pentestlab.blog Open in urlscan Pro
192.0.78.24 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pentestlab.blog/tag/vssown/
Submission: On August 21 via manual (August 21st 2020, 12:33:04 am UTC) from US

Summary HTTP 83 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 83 HTTP transactions. The main IP is 192.0.78.24, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is pentestlab.blog.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 16th 2020. Valid for: 3 months.

This is the only time pentestlab.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.0.78.24 192.0.78.24	2635 (AUTOMATTIC) (AUTOMATTIC)
17	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
41	192.0.72.28 192.0.72.28	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
4	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
4	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	192.0.78.18 192.0.78.18	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
83	12

1 192.0.78.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

pentestlab.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 192.0.72.28 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

pentestlab.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

0.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.18 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

r-login.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	wordpress.com pentestlab.files.wordpress.com r-login.wordpress.com	4 MB
21	wp.com s0.wp.com stats.wp.com pixel.wp.com	429 KB
5	gstatic.com fonts.gstatic.com	70 KB
5	twitter.com platform.twitter.com syndication.twitter.com	31 KB
3	gravatar.com 0.gravatar.com	10 KB
2	facebook.com www.facebook.com
2	facebook.net connect.facebook.net	63 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	pentestlab.blog pentestlab.blog	46 KB
83	9

	Domain	Requested by
41	pentestlab.files.wordpress.com	pentestlab.blog
17	s0.wp.com	pentestlab.blog s0.wp.com
5	fonts.gstatic.com	fonts.googleapis.com
4	platform.twitter.com	pentestlab.blog platform.twitter.com
3	pixel.wp.com	pentestlab.blog
3	0.gravatar.com	pentestlab.blog 0.gravatar.com
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	s0.wp.com connect.facebook.net
2	fonts.googleapis.com	pentestlab.blog s0.wp.com
1	syndication.twitter.com	pentestlab.blog
1	r-login.wordpress.com	pentestlab.blog
1	stats.wp.com	pentestlab.blog
1	pentestlab.blog
83	13

This site contains links to these domains. Also see Links.

Domain
github.com
gist.github.com
twitter.com
bohops.com
adsecurity.org
www.foofus.net
discord.com
www.youtube.com
discord.gg
www.facebook.com
wordpress.com
pentestlab.wordpress.com
en.wordpress.com
subscribe.wordpress.com

Subject Issuer	Validity	Valid
tls.automattic.com Let's Encrypt Authority X3	`2020-08-16` - `2020-11-14`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-15` - `2021-01-14`	2 years	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-13` - `2021-08-18`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-12` - `2022-11-14`	2 years	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://pentestlab.blog/tag/vssown/
Frame ID: FFA06314C2D8BA8DA2E0888996EA6B67
Requests: 78 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.3c5aa8e2a38bbbee4b6d88e6846fc657.html?origin=https%3A%2F%2Fpentestlab.blog
Frame ID: 1AB80B2AC042ACAF2BA8600C7587EA2B
Requests: 1 HTTP requests in this frame

Frame: https://r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9wZW50ZXN0bGFiLmJsb2c%3D&wpcomid=32637504&time=1597969967
Frame ID: 4446EA570CA88E7FF62CC1431ADFBD23
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.3c5aa8e2a38bbbee4b6d88e6846fc657.en.html
Frame ID: F4A99C254CF18CC59C70E0540E4596BF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26b8560ed9fed4%26domain%3Dpentestlab.blog%26origin%3Dhttps%253A%252F%252Fpentestlab.blog%252Ff2a0d05fff69094%26relation%3Dparent.parent&container_width=342&height=432&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fpentestlaboratory%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=200
Frame ID: 41636972750FA6A2CF2527C41B2CA035
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fbf17244f9d68%26domain%3Dpentestlab.blog%26origin%3Dhttps%253A%252F%252Fpentestlab.blog%252Ff2a0d05fff69094%26relation%3Dparent.parent&container_width=200&height=432&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fpentestlaboratory%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=200
Frame ID: 77BD9EE378A8AA25FC7705BF3B98E70D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

83
Requests

100 %
HTTPS

42 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

4322 kB
Transfer

5176 kB
Size

0
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/samratashok/nishang
Title: Nishang

Search URL Search Domain Scan URL

URL: https://github.com/samratashok/nishang/blob/master/Gather/Copy-VSS.ps1
Title: Copy-VSS

Search URL Search Domain Scan URL

URL: https://gist.github.com/monoxgas/9d238accd969550136db
Title: Invoke–DCSync

Search URL Search Domain Scan URL

URL: https://twitter.com/monoxgas
Title: Nick Landers

Search URL Search Domain Scan URL

URL: https://twitter.com/bohops
Title: bohops

Search URL Search Domain Scan URL

URL: https://bohops.com/2018/03/26/diskshadow-the-return-of-vss-evasion-persistence-and-active-directory-database-extraction/
Title: blog

Search URL Search Domain Scan URL

URL: https://twitter.com/PyroTek3
Title: Sean Metcalf

Search URL Search Domain Scan URL

URL: https://adsecurity.org/?p=2398
Title: blog

Search URL Search Domain Scan URL

URL: https://twitter.com/lanmaster53
Title: Tim Tomes

Search URL Search Domain Scan URL

URL: https://github.com/lanmaster53/ptscripts/blob/master/windows/vssown.vbs
Title: vssown

Search URL Search Domain Scan URL

URL: http://www.foofus.net/fizzgig/fgdump/fgdump-2.1.0-exeonly.zip
Title: fgdump

Search URL Search Domain Scan URL

URL: https://github.com/CoreSecurity/impacket
Title: Impacket

Search URL Search Domain Scan URL

URL: https://github.com/zcgonvh/NTDSDumpEx
Title: NTDSDumpEx

Search URL Search Domain Scan URL

URL: https://github.com/LordNem/adXtract
Title: adXtract

Search URL Search Domain Scan URL

URL: http://twitter.com/netbiosX
Title: @ Twitter

Search URL Search Domain Scan URL

URL: http://twitter.com/_batsec_
Title: _batsec_

Search URL Search Domain Scan URL

URL: http://twitter.com/netbiosX/statuses/1293549458693791747
Title: 1 week ago

Search URL Search Domain Scan URL

URL: http://twitter.com/am0nsec
Title: am0nsec

Search URL Search Domain Scan URL

URL: http://twitter.com/Flangvik
Title: Flangvik

Search URL Search Domain Scan URL

URL: http://twitter.com/Jean_Maes_1994
Title: Jean_Maes_1994

Search URL Search Domain Scan URL

URL: http://twitter.com/netbiosX/statuses/1290329994389008384
Title: 2 weeks ago

Search URL Search Domain Scan URL

URL: http://twitter.com/Iansecretario_
Title: Iansecretario_

Search URL Search Domain Scan URL

URL: http://twitter.com/bp384r1
Title: bp384r1

Search URL Search Domain Scan URL

URL: http://twitter.com/TrustedSec
Title: TrustedSec

Search URL Search Domain Scan URL

URL: http://twitter.com/pentestlabltd
Title: pentestlabltd

Search URL Search Domain Scan URL

URL: https://discord.com/invite/rR6FJBH
Title: discord.com/invite/rR6FJBH

Search URL Search Domain Scan URL

URL: http://twitter.com/netbiosX/statuses/1289487654577246209
Title: 2 weeks ago

Search URL Search Domain Scan URL

URL: https://twitter.com/i/web/status/1289251267802406912
Title: twitter.com/i/web/status/1…

Search URL Search Domain Scan URL

URL: http://twitter.com/netbiosX/statuses/1289251267802406912
Title: 2 weeks ago

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23redteaming
Title: #redteaming

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=hqtGdfULemQ
Title: youtube.com/watch?v=hqtGdf…

Search URL Search Domain Scan URL

URL: http://twitter.com/netbiosX/statuses/1289239935329792000
Title: 2 weeks ago

Search URL Search Domain Scan URL

URL: https://discord.gg/rR6FJBH
Title: Discord

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pentestlaboratory/
Title: Facebook Page

Search URL Search Domain Scan URL

URL: https://wordpress.com/?ref=footer_blog
Title: Blog at WordPress.com.

Search URL Search Domain Scan URL

URL: https://pentestlab.wordpress.com/wp-admin/customize.php?url=https%3A%2F%2Fpentestlab.wordpress.com%2Ftag%2Fvssown%2F
Title: Customize

Search URL Search Domain Scan URL

URL: https://wordpress.com/start/
Title: Sign up

Search URL Search Domain Scan URL

URL: https://wordpress.com/log-in?redirect_to=https%3A%2F%2Fpentestlab.blog%2F2018%2F07%2F04%2Fdumping-domain-password-hashes%2F&signup_flow=account&domain=pentestlab.blog
Title: Log in

Search URL Search Domain Scan URL

URL: http://en.wordpress.com/abuse/
Title: Report this content

Search URL Search Domain Scan URL

URL: https://subscribe.wordpress.com/
Title: Manage subscriptions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pentestlab.blog/tag/vssown/ 189 KB
46 KB 426ms
402ms Document
text/html 192.0.78.24
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fd54e1e14f65a8eb826dc566af79900b01330eb5e423ea9835de798bc322e83d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pentestlab.blog
:scheme: https
:path: /tag/vssown/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Fri, 21 Aug 2020 00:32:47 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
content-encoding: gzip
x-ac: 3.fra _dfw

GET
H2 200 /
s0.wp.com/_static/ 201 KB
28 KB 29ms
9ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJylkVtOAzEMRTdEYgJFQz8Qa0kyVnDJS7GjanZPZtqiqkJQiR9Lfpwr2xeOVfmSBbNA6qrGHigzHKsvSXGiiMtNpj3zA1xhFyb0kTpsYXQawquetAHXKc7gYvGfKpJrti3AskT8v4x8YLpHZqMYDijVrrhdShcVGs13b3Ij0axQDvwH7ssZM/rpWT/CTCzfRfUze2XBev2op2plnUg4k8U4Ts7yG3byyrnakFmNmKgntf1qs+49vZmX/WR2Zj9Nhy+ctL49?cssminify=yes
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: babf3374128d37cce61da79816f1db1875ed028a728a4631562dcc5aa57ed3f3

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 10:34:54 GMT
server: nginx
etag: W/"5f32744e-3229e"
vary: Accept-Encoding
content-type: text/css;charset=utf-8
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Fri, 20 Aug 2021 17:53:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1001 B 35ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%2BSans%3A400%2C400italic%2C700%2C700italic%7CMontserrat%3A500&subset=latin%2Clatin-ext&ver=5.5-wpcom-484371

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d74cd406e1340a9c44419adaa5525d562cfc5647052c3169298b8fe1b39bbbf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://pentestlab.blog
Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Aug 2020 00:32:47 GMT
server: ESF
date: Fri, 21 Aug 2020 00:32:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Aug 2020 00:32:47 GMT

GET
H2 200 /
s0.wp.com/_static/ 75 KB
17 KB 29ms
9ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJyNkEEOwjAMBD9ECEUUqQfEW9LgBlMnruJEhd+TcKkqpMJt15rZg/U8KcshQUg63cGD6CmCx+xrHThHbUX0UBBlZhD2sC+Hnf7tSXrRN+yzmig7DKJnvDlIZdxY6JlHRTiW8PzfFLZoSGFB1mVLdsCK2JqEHFZFDWQwbqkRemJXovt8ZalbkrF1vDdxSRW/+kvTdm13PDeH0+MN38CTng==?cssminify=yes
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 7617bba5d37b3f57efc7a2ce8e036eb2c3cff3c571dc3c8e80b5f383164083bd

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 17:22:33 GMT
server: nginx
etag: W/"5f32d3d9-12b75"
vary: Accept-Encoding
content-type: text/css;charset=utf-8
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Wed, 11 Aug 2021 17:27:19 GMT

GET
H2 200 global.css
s0.wp.com/wp-content/themes/h4/ 323 B
292 B 29ms
10ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/themes/h4/global.css?m=1420737423h&cssminify=yes
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 47109b8930a0453870e5f0d19fa81b9c7e9d174c9c606bbf61f05ed4645af1c9

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
server: nginx
etag: W/"5c32dc5e-1d7"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Sat, 21 Nov 2020 08:30:58 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ 132 KB
42 KB 29ms
10ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-includes/js/jquery/jquery.js,/wp-content/js/postmessage.js,/wp-content/js/mobile-useragent-info.js?m=1558356653j
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: b5b0039d6b49d16a58800cf527da18050dfed96bb44f57cbb5ad74a8df3bd4b2

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
last-modified: Mon, 20 May 2019 12:51:00 GMT
server: nginx
etag: W/"5ce2a2b4-20f10"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Thu, 11 Feb 2021 18:40:45 GMT

GET
H2 200 /
s0.wp.com/ 5 KB
1 KB 29ms
10ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/?custom-css=1&csblog=2cWvm&cscache=6&csrev=34
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 893a7a315254505f93d4c92ada4651a29eab01b5f46047c15ebf8dedca408414

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
content-type: text/css;charset=utf-8
x-nc: HIT fra 2
x-ac: 4.fra _dfw
expires: Wed, 07 Jul 2021 01:27:20 GMT

GET
H2 200 mimikatz-dump-domain-hashes-via-dcsync-clear-version.png
pentestlab.files.wordpress.com/2018/06/ 21 KB
22 KB 46ms
9ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/06/mimikatz-dump-domain-hashes-via-dcsync-clear-version.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a6ed71650b3fe81b56d1866fc3d7d722eb1ba627704dfbbfc3115317e5224158

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 27 Jun 2018 01:46:37 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 21961
expires: Mon, 07 Sep 2020 09:06:27 GMT

GET
H2 200 mimikatz-dump-user-hash-via-dcsync.png
pentestlab.files.wordpress.com/2018/06/ 59 KB
59 KB 83ms
47ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/06/mimikatz-dump-user-hash-via-dcsync.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7833b1559e208505ce2d1ebe63e6bf5f966e735509c367d75195e661e831b5d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 27 Jun 2018 02:19:43 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 60726
expires: Sat, 05 Sep 2020 12:13:00 GMT

GET
H2 200 mimikatz-dump-domain-hashes-via-lsass.png
pentestlab.files.wordpress.com/2018/06/ 15 KB
15 KB 83ms
47ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/06/mimikatz-dump-domain-hashes-via-lsass.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5fd1488e6d46a6b16a8f74c47d1683cecd62626b15832b2c8f3af972fe6c7e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 27 Jun 2018 02:25:16 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 15547
expires: Sun, 23 Aug 2020 04:03:58 GMT

GET
H2 200 mimikatz-dump-domain-hashes-via-lsadump.png
pentestlab.files.wordpress.com/2018/06/ 21 KB
21 KB 83ms
48ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/06/mimikatz-dump-domain-hashes-via-lsadump.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

233535e5bdc81c34902ea43801b4955870f855baa624044948b91f35b2c1e977

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 27 Jun 2018 02:27:29 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 21653
expires: Sun, 23 Aug 2020 05:59:01 GMT

GET
H2 200 empire-dcsync-hashdump-module-clean.png
pentestlab.files.wordpress.com/2018/06/ 188 KB
189 KB 84ms
48ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/06/empire-dcsync-hashdump-module-clean.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dac73b5a4c8d2834c1a34a25b74bf05d1dd52d676cdf98acccc22d10c19ca12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 27 Jun 2018 02:37:04 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 192925
expires: Wed, 09 Sep 2020 23:07:08 GMT

GET
H2 200 empire-dcsync-module.png
pentestlab.files.wordpress.com/2018/06/ 79 KB
79 KB 91ms
56ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/06/empire-dcsync-module.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6511cb9a53ab4506d79d40fe6237899411a2498a492e155de08bfc9e0aaa7b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 27 Jun 2018 02:41:55 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 80838
expires: Fri, 11 Sep 2020 15:56:08 GMT

GET
H2 200 empire-dcsync-account-information.png
pentestlab.files.wordpress.com/2018/06/ 197 KB
197 KB 76ms
72ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/06/empire-dcsync-account-information.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e0f7c137306aa4a3a304fb1852020bc71c04d1f256d574e166263bd32703811

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 27 Jun 2018 02:43:27 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 201522
expires: Sat, 22 Aug 2020 21:48:14 GMT

GET
H2 200 nishang-extract-ntds-powershell.png
pentestlab.files.wordpress.com/2018/07/ 9 KB
9 KB 76ms
73ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/nishang-extract-ntds-powershell.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da64a024963c1da5539485a17e8ce16b97f2d3d19f92bc60df83ad78475d7861

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Mon, 02 Jul 2018 21:05:17 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 9375
expires: Sun, 06 Sep 2020 15:25:13 GMT

GET
H2 200 nishang-extract-ntds-meterpreter.png
pentestlab.files.wordpress.com/2018/07/ 78 KB
78 KB 76ms
73ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/nishang-extract-ntds-meterpreter.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ee9f4d4bdc802f93ed5dd489988c841f1a2e5d270f7075124f37b3cf1d9c0534

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Mon, 02 Jul 2018 21:08:03 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 79976
expires: Mon, 24 Aug 2020 23:29:38 GMT

GET
H2 200 nishang-extract-ntds-meterpreter-powershell.png
pentestlab.files.wordpress.com/2018/07/ 57 KB
57 KB 76ms
73ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/nishang-extract-ntds-meterpreter-powershell.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6eb5b5886c24952076167a67b303ee16740a0737dccc49951d8dc24a4be7a680

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Mon, 02 Jul 2018 21:11:06 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 58395
expires: Sun, 20 Sep 2020 16:11:48 GMT

GET
H2 200 powersploit-volumeshadowcopytools.png
pentestlab.files.wordpress.com/2018/07/ 12 KB
12 KB 106ms
103ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/powersploit-volumeshadowcopytools.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

750dfa032aa9bb8a055c59e9c199e09f4cf1d28f4dddb4ea0d53dcf0c9b240a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Mon, 02 Jul 2018 21:17:32 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 12052
expires: Wed, 02 Sep 2020 11:20:20 GMT

GET
H2 200 powersploit-volume-shadow-copy.png
pentestlab.files.wordpress.com/2018/07/ 56 KB
56 KB 77ms
73ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/powersploit-volume-shadow-copy.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

49e38d2cf2a88a65cf155f63df749aa4b97f308eab1acd94017bf8a557b3f24f

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Mon, 02 Jul 2018 21:20:35 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 57305
expires: Tue, 01 Sep 2020 10:15:30 GMT

GET
H2 200 invoke-dcsync-powershell.png
pentestlab.files.wordpress.com/2018/07/ 4 KB
5 KB 77ms
73ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/invoke-dcsync-powershell.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

396f094942f65264288b614134a55aade42f1496000a2f7b5481502150184409

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Mon, 02 Jul 2018 21:28:42 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 4578
expires: Sun, 30 Aug 2020 20:53:20 GMT

GET
H2 200 invoke-dcsync-powershell-pwdump-format.png
pentestlab.files.wordpress.com/2018/07/ 57 KB
57 KB 77ms
74ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/invoke-dcsync-powershell-pwdump-format.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f33e42be2af3a23718becb611cebb0d5fbc8e670ffd20a5fc48fbcd460286860

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Mon, 02 Jul 2018 21:34:15 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 58485
expires: Thu, 17 Sep 2020 14:41:08 GMT

GET
H2 200 invoke-dcsync-metasploit.png
pentestlab.files.wordpress.com/2018/07/ 81 KB
82 KB 77ms
73ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/invoke-dcsync-metasploit.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

70c3ff47dca834921ebb758bfc66876ae5f912309224b0848582cd56913837b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Mon, 02 Jul 2018 21:36:26 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 83343
expires: Sat, 29 Aug 2020 03:04:14 GMT

GET
H2 200 invoke-dcsync-metasploit-pwdump-format.png
pentestlab.files.wordpress.com/2018/07/ 70 KB
70 KB 78ms
74ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/invoke-dcsync-metasploit-pwdump-format.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9c3ad15a8d750391481d7481a0bde497be874e127f0f255e431c1df7102e0dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Mon, 02 Jul 2018 21:37:28 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 71316
expires: Wed, 09 Sep 2020 12:33:14 GMT

GET
H2 200 ntdsutil.png
pentestlab.files.wordpress.com/2018/07/ 121 KB
121 KB 105ms
101ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/ntdsutil.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fc3d9b93d10fdc6be493d2df787a2bdd05933987d748fecbb1c7b11648eb2502

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Mon, 02 Jul 2018 21:43:41 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 123491
expires: Fri, 11 Sep 2020 05:10:16 GMT

GET
H2 200 webfont.js Show response
s0.wp.com/wp-content/plugins/custom-fonts/js/ 12 KB
5 KB 13ms
8ms Script
application/x-javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/plugins/custom-fonts/js/webfont.js
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: cb8943abdc046f98c2a74cbe013552f1ed2a5746fd76546ed63f60d32dd83615

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
server: nginx
etag: W/"5867460b-30cd"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Sat, 21 Nov 2020 08:30:14 GMT

GET
H2 200 wp-emoji-release.min.js Show response
s0.wp.com/wp-includes/js/ 14 KB
5 KB 13ms
9ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1596548281h&ver=5.5-wpcom-484371
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
server: nginx
etag: W/"5f2964cb-37a6"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Wed, 11 Aug 2021 16:04:33 GMT

GET
H2 200 ntdsutil-ntds.png
pentestlab.files.wordpress.com/2018/07/ 9 KB
9 KB 107ms
104ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/ntdsutil-ntds.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8420698602791fee1748d91d874aee04b9a57711c75e771d0fc2e88cd5bea4e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Mon, 02 Jul 2018 21:45:58 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 8743
expires: Wed, 26 Aug 2020 11:24:00 GMT

GET
H2 200 diskshadow.png
pentestlab.files.wordpress.com/2018/07/ 151 KB
151 KB 108ms
104ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/diskshadow.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

30c5f225bd8fbd7dd37c96a8e1131fb03d9a11cc189b4c2d843aa9e5083fc2ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 21:37:17 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 154879
expires: Wed, 02 Sep 2020 08:01:10 GMT

GET
H2 200 diskshadow-retrieve-shadow-copies.png
pentestlab.files.wordpress.com/2018/07/ 111 KB
112 KB 108ms
105ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/diskshadow-retrieve-shadow-copies.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21b20e5127c17cda1de66d5a434cbee63e774cc6ac812f2fdf16bce0cb210549

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 21:40:03 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 114084
expires: Wed, 09 Sep 2020 05:06:04 GMT

GET
H2 200 diskshadow-copy-system-from-registry.png
pentestlab.files.wordpress.com/2018/07/ 13 KB
13 KB 108ms
104ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/diskshadow-copy-system-from-registry.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e073734a1bbc1ec0200453415aacf7c6a10eb8725d2b56d69d0b0d1725869c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 21:42:50 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 13037
expires: Sun, 06 Sep 2020 00:32:44 GMT

GET
H2 200 wmi-create-volume-shadow-copy.png
pentestlab.files.wordpress.com/2018/07/ 26 KB
26 KB 108ms
105ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/wmi-create-volume-shadow-copy.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

68a63ba365cb43c479c159e64ec6f46c015519a5875b3085f54f2f86cadf930b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 04 Jul 2018 05:33:07 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 26623
expires: Mon, 14 Sep 2020 14:07:08 GMT

GET
H2 200 wmi-copy-ntds-file.png
pentestlab.files.wordpress.com/2018/07/ 15 KB
15 KB 109ms
105ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/wmi-copy-ntds-file.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e838c221cbfe383f98136f96786271a707134c018a4fb4826d6246f2eafc82f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 04 Jul 2018 05:35:07 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 14949
expires: Sat, 29 Aug 2020 18:56:03 GMT

GET
H2 200 wmi-copy-system-file.png
pentestlab.files.wordpress.com/2018/07/ 23 KB
23 KB 118ms
115ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/wmi-copy-system-file.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b83ede51671ac7e33a9e5d3c8e6e9b9158f8dfd329440a598c7df6f87c020f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 04 Jul 2018 05:36:00 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 23832
expires: Sat, 05 Sep 2020 18:55:13 GMT

GET
H2 200 wmi-transfer-files-via-copy.png
pentestlab.files.wordpress.com/2018/07/ 15 KB
15 KB 119ms
115ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/wmi-transfer-files-via-copy.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

612e0e0f70a90b408e2233681f67b511163431e3bf999eaef7a09ef5de5146cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 04 Jul 2018 05:36:50 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 14968
expires: Fri, 21 Aug 2020 06:41:59 GMT

GET
H2 200 vssadmin-create-volume-shadow-copy.png
pentestlab.files.wordpress.com/2018/07/ 28 KB
28 KB 119ms
116ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/vssadmin-create-volume-shadow-copy.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fdd3f87b418414e310060ab4eab7e0d9faa0f3487376e3f0e1c91713cc16890c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 22:24:30 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 28848
expires: Sun, 13 Sep 2020 07:05:01 GMT

GET
H2 200 copy-files-from-volume-shadow-copy.png
pentestlab.files.wordpress.com/2018/07/ 20 KB
20 KB 119ms
116ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/copy-files-from-volume-shadow-copy.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

756358c05345624972ffbaf0e3edd51ba411ef5d7c1fd9b7212b13504b4a4a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 22:30:00 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 20176
expires: Wed, 16 Sep 2020 19:16:42 GMT

GET
H2 200 shadowcopy-files.png
pentestlab.files.wordpress.com/2018/07/ 9 KB
9 KB 119ms
116ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/shadowcopy-files.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6327b1895c92a3358bc48dd19fb1080234f5a7ae289c520d1ab48b72eb6d7431

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 22:31:34 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 9483
expires: Sun, 13 Sep 2020 08:41:36 GMT

GET
H2 200 vssown-volume-shadow-copy.png
pentestlab.files.wordpress.com/2018/07/ 131 KB
131 KB 119ms
116ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/vssown-volume-shadow-copy.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2d6680c1ce8ca83c9a32f9b20576221e5fc92c3677a944b1fbef203f8e9c109d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 22:37:09 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 134073
expires: Fri, 28 Aug 2020 04:39:35 GMT

GET
H2 200 vssown-copy-ntds-system-and-sam-files.png
pentestlab.files.wordpress.com/2018/07/ 53 KB
53 KB 120ms
117ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/vssown-copy-ntds-system-and-sam-files.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a561b720652aea88d9e9623f0976851b7dbc8021a51a63c78e36467d0b28471e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 22:39:44 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 53781
expires: Tue, 01 Sep 2020 07:23:02 GMT

GET
H2 200 metasploit-ntds-module.png
pentestlab.files.wordpress.com/2018/07/ 241 KB
241 KB 120ms
116ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/metasploit-ntds-module.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

846a0773ddb41abf42d8982edf456851f777ebb8cb37b5a22d8edd0529338fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 22:58:20 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 246833
expires: Thu, 03 Sep 2020 15:22:56 GMT

GET
H2 200 metasploit-domain-hashdump.png
pentestlab.files.wordpress.com/2018/07/ 183 KB
183 KB 120ms
117ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/metasploit-domain-hashdump.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

03ce1cb90e6346a5349e77c0c24158e5b7a5a1431d9c892dcbfd3751b4335499

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 23:00:54 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 187340
expires: Mon, 14 Sep 2020 14:46:39 GMT

GET
H2 200 metasploit-hashdump-on-dc.png
pentestlab.files.wordpress.com/2018/07/ 125 KB
125 KB 121ms
117ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/metasploit-hashdump-on-dc.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6de9cdee58d1ff3b241684d19eebe3bf608993841ab929ef01a1d7e7e6092afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 23:02:52 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 127736
expires: Sun, 30 Aug 2020 02:16:13 GMT

GET
H2 200 fgdump-domain-controller.png
pentestlab.files.wordpress.com/2018/07/ 96 KB
97 KB 122ms
119ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/fgdump-domain-controller.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5cefdf70694f247384dd86639feb1b34bd29980eec3e42438a11d432ca121acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 21:53:45 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 98753
expires: Sat, 22 Aug 2020 10:35:18 GMT

GET
H2 200 fgdump-pwdump-file.png
pentestlab.files.wordpress.com/2018/07/ 94 KB
94 KB 121ms
118ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/fgdump-pwdump-file.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

af911c969f58e4c7ab09e917a8bd526644770d252f360e7304f4baa41051ba3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 21:55:34 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 95794
expires: Fri, 21 Aug 2020 00:52:55 GMT

GET
H2 200 impacket-extract-ntds-contents.png
pentestlab.files.wordpress.com/2018/07/ 174 KB
175 KB 121ms
118ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/impacket-extract-ntds-contents.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cdebcaf75829bd2aaec827a95b603b78ce194ec1ed7def8cc8e2638e4bce87fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 23:35:21 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 178507
expires: Sat, 29 Aug 2020 17:14:13 GMT

GET
H2 200 impacket-extract-ntds-contents-remotely.png
pentestlab.files.wordpress.com/2018/07/ 227 KB
227 KB 121ms
118ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/impacket-extract-ntds-contents-remotely.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

17733834b2e145a87149b1fad36d4d2c1591fe3199e1f2ba9da0af38d0db92e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 23:39:32 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 232471
expires: Sat, 22 Aug 2020 06:51:20 GMT

GET
H2 200 ntdsdumpex.png
pentestlab.files.wordpress.com/2018/07/ 147 KB
148 KB 122ms
119ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/ntdsdumpex.png?w=760

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4500bd15e556c928ea1e47be6299ef0901a1d4f8bc2be8ef0d44403c0b3a21a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Tue, 03 Jul 2018 23:41:09 GMT
server: nginx
status: 200
accept-ranges: bytes
vary: Accept, Origin
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
x-orig-src: 0_imageresize
access-control-allow-credentials: true
content-length: 151007
expires: Wed, 02 Sep 2020 03:02:39 GMT

GET
H2 200 adxtract.png
pentestlab.files.wordpress.com/2018/07/ 199 KB
199 KB 122ms
119ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/adxtract.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c60c066efcdbbda1225b05c1f751559866b72f9a6be7e7719e61c742b97fff3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 04 Jul 2018 05:13:26 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 203978
expires: Mon, 07 Sep 2020 00:06:59 GMT

GET
H2 200 adxtract-list-of-users.png
pentestlab.files.wordpress.com/2018/07/ 208 KB
209 KB 122ms
119ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/adxtract-list-of-users.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7249b952e5b14b881a0231c45ab4eee7aeab43bd57e35c30d35f8a323a349ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 04 Jul 2018 05:16:01 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 213202
expires: Sat, 05 Sep 2020 08:09:56 GMT

GET
H2 200 adxtract-password-hashes.png
pentestlab.files.wordpress.com/2018/07/ 238 KB
239 KB 123ms
120ms Image
image/png 192.0.72.28
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentestlab.files.wordpress.com/2018/07/adxtract-password-hashes.png

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f2325f594fe6199d64f20a57bdab5c40843c68e82abd27806244798ec4aceff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 21 Aug 2020 00:32:47 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Wed, 04 Jul 2018 05:17:09 GMT
server: nginx
status: 200
x-orig-src: 01_mogdir
content-type: image/png
access-control-allow-origin: https://pentestlab.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
vary: Origin
content-length: 244042
expires: Thu, 10 Sep 2020 21:22:09 GMT

GET
H2 200 gprofiles.js Show response
0.gravatar.com/js/ 23 KB
7 KB 22ms
6ms Script
application/javascript 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://0.gravatar.com/js/gprofiles.js?ver=202034y
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 15:50:36 GMT
server: nginx
etag: W/"5e8609cc-5dea"
content-type: application/javascript
status: 200
cache-control: max-age=604800
expires: Fri, 28 Aug 2020 00:32:47 GMT

GET
H2 200 wpgroho.js Show response
s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/ 582 B
406 B 7ms
7ms Script
application/x-javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1380573781h
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 21c557180f1bd074974eb41ae4228b6aa9c41234ab1729d780bc8f05761110bb

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
server: nginx
etag: W/"58674607-2f0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Sat, 21 Nov 2020 08:30:14 GMT

GET
H2 200 widgets.js Show response
platform.twitter.com/ 95 KB
28 KB 34ms
8ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js?ver=20111117
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6adaf62612623c674af2f597baf83ffa56f157a9ab69346be7c11a9569fdebbc

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 28825
x-served-by: cache-bwi5148-BWI, cache-hhn4024-HHN
last-modified: Thu, 30 Jul 2020 22:04:50 GMT
etag: "1dc37899f984d453c1d3d8179829f041+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 / Show response
s0.wp.com/_static/ 29 KB
11 KB 14ms
7ms Script
application/x-javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJzTLy/QTc7PK0nNK9EvyClNz8wr1i+uzCtJrMjITM/IAeKS1CJMEWP94uSizIISoOIM5/yiVL2sYh19yo1yKioFmldcDDTOPtfW0NTcwMjAxNLCNAsAj3M/rw==
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 0d17da85986308697b1090ff212930ec7a871da4bf5a7aa296cc7e6c83318860

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
last-modified: Fri, 04 Oct 2019 16:03:14 GMT
server: nginx
etag: W/"5d976d42-73da"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Sat, 03 Oct 2020 16:05:07 GMT

GET
H2 200 jetpack-carousel.css
s0.wp.com/wp-content/mu-plugins/carousel/ 23 KB
4 KB 15ms
8ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/mu-plugins/carousel/jetpack-carousel.css?m=1592560282h&cssminify=yes
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: cc5635df2454d61df6102853426d79860b19de9f70e961bbb544f5ce67747030

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
server: nginx
etag: W/"5eec8aa4-684c"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Sat, 19 Jun 2021 09:51:35 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ 115 KB
30 KB 14ms
8ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJyVj0sOwjAMRC9EMCCK1AXiKChN3OK0+chJCscnWbRCLCrYjcfzLA88g1DeJXQJTASNMykMr72JO/hYpQdajBAYLWVbx95nroSTMw0ykXe/M1ExhfSdt1mEKQ/kIhhMQaoR7uQU9FJh5/0o0HaoNyipLTnRSQYrY0IuSvgZmUmXP1bvzwuJyydxC1K1fYVWtZFWkn2OOC0dxWIU5mavx6Zt2tPleDibN0x2mhg=
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: c249213dad718dc5091cef6b67c5d1ba2ce3f9d42882eaf5040a37f2da5beae5

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 17:22:33 GMT
server: nginx
etag: W/"5f32d3d9-1cde2"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Wed, 11 Aug 2021 20:40:56 GMT

GET
H2 200 w.js Show response
stats.wp.com/ 13 KB
5 KB 29ms
8ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/w.js?61
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f45206737eac638bb52a6adda01ec197e1b62f4e40399fbf2956497308b4b63f

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
server: nginx
etag: W/"5e6029bb-4e62"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Thu, 04 Mar 2021 22:24:12 GMT

GET
H2 200 header.jpg
s0.wp.com/wp-content/themes/premium/thefour/img/ 200 KB
200 KB 9ms
8ms Image
image/jpeg 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s0.wp.com/wp-content/themes/premium/thefour/img/header.jpg
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 1f16434d944a6e996c5b5bf08d9061ee33eaf68dbd2f4f8f786e159f7dc5cae6

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
x-ac: 4.fra _dfw
last-modified: Thu, 08 Dec 2016 06:33:13 GMT
server: nginx
etag: "5848fea9-31e2d"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 204333
expires: Sat, 21 Nov 2020 09:22:22 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 67ms
66ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%2BSans%3A400%2C400italic%2C700%2C700italic%7CMontserrat%3A500&subset=latin%2Clatin-ext&ver=5.5-wpcom-484371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pentestlab.blog
Referer: https://fonts.googleapis.com/css?family=Open%2BSans%3A400%2C400italic%2C700%2C700italic%7CMontserrat%3A500&subset=latin%2Clatin-ext&ver=5.5-wpcom-484371
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 15:03:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
server: sffe
age: 898132
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13640
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:03:55 GMT

GET
H2 200 fontawesome-webfont.woff2
s0.wp.com/wp-content/themes/premium/thefour/fonts/ 70 KB
70 KB 65ms
48ms Font
application/font-woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/themes/premium/thefour/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: s0.wp.com
URL: https://s0.wp.com/_static/??-eJyNkEEOwjAMBD9ECEUUqQfEW9LgBlMnruJEhd+TcKkqpMJt15rZg/U8KcshQUg63cGD6CmCx+xrHThHbUX0UBBlZhD2sC+Hnf7tSXrRN+yzmig7DKJnvDlIZdxY6JlHRTiW8PzfFLZoSGFB1mVLdsCK2JqEHFZFDWQwbqkRemJXovt8ZalbkrF1vDdxSRW/+kvTdm13PDeH0+MN38CTng==?cssminify=yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash

Request headers

Origin: https://pentestlab.blog
Referer: https://s0.wp.com/_static/??-eJyNkEEOwjAMBD9ECEUUqQfEW9LgBlMnruJEhd+TcKkqpMJt15rZg/U8KcshQUg63cGD6CmCx+xrHThHbUX0UBBlZhD2sC+Hnf7tSXrRN+yzmig7DKJnvDlIZdxY6JlHRTiW8PzfFLZoSGFB1mVLdsCK2JqEHFZFDWQwbqkRemJXovt8ZalbkrF1vDdxSRW/+kvTdm13PDeH0+MN38CTng==?cssminify=yes
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 1
date: Fri, 21 Aug 2020 00:32:47 GMT
x-ac: 4.fra _dfw
last-modified: Mon, 07 Jan 2019 05:01:32 GMT
server: nginx
etag: "5c32dd2c-118d8"
status: 200
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 71896
expires: Sat, 21 Nov 2020 08:34:15 GMT

GET
H2 200 shCore.css
s0.wp.com/wp-content/plugins/syntaxhighlighter/syntaxhighlighter3/styles/ 5 KB
1 KB 12ms
9ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/plugins/syntaxhighlighter/syntaxhighlighter3/styles/shCore.css?ver=3.0.9b
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 508c7309c11430e3d80e2f203836ac3f26ea2ef3127239fa47592661523a94f0

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
server: nginx
etag: W/"5c32dc5b-1995"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Sat, 21 Nov 2020 08:30:26 GMT

GET
H2 200 shThemeDefault.css
s0.wp.com/wp-content/plugins/syntaxhighlighter/syntaxhighlighter3/styles/ 2 KB
510 B 12ms
9ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/plugins/syntaxhighlighter/syntaxhighlighter3/styles/shThemeDefault.css?m=1363304414h&ver=3.0.9b
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 923e3009de4c32eb9cad94e6d350b077cb806a3bb02b31fb0595ef3adef0b35c

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
server: nginx
etag: W/"5867460d-b3d"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Sat, 21 Nov 2020 08:30:26 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: s0.wp.com
URL: https://s0.wp.com/_static/??-eJyVj0sOwjAMRC9EMCCK1AXiKChN3OK0+chJCscnWbRCLCrYjcfzLA88g1DeJXQJTASNMykMr72JO/hYpQdajBAYLWVbx95nroSTMw0ykXe/M1ExhfSdt1mEKQ/kIhhMQaoR7uQU9FJh5/0o0HaoNyipLTnRSQYrY0IuSvgZmUmXP1bvzwuJyydxC1K1fYVWtZFWkn2OOC0dxWIU5mavx6Zt2tPleDibN0x2mhg=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

773b1086632d2a7f111f048c797fd315cea03bbdb333f7d2782e8eeb467041bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ZU94KIAza0A25LmulQSBSA==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
etag: "7e5f65d097256e673b2dda3dc5ce5019"
x-fb-debug: 0TOdL5UGswOYsFGhJFZzyHMEid8HjuHtLVvW/MI0wAAAGLS5esewK3ZG9Rc4WzuWObHGw0V52VzgiQkGS7V5Hw==
x-fb-trip-id: 2050670934
x-fb-content-md5: 07452bf6677a495486ddb3dae744b17d
x-frame-options: DENY
date: Fri, 21 Aug 2020 00:32:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Aug 2020 00:51:02 GMT

GET
H2 200 wpcom-gray-white.png
s0.wp.com/i/logo/ 8 KB
8 KB 7ms
7ms Image
image/png 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s0.wp.com/i/logo/wpcom-gray-white.png
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: c0e93b5ebf107af77d9e7d101d186b3b93e9d5ad4fbb6a74e2dea60173cc04f8

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
x-ac: 4.fra _dfw
last-modified: Wed, 23 Nov 2016 19:27:32 GMT
server: nginx
etag: "5835eda4-200b"
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8203
expires: Sat, 21 Nov 2020 08:30:14 GMT

GET
H2 200 hovercard.min.css
0.gravatar.com/dist/css/ 8 KB
2 KB 6ms
6ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://0.gravatar.com/dist/css/hovercard.min.css?ver=202034y
Requested by: Host: 0.gravatar.com
URL: https://0.gravatar.com/js/gprofiles.js?ver=202034y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ba4824bef4054dec92055cf62207b9532823232c0d58f9c31c1213b2eb333ff9

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
last-modified: Tue, 24 Mar 2020 12:26:59 GMT
server: nginx
etag: W/"5e79fc93-1fb3"
content-type: text/css
status: 200
cache-control: max-age=604800
expires: Fri, 28 Aug 2020 00:32:47 GMT

GET
H2 200 services.min.css
0.gravatar.com/dist/css/ 3 KB
587 B 7ms
6ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://0.gravatar.com/dist/css/services.min.css?ver=202034y
Requested by: Host: 0.gravatar.com
URL: https://0.gravatar.com/js/gprofiles.js?ver=202034y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
server: nginx
etag: W/"5ab37b5c-a54"
content-type: text/css
status: 200
cache-control: max-age=604800
expires: Fri, 28 Aug 2020 00:32:47 GMT

GET
H2 200 widget_iframe.3c5aa8e2a38bbbee4b6d88e6846fc657.html
platform.twitter.com/widgets/ Frame 1AB8 0
0 8ms
7ms Document
text/html 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.3c5aa8e2a38bbbee4b6d88e6846fc657.html?origin=https%3A%2F%2Fpentestlab.blog
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=20111117
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.3c5aa8e2a38bbbee4b6d88e6846fc657.html?origin=https%3A%2F%2Fpentestlab.blog
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pentestlab.blog/tag/vssown/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pentestlab.blog/tag/vssown/

Response headers

status: 200
last-modified: Thu, 30 Jul 2020 21:53:52 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9fa476ae827f556d5b037fe43632370d+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Fri, 21 Aug 2020 00:32:47 GMT
x-served-by: cache-bwi5121-BWI, cache-hhn4024-HHN
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
H2 200 remote-login.php
r-login.wordpress.com/ Frame 4446 0
0 168ms
146ms Document
text/html 192.0.78.18
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9wZW50ZXN0bGFiLmJsb2c%3D&wpcomid=32637504&time=1597969967

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.18 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: r-login.wordpress.com
:scheme: https
:path: /remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9wZW50ZXN0bGFiLmJsb2c%3D&wpcomid=32637504&time=1597969967
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pentestlab.blog/tag/vssown/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pentestlab.blog/tag/vssown/

Response headers

status: 200
server: nginx
date: Fri, 21 Aug 2020 00:32:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Cookie
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
x-ac: 2.fra _dfw
strict-transport-security: max-age=15552000

GET
H/2+Q/46 200 css
fonts.googleapis.com/ 8 KB
1 KB 68ms
54ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:r,i,b,bi%7CUbuntu:r&subset=latin,latin-ext,latin,latin-ext

Requested by

Host: s0.wp.com
URL: https://s0.wp.com/wp-content/plugins/custom-fonts/js/webfont.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88b7b8e4a13f6e95686ab47279166b264c5c31efeb1d9d10fb52c2b25b7b38a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Aug 2020 00:32:47 GMT
server: ESF
date: Fri, 21 Aug 2020 00:32:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Aug 2020 00:32:47 GMT

GET
H2 200 1f600.svg
s0.wp.com/wp-content/mu-plugins/wpcom-smileys/twemoji/2/svg/ 450 B
588 B 7ms
7ms Image
image/svg+xml 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s0.wp.com/wp-content/mu-plugins/wpcom-smileys/twemoji/2/svg/1f600.svg
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 41478e547c5b6ad66bfcf91ead5350fa0bc247956c3ff912020327e3e9ad0d2b

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 21 Aug 2020 00:32:47 GMT
x-ac: 4.fra _dfw
last-modified: Thu, 25 Jun 2020 06:07:22 GMT
server: nginx
etag: "5ef43f1a-1c2"
status: 200
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 450
expires: Fri, 25 Jun 2021 06:07:58 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 10ms
8ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.7073953725187998
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 21 Aug 2020 00:32:47 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 8ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?blog=32637504&v=wpcom&tz=0&user_id=0&subd=pentestlab&host=pentestlab.blog&ref=&fcp=618&rand=0.629681334221504
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 21 Aug 2020 00:32:47 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 9ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1TaVhzUzFMbjdWNHpwZGhTayxPSUFCMGNrd29%2BSmw0TDhnZmRTK0hlRi9QSGh6bi9GXVhBJWIlZlR5U1JMLU8%2FMkNtblkvY1dzRllmL3pDc1daMWIyayxvaytjJUsudnFyWDA4RlpSSmYuWFd%2BLTA3JmcuM01bZi1WVX5HZXVkekhMU25VTHx%2BNm5bL1AwVERsPTY1b3IlcEZPWS5wblt1REJlTmVBRnhKQy5VUT1Zd0t3UVlzQSxMRGZ2SjFEdGEzd0dhc0wyM255UFNuaFNsd1pCN3BbcVg0YTJRMGJzTmYuSFRvdmRseW1ULHk2TlIxVmhWfk81cG1KRWs2fDc3dlJkSURQYnF1U1VCQlZMWnl5clIxc1o4Sk5pZTRpa1Rbdnk0V3h0W19mX1E0OXZwdVldOHFYcW4zK00wckRLQmldWFNVcjBjUEI5dGprYmc%3D&v=wpcom-no-pv&rand=0.47167854598036607
Requested by: Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 21 Aug 2020 00:32:47 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 button.683df8cb64b87a8e4759b1fa17147ad1.js Show response
platform.twitter.com/js/ 7 KB
2 KB 7ms
7ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.683df8cb64b87a8e4759b1fa17147ad1.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=20111117
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa2a3db7f92e7a7c6a897f2922e6937e04b3b65b01345f72e1814ff21540847e

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 21 Aug 2020 00:32:47 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 2298
x-served-by: cache-bwi5135-BWI, cache-hhn4024-HHN
last-modified: Thu, 30 Jul 2020 21:53:39 GMT
etag: "a1edaf0f14262c7e3306f9b502e5e779+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 200 KB
61 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1f0c647e8de92d229c341154f2ef716d&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85cc1b312d8a14b76a43eae822d406b31114f49ef9f54f7daacbf4681b44455d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://pentestlab.blog
Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IVa+6qxLdScBtZoR+wfo9Q==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 61736
etag: "451d4f30fbc42fa0048ea001572ee9b8"
x-fb-debug: iRaM2fiMWndsaTucFTF8ooSm/deqHlw3+zE+6xERNeNI9KEFLZpvU4UT67/EayBXKD2JUq2TZOfkGh0gJvAnxw==
x-fb-trip-id: 664085054
x-fb-content-md5: 3febd14fe5ce8d9c9ebad0c10e6a1978
x-frame-options: DENY
date: Fri, 21 Aug 2020 00:32:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 20 Aug 2021 23:31:10 GMT

GET
H2 200 follow_button.3c5aa8e2a38bbbee4b6d88e6846fc657.en.html
platform.twitter.com/widgets/ Frame F4A9 0
0 8ms
8ms Document
text/html 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.3c5aa8e2a38bbbee4b6d88e6846fc657.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=20111117
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/follow_button.3c5aa8e2a38bbbee4b6d88e6846fc657.en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pentestlab.blog/tag/vssown/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pentestlab.blog/tag/vssown/

Response headers

status: 200
last-modified: Thu, 30 Jul 2020 21:53:40 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "13d79c52715d1a1bdbcb3337005aa54e+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Fri, 21 Aug 2020 00:32:47 GMT
x-served-by: cache-bwi5128-BWI, cache-hhn4024-HHN
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 13696

GET
H/2+Q/46 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 13 KB
14 KB 54ms
40ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v14/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:r,i,b,bi%7CUbuntu:r&subset=latin,latin-ext,latin,latin-ext

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pentestlab.blog
Referer: https://fonts.googleapis.com/css?family=Ubuntu:r,i,b,bi%7CUbuntu:r&subset=latin,latin-ext,latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 08:18:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:45 GMT
server: sffe
age: 1181646
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13720
x-xss-protection: 0
expires: Sat, 07 Aug 2021 08:18:41 GMT

GET
H/2+Q/46 200 4iCu6KVjbNBYlgoKej70l0miFYxn.woff2
fonts.gstatic.com/s/ubuntu/v14/ 14 KB
14 KB 47ms
44ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v14/4iCu6KVjbNBYlgoKej70l0miFYxn.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:r,i,b,bi%7CUbuntu:r&subset=latin,latin-ext,latin,latin-ext

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pentestlab.blog
Referer: https://fonts.googleapis.com/css?family=Ubuntu:r,i,b,bi%7CUbuntu:r&subset=latin,latin-ext,latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 22:34:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:28 GMT
server: sffe
age: 871068
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14148
x-xss-protection: 0
expires: Tue, 10 Aug 2021 22:34:59 GMT

GET
H/2+Q/46 200 4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 14 KB
14 KB 45ms
41ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v14/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:r,i,b,bi%7CUbuntu:r&subset=latin,latin-ext,latin,latin-ext

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pentestlab.blog
Referer: https://fonts.googleapis.com/css?family=Ubuntu:r,i,b,bi%7CUbuntu:r&subset=latin,latin-ext,latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 05:19:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:48 GMT
server: sffe
age: 1192379
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14096
x-xss-protection: 0
expires: Sat, 07 Aug 2021 05:19:48 GMT

GET
H/2+Q/46 200 4iCp6KVjbNBYlgoKejZPslyPN4FNgYUJ.woff2
fonts.gstatic.com/s/ubuntu/v14/ 15 KB
15 KB 45ms
42ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v14/4iCp6KVjbNBYlgoKejZPslyPN4FNgYUJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:r,i,b,bi%7CUbuntu:r&subset=latin,latin-ext,latin,latin-ext

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pentestlab.blog
Referer: https://fonts.googleapis.com/css?family=Ubuntu:r,i,b,bi%7CUbuntu:r&subset=latin,latin-ext,latin,latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 22:31:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:53 GMT
server: sffe
age: 871259
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14924
x-xss-protection: 0
expires: Tue, 10 Aug 2021 22:31:48 GMT

GET
H2 200 page.php
www.facebook.com/v2.3/plugins/ Frame 4163 0
0 65ms
52ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26b8560ed9fed4%26domain%3Dpentestlab.blog%26origin%3Dhttps%253A%252F%252Fpentestlab.blog%252Ff2a0d05fff69094%26relation%3Dparent.parent&container_width=342&height=432&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fpentestlaboratory%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=200

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1f0c647e8de92d229c341154f2ef716d&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26b8560ed9fed4%26domain%3Dpentestlab.blog%26origin%3Dhttps%253A%252F%252Fpentestlab.blog%252Ff2a0d05fff69094%26relation%3Dparent.parent&container_width=342&height=432&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fpentestlaboratory%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=200
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pentestlab.blog/tag/vssown/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pentestlab.blog/tag/vssown/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.1
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: EcNNu4GgxZOV4Ky+umHceqLiba4euXK4qKeVq1dCfs8DTi9PZOvWnL3zisMEjTpJjlibMqoiBOVKunjeGV/rPg==
date: Fri, 21 Aug 2020 00:32:48 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
383 B 134ms
134ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fpentestlab.blog%2Ftag%2Fvssown%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22wordpressdotcom%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1597969968109%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22223fc1c4%3A1596143124634%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: pentestlab.blog
URL: https://pentestlab.blog/tag/vssown/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pentestlab.blog/tag/vssown/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 21 Aug 2020 00:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Fri, 21 Aug 2020 00:32:48 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 15696300fd6d15911b61dbbe8461878c
x-transaction: 006516ed00b98adc
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 page.php
www.facebook.com/v2.3/plugins/ Frame 77BD 0
0 55ms
54ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fbf17244f9d68%26domain%3Dpentestlab.blog%26origin%3Dhttps%253A%252F%252Fpentestlab.blog%252Ff2a0d05fff69094%26relation%3Dparent.parent&container_width=200&height=432&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fpentestlaboratory%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=200

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1f0c647e8de92d229c341154f2ef716d&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fbf17244f9d68%26domain%3Dpentestlab.blog%26origin%3Dhttps%253A%252F%252Fpentestlab.blog%252Ff2a0d05fff69094%26relation%3Dparent.parent&container_width=200&height=432&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fpentestlaboratory%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=200
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pentestlab.blog/tag/vssown/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pentestlab.blog/tag/vssown/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.1
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 6m2irzrGbDRoR6VEjFNfN1lAp4nYR/s4WbgjyJ9M3ZmB0OYV4iPZOzPeDVfxdz1vzMRe+1xa8imS1eVc6anYlw==
date: Fri, 21 Aug 2020 00:32:48 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.gravatar.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
pentestlab.blog
pentestlab.files.wordpress.com
pixel.wp.com
platform.twitter.com
r-login.wordpress.com
s0.wp.com
stats.wp.com
syndication.twitter.com
www.facebook.com
104.244.42.136
151.101.112.157
192.0.72.28
192.0.76.3
192.0.77.32
192.0.78.18
192.0.78.24
2a00:1450:4001:80b::200a
2a00:1450:4001:81b::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
03ce1cb90e6346a5349e77c0c24158e5b7a5a1431d9c892dcbfd3751b4335499
0d17da85986308697b1090ff212930ec7a871da4bf5a7aa296cc7e6c83318860
17733834b2e145a87149b1fad36d4d2c1591fe3199e1f2ba9da0af38d0db92e2
1f16434d944a6e996c5b5bf08d9061ee33eaf68dbd2f4f8f786e159f7dc5cae6
21b20e5127c17cda1de66d5a434cbee63e774cc6ac812f2fdf16bce0cb210549
21c557180f1bd074974eb41ae4228b6aa9c41234ab1729d780bc8f05761110bb
233535e5bdc81c34902ea43801b4955870f855baa624044948b91f35b2c1e977
2d6680c1ce8ca83c9a32f9b20576221e5fc92c3677a944b1fbef203f8e9c109d
30c5f225bd8fbd7dd37c96a8e1131fb03d9a11cc189b4c2d843aa9e5083fc2ae
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2
396f094942f65264288b614134a55aade42f1496000a2f7b5481502150184409
41478e547c5b6ad66bfcf91ead5350fa0bc247956c3ff912020327e3e9ad0d2b
4500bd15e556c928ea1e47be6299ef0901a1d4f8bc2be8ef0d44403c0b3a21a7
47109b8930a0453870e5f0d19fa81b9c7e9d174c9c606bbf61f05ed4645af1c9
49e38d2cf2a88a65cf155f63df749aa4b97f308eab1acd94017bf8a557b3f24f
508c7309c11430e3d80e2f203836ac3f26ea2ef3127239fa47592661523a94f0
5cefdf70694f247384dd86639feb1b34bd29980eec3e42438a11d432ca121acb
5fd1488e6d46a6b16a8f74c47d1683cecd62626b15832b2c8f3af972fe6c7e36
612e0e0f70a90b408e2233681f67b511163431e3bf999eaef7a09ef5de5146cb
6327b1895c92a3358bc48dd19fb1080234f5a7ae289c520d1ab48b72eb6d7431
6511cb9a53ab4506d79d40fe6237899411a2498a492e155de08bfc9e0aaa7b93
68a63ba365cb43c479c159e64ec6f46c015519a5875b3085f54f2f86cadf930b
6adaf62612623c674af2f597baf83ffa56f157a9ab69346be7c11a9569fdebbc
6de9cdee58d1ff3b241684d19eebe3bf608993841ab929ef01a1d7e7e6092afa
6eb5b5886c24952076167a67b303ee16740a0737dccc49951d8dc24a4be7a680
70c3ff47dca834921ebb758bfc66876ae5f912309224b0848582cd56913837b0
750dfa032aa9bb8a055c59e9c199e09f4cf1d28f4dddb4ea0d53dcf0c9b240a9
756358c05345624972ffbaf0e3edd51ba411ef5d7c1fd9b7212b13504b4a4a95
7617bba5d37b3f57efc7a2ce8e036eb2c3cff3c571dc3c8e80b5f383164083bd
773b1086632d2a7f111f048c797fd315cea03bbdb333f7d2782e8eeb467041bf
7833b1559e208505ce2d1ebe63e6bf5f966e735509c367d75195e661e831b5d3
7e0f7c137306aa4a3a304fb1852020bc71c04d1f256d574e166263bd32703811
8420698602791fee1748d91d874aee04b9a57711c75e771d0fc2e88cd5bea4e4
846a0773ddb41abf42d8982edf456851f777ebb8cb37b5a22d8edd0529338fb6
85cc1b312d8a14b76a43eae822d406b31114f49ef9f54f7daacbf4681b44455d
88b7b8e4a13f6e95686ab47279166b264c5c31efeb1d9d10fb52c2b25b7b38a0
893a7a315254505f93d4c92ada4651a29eab01b5f46047c15ebf8dedca408414
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
923e3009de4c32eb9cad94e6d350b077cb806a3bb02b31fb0595ef3adef0b35c
9c3ad15a8d750391481d7481a0bde497be874e127f0f255e431c1df7102e0dac
a561b720652aea88d9e9623f0976851b7dbc8021a51a63c78e36467d0b28471e
a6ed71650b3fe81b56d1866fc3d7d722eb1ba627704dfbbfc3115317e5224158
aa2a3db7f92e7a7c6a897f2922e6937e04b3b65b01345f72e1814ff21540847e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af911c969f58e4c7ab09e917a8bd526644770d252f360e7304f4baa41051ba3b
b5b0039d6b49d16a58800cf527da18050dfed96bb44f57cbb5ad74a8df3bd4b2
b7249b952e5b14b881a0231c45ab4eee7aeab43bd57e35c30d35f8a323a349ad
b83ede51671ac7e33a9e5d3c8e6e9b9158f8dfd329440a598c7df6f87c020f6c
ba4824bef4054dec92055cf62207b9532823232c0d58f9c31c1213b2eb333ff9
babf3374128d37cce61da79816f1db1875ed028a728a4631562dcc5aa57ed3f3
c0e93b5ebf107af77d9e7d101d186b3b93e9d5ad4fbb6a74e2dea60173cc04f8
c249213dad718dc5091cef6b67c5d1ba2ce3f9d42882eaf5040a37f2da5beae5
c60c066efcdbbda1225b05c1f751559866b72f9a6be7e7719e61c742b97fff3d
cb8943abdc046f98c2a74cbe013552f1ed2a5746fd76546ed63f60d32dd83615
cc5635df2454d61df6102853426d79860b19de9f70e961bbb544f5ce67747030
cdebcaf75829bd2aaec827a95b603b78ce194ec1ed7def8cc8e2638e4bce87fb
d74cd406e1340a9c44419adaa5525d562cfc5647052c3169298b8fe1b39bbbf8
da64a024963c1da5539485a17e8ce16b97f2d3d19f92bc60df83ad78475d7861
dac73b5a4c8d2834c1a34a25b74bf05d1dd52d676cdf98acccc22d10c19ca12a
e073734a1bbc1ec0200453415aacf7c6a10eb8725d2b56d69d0b0d1725869c32
e838c221cbfe383f98136f96786271a707134c018a4fb4826d6246f2eafc82f1
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ee9f4d4bdc802f93ed5dd489988c841f1a2e5d270f7075124f37b3cf1d9c0534
f2325f594fe6199d64f20a57bdab5c40843c68e82abd27806244798ec4aceff1
f33e42be2af3a23718becb611cebb0d5fbc8e670ffd20a5fc48fbcd460286860
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f45206737eac638bb52a6adda01ec197e1b62f4e40399fbf2956497308b4b63f
fc3d9b93d10fdc6be493d2df787a2bdd05933987d748fecbb1c7b11648eb2502
fd54e1e14f65a8eb826dc566af79900b01330eb5e423ea9835de798bc322e83d
fdd3f87b418414e310060ab4eab7e0d9faa0f3487376e3f0e1c91713cc16890c

pentestlab.blog Open in urlscan Pro 192.0.78.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

42 %IPv6

9 Domains

13 Subdomains

12 IPs

3 Countries

4322 kBTransfer

5176 kBSize

0 Cookies

40 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pentestlab.blog Open in urlscan Pro
192.0.78.24 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

42 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

4322 kB
Transfer

5176 kB
Size

0
Cookies

83 HTTP transactions
0 data transactions