUX3Jh63OnzDQOXF7LprlBCvw9pEtfgbIgkhJVopjzAXsB0v0oPL-IXU_XOLejSpPj91Tl6hExm9q0iWmE3fHbLQjiEc8DU2sHzm0Jmw2jui_5YqyQqg7lX31sGPU6ZWsg5EVhWsWuS7dX8qUL939O5K3e5fkaoFcz-W0b6ZVnENhfBvTjge0uQ6rq2iqh5YumzafxYrWRAbM8DBq8g79k5ATRX2s44-pSSRMgQcse-niwUk5aIu5DSJ89gFvhao5MAP6s8kBfc_0YzfUx0dYzJH4yB24HydKyASMel6uBpvHuDZ7uJtGbD7fKd_vCLeFYRNdYTSLf1x-nf5FqEDQcCFoAJ88pQEXW3q6PC1kOra3tIj1nsEo9NtQ8ecYm4BC-3EPT0QPR28qXOIoYiL7HEXOND-Q5z3CZD6k5MjbtM7_4uSsrzV0emqzgj0Yzj37t8In5qD6gQgkrzQAlKfUZ0TZNoYJNDO_dA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.zsec.uk/nmap-rtfm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 May 2021 00:00:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Eager object| CloudflareApps string| GoogleAnalyticsObject function| ga object| __cfQR object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| switcherActive string| themeColors string| ghosthunter_key number| maxPages string| endMessage string| loadingMessage string| Message object| __webpackStripeJSv3Jsonp function| Stripe object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| _extends function| _typeof function| $ function| jQuery function| Popper object| bootstrap function| Hammer function| LazyLoad function| lunr function| Levenshtein string| google_user_agent_client_hint object| _self object| Prism object| typescript function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired undefined| secondaryColors undefined| primaryColors undefined| localSecondaryColor undefined| localPrimaryColor function| recalculatePostHeight object| cssBackgrounds object| articleImages number| google_lpabyc object| _0x174c function| _0x26e5 undefined| r undefined| m object| tocbot function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| ClipboardJS boolean| __cfRLUnblockHandlers object| regeneratorRuntime object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.zsec.uk/ Name: _gat
Value: 1
.zsec.uk/ Name: _ga
Value: GA1.2.1769220849.1620345638
.zsec.uk/ Name: _gid
Value: GA1.2.103095098.1620345638
.zsec.uk/ Name: __cfduid
Value: d4dcb76bc6775164dd69da559c6d60e061620345636

2 Console Messages

Source Level URL
Text
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/tocbot.min.js(Line 1)
Message:
Element not found: .toc
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/tocbot.min.js(Line 1)
Message:
Element not found: .post-content

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
blog.zsec.uk
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.unsplash.com
js.stripe.com
m.stripe.com
m.stripe.network
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
142.250.185.226
151.101.112.176
151.101.12.176
2606:4700:3034::6815:46d2
2606:4700::6810:125e
2606:4700::6810:7caf
2606:4700::6810:a823
2a00:1450:4001:800::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c04::9a
2a04:4e42:1b::720
34.208.121.230
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
044edff8b3adbc435bf7e3de587d68fc195df36b2f067feb6daca1b0bd2431a8
09f41451ee670abd2cf15681d5d3c8497db9266c141d545a6cc8e2f98505512e
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
1a661b4acb4f78106d9249b9b0b2f361101487e09581415d583568a4a3ce1946
1b15fe2971998a048aebb60f26f6eed76122071db9ef3b995abd003224f52a98
1d7e39f6f8f384adf690188705d6a4b751b6e2fd16566700424171caf5106d4d
1e8825a3938321ef0a8aa3f6f21ab968565f41ed6b15c36440f92e54e21351fb
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
30b250c89aa882cdf15a274e8e754f9b1f8106191180cfa81cd3c0d005f4cca7
389d25fcb4aedc73321f09a65085bf2ff4adea5868600b29053a101ec232d04e
3a31e4c9fb5d42941bcccd1251e4874b8c79b62e039f3816bdefc356751a1864
40d9379eba5600564e84c9cbf197ffa1b9331ca8cc9d689a21c38256f350f0ef
41d9b00eb3f443e1eb77b8c37a7694c21a21d2f2e7116c0095254a19889ce3e7
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4f2f7534931488bb7af4dd1c1f577aae2f473bbdd85690dc6abfb08f09385158
55568de9c92660eeebdd1d9c35b0ad2a34d112651b6bc7dcf5c6a2e8e62c7028
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
60a9aa4e00309bcc6c2d95ae3a5a7f3e680dc8da36c3feff01f23d1ba5b0e471
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6daf49c318d8ec76d13f99cea7556912407bd2d2c20f7686fdd9814da1773121
796c043363b34ed6558401863d5a6f62f75b958c4d16b03392b839d1db517922
7a30764b5286423769de4a85297de6e43c957494f265cb38fb84328091bbc839
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8786ea05fcdb361c9f5bf875ad59965c141a27fcc7b99c6462a76ab35180dc5e
8d648907a22eb30d672c1f88ab0934769f53da34a7e5b4732d72421355663885
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9d9c4034cf66cdc7ed16bc723aa65b6233262772259fefdcd6d76f7e972b117f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a6d46a12c9a3a026f3666a1b709aeaf81d5dc89c45224db7575bfe395c3fc020
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bcb15ff20a1b1dd556cb6976d64dc8bc45c29048d7aceccd019290f6be5f19f1
c02fc68565112773536bdc781f6ec47a0bca8c0d41a3282da31bf28419aaac98
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cb8bd823562a4ad508a4ca1a249940c0f171218b7470ed3fc3f39ed0bdbb5f62
cc59d406a4a87dc2cae39fbb74414e4694b7720ee57f4d1b8710e515e65a83e7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d1c2675310ec47689b8ad0068908e615dcd7d7f1abd5e11b2e0ec061194443d9
d5c385bee34ff69aae909c712e0dd08b64e3963e534430800b054a72a051126e
d72c687f5bc9266ab50f49198cc547413dcd0bddf04588b1e5e1b923e67c67ff
daba7813f24af897ca353ee89f5965dcfd3190fc685deac73c94a2c3c793da96
dca7d5de8bf2c12c1c173aa6d795b1b39017e0f7f9625b9ca75a121866bcc560
df7430d25377aa8eed2d92f873bbc32c26a9454b3e80db5045a5483879383abb
e0244e08ecf5ea74636a7bb1320864cd9cc239d9b02d7c45a823025bb5c6fe50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bca76018c14830857f7cee3dd7a0a549062db95a58e4ac96337f8f6c216deb
ec8fc875b3ccd7b41d8ea44dc295588f8883180430ed9147cbd452494d72bcb1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
f5fb47c81bbed3f443dad85c60698e903b3a10ec4998ad1b172fb2fe155b30ef