urlscan.io logo urlscan.io
SecurityTrails logo

touhidshaikh.com Open in urlscan Pro
104.18.45.166  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://touhidshaikh.com/blog/?cat=20
Effective URL: https://touhidshaikh.com/blog/category/post-exploit/
Submission: On July 26 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 14 domains to perform 45 HTTP transactions. The main IP is 104.18.45.166, located in United States and belongs to CLOUDFLARENET, US. The main domain is touhidshaikh.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 7th 2019. Valid for: a year.
This is the only time touhidshaikh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    104.18.45.166 (United States)

ASN13335 (CLOUDFLARENET, US)
touhidshaikh.com
6    2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2606:4700:10::ac43:101 (United States)

ASN13335 (CLOUDFLARENET, US)
www.hackthebox.eu
1    2606:4700:10::6814:9610 (United States)

ASN13335 (CLOUDFLARENET, US)
i.creativecommons.org
1    2606:4700:20::681a:4d6 (United States)

ASN13335 (CLOUDFLARENET, US)
licensebuttons.net
4    2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
3    2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
19 touhidshaikh.com 1 redirects touhidshaikh.com
pagead2.googlesyndication.com
5 www.hackthebox.eu touhidshaikh.com
pagead2.googlesyndication.com
4 pagead2.googlesyndication.com touhidshaikh.com
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 fonts.gstatic.com pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 connect.facebook.net touhidshaikh.com
connect.facebook.net
2 www.google-analytics.com 1 redirects touhidshaikh.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 www.google.de touhidshaikh.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 secure.gravatar.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 licensebuttons.net touhidshaikh.com
1 i.creativecommons.org 1 redirects
1 fonts.googleapis.com touhidshaikh.com
45 18
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-07 -
2020-10-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
hackthebox.eu
Cloudflare Inc ECC CA-3		 2020-07-04 -
2021-07-04		 a year crt.sh
*.google.de
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.gravatar.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-06 -
2020-09-05		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://touhidshaikh.com/blog/category/post-exploit/
Frame ID: 9756AE0F25A061C007A860831E045DD5
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200723/r20190131/zrt_lookup.html
Frame ID: E0B7176CD357F89E3CB83836952AE319
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066095879582960&output=html&adk=2909133762&adf=3878871716&lmt=1595733399&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftouhidshaikh.com%2Fblog%2Fcategory%2Fpost-exploit%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1595733398683&bpp=459&bdt=66&idt=604&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3676292923101&frm=20&pv=2&ga_vid=250674621.1595733399&ga_sid=1595733399&ga_hid=1339364674&ga_fc=0&iag=0&icsg=2292427&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C21066392&oid=3&pvsid=2031867249810436&pem=472&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=621
Frame ID: C88DBAA07720289CD0236371358ADA63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066095879582960&output=html&h=600&slotname=4182335781&adk=291855507&adf=2150353423&w=257&fwrn=4&fwrnh=100&lmt=1595733399&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=257x600&url=https%3A%2F%2Ftouhidshaikh.com%2Fblog%2Fcategory%2Fpost-exploit%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1595733399181&bpp=54&bdt=564&idt=132&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3676292923101&frm=20&pv=1&ga_vid=250674621.1595733399&ga_sid=1595733399&ga_hid=1339364674&ga_fc=0&iag=0&icsg=10681035&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=127&ady=836&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C21066392&oid=3&pvsid=2031867249810436&pem=472&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mQtBvrvsqc&p=https%3A//touhidshaikh.com&dtd=139
Frame ID: 3F7D66DE7CC2DF26AFB6D8E62A33E4F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 6937B008C843D27C91446481E97225A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://touhidshaikh.com/blog/?cat=20 HTTP 301
    https://touhidshaikh.com/blog/category/post-exploit/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

45
Requests

100 %
HTTPS

93 %
IPv6

14
Domains

18
Subdomains

12
IPs

4
Countries

603 kB
Transfer

1410 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://touhidshaikh.com/blog/?cat=20 HTTP 301
    https://touhidshaikh.com/blog/category/post-exploit/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://i.creativecommons.org/l/by-nc-sa/4.0/88x31.png HTTP 301
  • https://licensebuttons.net/l/by-nc-sa/4.0/88x31.png
Request Chain 34
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1339364674&t=pageview&_s=1&dl=https%3A%2F%2Ftouhidshaikh.com%2Fblog%2Fcategory%2Fpost-exploit%2F&ul=en-us&de=UTF-8&dt=Post%20Exploit%20%E2%80%93%20Touhid%20M.Shaikh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=64427333&gjid=19641242&cid=250674621.1595733399&tid=UA-91398370-1&_gid=1614280822.1595733399&_r=1&z=1352005631 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-91398370-1&cid=250674621.1595733399&jid=64427333&_gid=1614280822.1595733399&gjid=19641242&_v=j83&z=1352005631 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91398370-1&cid=250674621.1595733399&jid=64427333&_v=j83&z=1352005631 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91398370-1&cid=250674621.1595733399&jid=64427333&_v=j83&z=1352005631&slf_rd=1&random=3738607116

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
touhidshaikh.com/blog/category/post-exploit/
Redirect Chain
  • https://touhidshaikh.com/blog/?cat=20
  • https://touhidshaikh.com/blog/category/post-exploit/
26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.4
Resource Hash
3a92f4e299c2584921f833c16f8961c854dcef4bca9c5b2bb0ec83628b93a57a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
touhidshaikh.com
:scheme
https
:path
/blog/category/post-exploit/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d12eeb0d2b92a72455c2faf2a0c9b20461595733397
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 26 Jul 2020 03:16:38 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.4
link
<https://touhidshaikh.com/blog/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
cf-request-id
042ab86b120000caf8ce1c6200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
server
cloudflare
cf-ray
5b8af68b5c8acaf8-ARN
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

status
301
date
Sun, 26 Jul 2020 03:16:38 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d12eeb0d2b92a72455c2faf2a0c9b20461595733397; expires=Tue, 25-Aug-20 03:16:37 GMT; path=/; domain=.touhidshaikh.com; HttpOnly; SameSite=Lax; Secure
x-powered-by
PHP/7.4.4
x-redirect-by
WordPress
location
https://touhidshaikh.com/blog/category/post-exploit/
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
cf-request-id
042ab869080000caf8ce1b7200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
server
cloudflare
cf-ray
5b8af6880a38caf8-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		118 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd8003d4a8a40b635570c129443345a2bd47fa940214edf96b3e19193ca4fd74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42539
x-xss-protection
0
server
cafe
etag
10327550707779393748
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 Jul 2020 03:16:38 GMT
style.min.css
touhidshaikh.com/blog/wp-includes/css/dist/block-library/ 		52 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86c6c0000caf8ce1cd200000001
last-modified
Thu, 30 Apr 2020 07:30:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"d159-5eaa7ea8-b49416ed8fca7bc6;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af68d7e31caf8-ARN
expires
Sun, 02 Aug 2020 03:16:38 GMT
css
fonts.googleapis.com/ 		3 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rokkitt%3A400%2C700%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=5.4.2
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c074f20fe2ea2fce67468dfcbbfcbbcb4465a8e4463b4a2f9d83c0f94a505b8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 26 Jul 2020 03:16:38 GMT
server
ESF
date
Sun, 26 Jul 2020 03:16:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Jul 2020 03:16:38 GMT
all.min.css
touhidshaikh.com/blog/wp-content/themes/author/assets/font-awesome/css/ 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-content/themes/author/assets/font-awesome/css/all.min.css?ver=5.4.2
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86c6c0000caf8ce1ce200000001
last-modified
Sat, 07 Dec 2019 07:57:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"de0a-5deb5b6c-61d9d4257a959070;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af68d7e34caf8-ARN
expires
Sun, 02 Aug 2020 03:16:38 GMT
style.css
touhidshaikh.com/blog/wp-content/themes/author/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-content/themes/author/style.css?ver=5.4.2
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5baa19d7aaf7d509bd13493caf435a8502e5fc09e5556a3fb6a444b2e4db52e5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86c6c0000caf8ce1cf200000001
last-modified
Sat, 07 Dec 2019 07:57:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"a9b7-5deb5b6c-1bebb625e61c50a5;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af68d7e35caf8-ARN
expires
Sun, 02 Aug 2020 03:16:38 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
2577
date
Sun, 26 Jul 2020 02:33:42 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Sun, 26 Jul 2020 04:33:42 GMT
wp-emoji-release.min.js
touhidshaikh.com/blog/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86e6b0000caf8ce1e5200000001
last-modified
Wed, 01 Apr 2020 12:33:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"364d-5e848a01-fdc6b7f3dd7a40ea;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af690a8ddcaf8-ARN
expires
Sun, 02 Aug 2020 03:16:39 GMT
front.css
touhidshaikh.com/blog/wp-content/plugins/super-socializer/css/ 		52 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-content/plugins/super-socializer/css/front.css?ver=7.12.42
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b46554a7c1c3c2a78d334188d3bdfe9538cee6a58cb8826eb79f8739569f1d3d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86c9d0000caf8ce1d2200000001
last-modified
Thu, 18 Jun 2020 18:58:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"d0c3-5eebb93f-3f78ca06b1d66f4a;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af68dce8fcaf8-ARN
expires
Sun, 02 Aug 2020 03:16:38 GMT
share-svg.css
touhidshaikh.com/blog/wp-content/plugins/super-socializer/css/ 		100 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-content/plugins/super-socializer/css/share-svg.css?ver=7.12.42
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84a96d00716db0b334e6559fc051754830462e6c6929c69d8e255be585c80e6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86c9e0000caf8ce1d3200000001
last-modified
Thu, 18 Jun 2020 18:58:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"190ea-5eebb93f-87caab9c48e50df5;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af68dce90caf8-ARN
expires
Sun, 02 Aug 2020 03:16:38 GMT
jquery.js
touhidshaikh.com/blog/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86c9e0000caf8ce1d4200000001
last-modified
Wed, 22 May 2019 07:00:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"17a69-5ce4f38e-46f1593162c501f;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af68dce91caf8-ARN
expires
Sun, 02 Aug 2020 03:16:38 GMT
jquery-migrate.min.js
touhidshaikh.com/blog/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86c9e0000caf8ce1d5200000001
last-modified
Mon, 17 Sep 2018 23:34:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2748-5ba039f8-67e70e1f0b834c6f;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af68dce92caf8-ARN
expires
Sun, 02 Aug 2020 03:16:38 GMT
email-decode.min.js
touhidshaikh.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
cf-request-id
042ab86c9e0000caf8ce1d6200000001
last-modified
Thu, 23 Jul 2020 16:13:23 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f19b723-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
5b8af68dce93caf8-ARN
expires
Tue, 28 Jul 2020 03:16:38 GMT
10931
www.hackthebox.eu/badge/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hackthebox.eu/badge/10931
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac8313ba06a9e17b8315caa91e4f106795523466946f539650c716a80a882576
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
cf-request-id
042ab86cba0000d6b9370dd200000001
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://app.hackthebox.eu
x-xss-protection
1; mode=block
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
5b8af68dfa81d6b9-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
88x31.png
licensebuttons.net/l/by-nc-sa/4.0/
Redirect Chain
  • https://i.creativecommons.org/l/by-nc-sa/4.0/88x31.png
  • https://licensebuttons.net/l/by-nc-sa/4.0/88x31.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://licensebuttons.net/l/by-nc-sa/4.0/88x31.png
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38550300c2a8f6cdfb160a5fd170f634447b2e9e07447338299ca269a6c18e71
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
5357
cf-polished
origSize=5460
status
200
vary
Accept-Encoding
content-length
1672
x-xss-protection
1; mode=block
last-modified
Thu, 30 Apr 2020 21:59:13 GMT
server
cloudflare
x-frame-options
deny
etag
"5eab4a31-1554"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=432000
cf-request-id
042ab86edb0000c2f9ac242200000001
accept-ranges
bytes
cf-ray
5b8af691587ac2f9-FRA
cf-bgj
imgq:100,h2pri

Redirect headers

date
Sun, 26 Jul 2020 03:16:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
773
status
301
vary
Accept-Encoding
cf-request-id
042ab86e6e0000dfa9c192c200000001
server
cloudflare
x-frame-options
deny
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/html
location
https://licensebuttons.net/l/by-nc-sa/4.0/88x31.png
x-xss-protection
1; mode=block
cache-control
max-age=432000
cf-ray
5b8af690bcf6dfa9-FRA
production.min.js
touhidshaikh.com/blog/wp-content/themes/author/js/build/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-content/themes/author/js/build/production.min.js?ver=5.4.2
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a876d21f7072cac8c0c8ac76a51ebe94045118973516125c6ff7cf63d1f27d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86e450000caf8ce1de200000001
last-modified
Sat, 07 Dec 2019 07:57:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1af4-5deb5b6c-2058551f1c3bcef6;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af69068b7caf8-ARN
expires
Sun, 02 Aug 2020 03:16:39 GMT
general.js
touhidshaikh.com/blog/wp-content/plugins/super-socializer/js/front/social_login/ 		1 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-content/plugins/super-socializer/js/front/social_login/general.js?ver=7.12.42
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdbc00de393216f6118f704088accc9ebddd220480741d5ed088c01f46f84088
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86e5b0000caf8ce1e0200000001
last-modified
Thu, 18 Jun 2020 18:58:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"599-5eebb93f-c5dfbd3bc5f07595;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af69098c8caf8-ARN
expires
Sun, 02 Aug 2020 03:16:39 GMT
sdk.js
touhidshaikh.com/blog/wp-content/plugins/super-socializer/js/front/facebook/ 		2 KB
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-content/plugins/super-socializer/js/front/facebook/sdk.js?ver=7.12.42
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
369b04a6dee7782623409c2a533c059b632cf6c045ee10c6b6247723c8a713d1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86e6b0000caf8ce1e1200000001
last-modified
Thu, 18 Jun 2020 18:58:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"7a5-5eebb93f-47634c42baf2a367;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af690a8d9caf8-ARN
expires
Sun, 02 Aug 2020 03:16:39 GMT
commenting.js
touhidshaikh.com/blog/wp-content/plugins/super-socializer/js/front/facebook/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-content/plugins/super-socializer/js/front/facebook/commenting.js?ver=7.12.42
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
420d5c7ee5a3e7582b7ed91343962411712a183d42a69395c4bc1fe378699f07
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86e6b0000caf8ce1e2200000001
last-modified
Thu, 18 Jun 2020 18:58:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"153d-5eebb93f-553aad39017a93c;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af690a8dacaf8-ARN
expires
Sun, 02 Aug 2020 03:16:39 GMT
sharing.js
touhidshaikh.com/blog/wp-content/plugins/super-socializer/js/front/sharing/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-content/plugins/super-socializer/js/front/sharing/sharing.js?ver=7.12.42
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4885af9d5b12a54703e531dba10528c59956e45d39576f9d6a5b86a598eefaa8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86e6b0000caf8ce1e3200000001
last-modified
Thu, 18 Jun 2020 18:58:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"b130-5eebb93f-fa52d47be76bceaa;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af690a8dbcaf8-ARN
expires
Sun, 02 Aug 2020 03:16:39 GMT
wp-embed.min.js
touhidshaikh.com/blog/wp-includes/js/ 		1 KB
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
042ab86e6b0000caf8ce1e4200000001
last-modified
Wed, 01 Apr 2020 12:33:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"59a-5e848a01-5fd09b3b2fdb8c8e;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
5b8af690a8dccaf8-ARN
expires
Sun, 02 Aug 2020 03:16:39 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=touhidshaikh.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Jul 2020 03:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=touhidshaikh.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Jul 2020 03:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/ 		221 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84205b72580bff351eca502f9184cfac70f0f4ff4ae4456cfa8f81d34aa000d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
84800
x-xss-protection
0
server
cafe
etag
9296453514141258119
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jul 2020 03:16:39 GMT
62f9f866b9733371b38b5c9959574458
secure.gravatar.com/avatar/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/62f9f866b9733371b38b5c9959574458?s=96&d=mm&r=g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d20304a212ca8e58218a91b0b1883ee9de0903287570b599b5183db0cfbc70f9

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 4
date
Sun, 26 Jul 2020 03:16:39 GMT
last-modified
Wed, 10 Jul 2019 16:48:09 GMT
server
nginx
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="62f9f866b9733371b38b5c9959574458.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/62f9f866b9733371b38b5c9959574458?s=96&d=mm&r=g>; rel="canonical"
content-length
3440
expires
Sun, 26 Jul 2020 03:21:39 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rokkitt%3A400%2C700%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=5.4.2
Origin
https://touhidshaikh.com

Response headers

date
Thu, 23 Jul 2020 00:25:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
269493
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Fri, 23 Jul 2021 00:25:06 GMT
qFdE35qfgYFjGy5hkEaCdvTIyh8.woff2
fonts.gstatic.com/s/rokkitt/v19/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rokkitt/v19/qFdE35qfgYFjGy5hkEaCdvTIyh8.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e0b38121479d09e0ad91699be2353dc39fc96fc9fea893a9db45c614b26ceed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rokkitt%3A400%2C700%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=5.4.2
Origin
https://touhidshaikh.com

Response headers

date
Wed, 08 Jul 2020 23:26:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:44:49 GMT
server
sffe
age
1482624
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25884
x-xss-protection
0
expires
Thu, 08 Jul 2021 23:26:15 GMT
fa-brands-400.woff2
touhidshaikh.com/blog/wp-content/themes/author/assets/font-awesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-content/themes/author/assets/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://touhidshaikh.com/blog/wp-content/themes/author/assets/font-awesome/css/all.min.css?ver=5.4.2
Origin
https://touhidshaikh.com

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-xss-protection
1; mode=block
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75336
cf-request-id
042ab86e730000caf8ce1e6200000001
last-modified
Sat, 07 Dec 2019 07:57:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"12648-5deb5b6c-3e2be8534b0a493;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
5b8af690b8e7caf8-ARN
expires
Sun, 02 Aug 2020 03:16:39 GMT
fa-solid-900.woff2
touhidshaikh.com/blog/wp-content/themes/author/assets/font-awesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://touhidshaikh.com/blog/wp-content/themes/author/assets/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.45.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://touhidshaikh.com/blog/wp-content/themes/author/assets/font-awesome/css/all.min.css?ver=5.4.2
Origin
https://touhidshaikh.com

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-xss-protection
1; mode=block
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75728
cf-request-id
042ab86e740000caf8ce1e7200000001
last-modified
Sat, 07 Dec 2019 07:57:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"127d0-5deb5b6c-9265a34a3778ce21;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
5b8af690b8eacaf8-ARN
expires
Sun, 02 Aug 2020 03:16:39 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200723/r20190131/ Frame E0B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200723/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200723/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://touhidshaikh.com/blog/category/post-exploit/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://touhidshaikh.com/blog/category/post-exploit/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 23 Jul 2020 04:24:58 GMT
expires
Thu, 06 Aug 2020 04:24:58 GMT
content-type
text/html; charset=UTF-8
etag
1809543571055990350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4277
x-xss-protection
0
cache-control
public, max-age=1209600
age
255101
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
62f9f866b9733371b38b5c9959574458_thumb.png
www.hackthebox.eu/storage/avatars/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hackthebox.eu/storage/avatars/62f9f866b9733371b38b5c9959574458_thumb.png
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b84f5fece9c1290f68dc4cf28213e9a22b1a27c2805e5f5f62a1689f063a9cc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Accept-Encoding
content-length
1186
x-xss-protection
1; mode=block
last-modified
Sun, 10 May 2020 08:04:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5eb7b59a-4a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
https://app.hackthebox.eu
cache-control
max-age=7200
access-control-allow-credentials
true
cf-request-id
042ab86e8e0000d6b9370ea200000001
accept-ranges
bytes
cf-ray
5b8af690ee51d6b9-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
screenshot.png
www.hackthebox.eu/images/ 		224 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hackthebox.eu/images/screenshot.png
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
485a3f581f6306bbd4effcfe101c7108df5f7bd5326ad4fdc60f99d7d223ae51
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3136
cf-polished
origFmt=png, origSize=560
status
200
content-disposition
inline; filename="screenshot.webp"
strict-transport-security
max-age=0; includeSubDomains
content-length
224
x-xss-protection
1; mode=block
last-modified
Thu, 23 Jul 2020 17:00:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f19c224-230"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
https://app.hackthebox.eu
cache-control
max-age=7200
access-control-allow-credentials
true
cf-request-id
042ab86e8e0000d6b9370eb200000001
accept-ranges
bytes
cf-ray
5b8af690ee53d6b9-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj
imgq:100,h2pri
star.png
www.hackthebox.eu/images/ 		228 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hackthebox.eu/images/star.png
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45733fb67f0701d8ff08a1f22af1f2e763b5c1535b3b494af3b5faa836bce40a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6887
cf-polished
origFmt=png, origSize=577
status
200
content-disposition
inline; filename="star.webp"
strict-transport-security
max-age=0; includeSubDomains
content-length
228
x-xss-protection
1; mode=block
last-modified
Thu, 23 Jul 2020 17:00:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f19c224-241"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
https://app.hackthebox.eu
cache-control
max-age=7200
access-control-allow-credentials
true
cf-request-id
042ab86e8e0000d6b9370ec200000001
accept-ranges
bytes
cf-ray
5b8af690ee55d6b9-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj
imgq:100,h2pri
icon20.png
www.hackthebox.eu/images/ 		378 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hackthebox.eu/images/icon20.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1743dc9660dd45f600e7877592a196178abb9074eb2c334168f4e85855cde0d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1374
cf-polished
origFmt=png, origSize=699
status
200
content-disposition
inline; filename="icon20.webp"
strict-transport-security
max-age=0; includeSubDomains
content-length
378
x-xss-protection
1; mode=block
last-modified
Thu, 23 Jul 2020 17:00:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5f19c224-2bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
https://app.hackthebox.eu
cache-control
max-age=7200
access-control-allow-credentials
true
cf-request-id
042ab86e910000d6b9370ed200000001
accept-ranges
bytes
cf-ray
5b8af690ee67d6b9-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj
imgq:100,h2pri
ViZhet7Ak-LRXZMXzuAfkY4P5ICox8Kq3LLUNMylGO4.woff2
fonts.gstatic.com/s/ubuntumono/v6/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntumono/v6/ViZhet7Ak-LRXZMXzuAfkY4P5ICox8Kq3LLUNMylGO4.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d214f2eadb7711ef840eec466e653d7708b22688aff30a8e9f2473493cbdd39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://touhidshaikh.com/blog/category/post-exploit/
Origin
https://touhidshaikh.com

Response headers

date
Tue, 21 Jul 2020 16:18:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Aug 2014 15:21:35 GMT
server
sffe
age
385099
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23120
x-xss-protection
0
expires
Wed, 21 Jul 2021 16:18:20 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1339364674&t=pageview&_s=1&dl=https%3A%2F%2Ftouhidshaikh.com%2Fblog%2Fcategory%2Fpost-exploit%2F&ul=en-us&de=UTF-8&dt=Post%20Exploit%20%E2%80...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-91398370-1&cid=250674621.1595733399&jid=64427333&_gid=1614280822.1595733399&gjid=19641242&_v=j83&z=1352005631
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91398370-1&cid=250674621.1595733399&jid=64427333&_v=j83&z=1352005631
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91398370-1&cid=250674621.1595733399&jid=64427333&_v=j83&z=1352005631&slf_rd=1&random=3738607116
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91398370-1&cid=250674621.1595733399&jid=64427333&_v=j83&z=1352005631&slf_rd=1&random=3738607116
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/category/post-exploit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 03:16:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Jul 2020 03:16:39 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91398370-1&cid=250674621.1595733399&jid=64427333&_v=j83&z=1352005631&slf_rd=1&random=3738607116
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C88D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066095879582960&output=html&adk=2909133762&adf=3878871716&lmt=1595733399&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftouhidshaikh.com%2Fblog%2Fcategory%2Fpost-exploit%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1595733398683&bpp=459&bdt=66&idt=604&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3676292923101&frm=20&pv=2&ga_vid=250674621.1595733399&ga_sid=1595733399&ga_hid=1339364674&ga_fc=0&iag=0&icsg=2292427&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C21066392&oid=3&pvsid=2031867249810436&pem=472&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=621
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1066095879582960&output=html&adk=2909133762&adf=3878871716&lmt=1595733399&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftouhidshaikh.com%2Fblog%2Fcategory%2Fpost-exploit%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1595733398683&bpp=459&bdt=66&idt=604&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3676292923101&frm=20&pv=2&ga_vid=250674621.1595733399&ga_sid=1595733399&ga_hid=1339364674&ga_fc=0&iag=0&icsg=2292427&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C21066392&oid=3&pvsid=2031867249810436&pem=472&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=621
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://touhidshaikh.com/blog/category/post-exploit/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://touhidshaikh.com/blog/category/post-exploit/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 26 Jul 2020 03:16:39 GMT
server
cafe
content-length
1043
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 26-Jul-2020 03:31:39 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 26 Jul 2020 03:16:39 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1595419060626807"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27216
x-xss-protection
0
expires
Sun, 26 Jul 2020 03:16:39 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3F7D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066095879582960&output=html&h=600&slotname=4182335781&adk=291855507&adf=2150353423&w=257&fwrn=4&fwrnh=100&lmt=1595733399&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=257x600&url=https%3A%2F%2Ftouhidshaikh.com%2Fblog%2Fcategory%2Fpost-exploit%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1595733399181&bpp=54&bdt=564&idt=132&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3676292923101&frm=20&pv=1&ga_vid=250674621.1595733399&ga_sid=1595733399&ga_hid=1339364674&ga_fc=0&iag=0&icsg=10681035&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=127&ady=836&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C21066392&oid=3&pvsid=2031867249810436&pem=472&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mQtBvrvsqc&p=https%3A//touhidshaikh.com&dtd=139
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1066095879582960&output=html&h=600&slotname=4182335781&adk=291855507&adf=2150353423&w=257&fwrn=4&fwrnh=100&lmt=1595733399&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=257x600&url=https%3A%2F%2Ftouhidshaikh.com%2Fblog%2Fcategory%2Fpost-exploit%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1595733399181&bpp=54&bdt=564&idt=132&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3676292923101&frm=20&pv=1&ga_vid=250674621.1595733399&ga_sid=1595733399&ga_hid=1339364674&ga_fc=0&iag=0&icsg=10681035&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=127&ady=836&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C21066392&oid=3&pvsid=2031867249810436&pem=472&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mQtBvrvsqc&p=https%3A//touhidshaikh.com&dtd=139
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://touhidshaikh.com/blog/category/post-exploit/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://touhidshaikh.com/blog/category/post-exploit/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 26 Jul 2020 03:16:39 GMT
server
cafe
content-length
204
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 26-Jul-2020 03:31:39 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 26 Jul 2020 03:16:39 GMT
cache-control
private
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: touhidshaikh.com
URL: https://touhidshaikh.com/blog/wp-content/plugins/super-socializer/js/front/facebook/sdk.js?ver=7.12.42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ea54b6f57c76a5c1568ad3cbd4f3f6d13cb8da2680851b7ce8ee70b0c10bfdae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
pEHCxJnJoNmlazLDpuwbpw==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
etag
"d7788fa351658bee1b5f8c46f0a09435"
x-fb-debug
DD3TJVfWt6vbyiNXK9z2hn8hp2WxHmG0tanX4Fko3fFTdX216JHLXz9MV8WENPQ3hG2KrxmE5jFPRxLpg2i6Fw==
x-fb-trip-id
664085054
x-fb-content-md5
e4fc87ef27d43c62fe38d93167517dc1
x-frame-options
DENY
date
Sun, 26 Jul 2020 03:16:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 26 Jul 2020 03:26:35 GMT
sdk.js
connect.facebook.net/en_US/ 		199 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=bfb583ca59cc62d68567a26e8198e829&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e7c6d7a3ab1d5dcee8399a34a821f070130ecb3aad72f898b301a2809680a0fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://touhidshaikh.com/blog/category/post-exploit/
Origin
https://touhidshaikh.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
6Hg3OaDqomGUjqz4d5vhFA==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
61241
etag
"d26680efce7a6c35faf45b61f225b368"
x-fb-debug
o/sfLtQM7i6z5nEzMSfAgnBo7jPYYtvxEn9T55TpZX+PzKQiesH40QuMMadCjgF8TfX5cuvUqz26J7SZuSqpEQ==
x-fb-trip-id
664085054
x-fb-content-md5
70fbe95c30da1067a9f9316695663405
x-frame-options
DENY
date
Sun, 26 Jul 2020 03:16:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Mon, 26 Jul 2021 02:11:22 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200723&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
760f5d938a2a570c8bccdcf03077c12ee7390427da2052843e6a0987257186ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5629
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 03:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Sun, 26 Jul 2020 03:16:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 6937 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://touhidshaikh.com/blog/category/post-exploit/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://touhidshaikh.com/blog/category/post-exploit/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Sat, 25 Jul 2020 23:15:59 GMT
expires
Sun, 25 Jul 2021 23:15:59 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
14440
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200723&jk=2031867249810436&bg=!5uWl5f1YdE6WpcJSGPwCAAAAQVIAAAAMmQGHXT03mFNZhxKWIkLyDzcReg0tocg6DTbPS_LWDRj1WOFAsWaI1tPtJIE6C8Tu6vppuiBb6j_80OSDRkDrdp_dZy8fJm4HxNHNohxuZ70EmBDEayrSoRBMzAgdESOcxUhY5nkf0mJfZh2ZU5eIkDGTWCvxTBfr8BIxEnGmKx0qd4t2OrhV_X6ch2906KZ5Hah1RWsQ4fqDGMRZ-TBqLGWL64lga5DoeGaPN4SzAHr4KE6ebUEt3qvOYCY5P0r2pfCgIrOpi9MPcz1YnuC9gJ9CqKbi7KM7FhDKSyeAZg1pp9k4HABzoNyNVfHRnRD7NcEKSvIQaVg3MYsDnv5IBLPWibVoGMxpC3nFuhTNoOPv0y8vAwTVgOxQCjVxclRzBrjkTNQoDHgU2hPpHobDF322eiv_nYbto4f2wlTmcpnfcBFlNZrb3POusPkJDsuesuRazcuiXHFHe1evuRQyefJNwQsjoixfk35M-S0VAaEFiuhd6VofBXualDOvXXHcSmNBWauZhIXdEA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://touhidshaikh.com/blog/category/post-exploit/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 03:16:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| theChampLoadEvent string| theChampDefaultLang string| theChampCloseIconPath string| theChampSiteUrl number| theChampVerified number| theChampEmailPopup string| theChampFBKey string| theChampFBLang number| theChampFbLikeMycred number| theChampSsga number| theChampCommentNotification number| theChampHeateorFcmRecentComments number| theChampFbIosLogin string| theChampFBCommentUrl string| theChampFBCommentColor string| theChampFBCommentNumPosts string| theChampFBCommentWidth string| theChampFBCommentOrderby string| theChampCommentingTabs string| theChampGpCommentsUrl string| theChampDisqusShortname string| theChampScEnabledTabs string| theChampScLabel object| theChampScTabLabels number| theChampGpCommentsWidth string| theChampCommentingId string| theChampSharingAjaxUrl string| heateorSsFbMessengerAPI string| heateorSsWhatsappShareAPI object| heateorSsUrlCountFetched string| heateorSsSharesText string| heateorSsShareText string| theChampPluginIconPath number| theChampHorizontalSharingCountEnable number| theChampVerticalSharingCountEnable number| theChampSharingOffset number| theChampCounterOffset number| theChampMobileStickySharingEnabled string| heateorSsCopyLinkMessage string| heateorSsHorSharingShortUrl string| heateorSsVerticalSharingShortUrl object| adsbygoogle string| GoogleAnalyticsObject function| ga object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots undefined| $ function| jQuery function| google_spfd object| google_sv_map boolean| _gfp_p_ number| google_lpabyc number| google_unique_id object| ct_author_objectL10n object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| theChampPopup function| theChampStrReplace function| theChampCallAjax function| theChampGetScript function| theChampGetElementsByClass function| theChampGetCookie object| twemoji object| wp function| theChampInitiateFB function| fbAsyncInit object| FB function| theChampRenderFBCommenting function| heateorSsDetermineWhatsappShareAPI function| theChampMoreSharingPopup function| theChampFilterSharing object| heateorSsFacebookTargetUrls function| theChampGetSharingCounts function| theChampFetchFacebookShares function| theChampFBShareJSONCall function| theChampSaveFacebookShares function| theChampCalculateApproxCount function| theChampCalculateActualCount function| theChampCapitaliseFirstLetter function| theChampHideSharing object| jQuery1124023136362462706717 object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.touhidshaikh.com/ Name: _gat
Value: 1
.touhidshaikh.com/ Name: _gid
Value: GA1.2.1614280822.1595733399
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.touhidshaikh.com/ Name: _ga
Value: GA1.2.250674621.1595733399
.touhidshaikh.com/ Name: __cfduid
Value: d12eeb0d2b92a72455c2faf2a0c9b20461595733397

1 Console Messages

Source Level URL
Text
console-api log URL: https://touhidshaikh.com/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.creativecommons.org
licensebuttons.net
pagead2.googlesyndication.com
secure.gravatar.com
stats.g.doubleclick.net
touhidshaikh.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.hackthebox.eu
104.18.45.166
2606:4700:10::6814:9610
2606:4700:10::ac43:101
2606:4700:20::681a:4d6
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:808::200e
2a00:1450:4001:817::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::200a
2a00:1450:4001:825::2001
2a00:1450:400c:c0a::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a04:fa87:fffe::c000:4902
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
369b04a6dee7782623409c2a533c059b632cf6c045ee10c6b6247723c8a713d1
38550300c2a8f6cdfb160a5fd170f634447b2e9e07447338299ca269a6c18e71
3a92f4e299c2584921f833c16f8961c854dcef4bca9c5b2bb0ec83628b93a57a
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
420d5c7ee5a3e7582b7ed91343962411712a183d42a69395c4bc1fe378699f07
45733fb67f0701d8ff08a1f22af1f2e763b5c1535b3b494af3b5faa836bce40a
485a3f581f6306bbd4effcfe101c7108df5f7bd5326ad4fdc60f99d7d223ae51
4885af9d5b12a54703e531dba10528c59956e45d39576f9d6a5b86a598eefaa8
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5baa19d7aaf7d509bd13493caf435a8502e5fc09e5556a3fb6a444b2e4db52e5
6d214f2eadb7711ef840eec466e653d7708b22688aff30a8e9f2473493cbdd39
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
760f5d938a2a570c8bccdcf03077c12ee7390427da2052843e6a0987257186ad
7b84f5fece9c1290f68dc4cf28213e9a22b1a27c2805e5f5f62a1689f063a9cc
7e0b38121479d09e0ad91699be2353dc39fc96fc9fea893a9db45c614b26ceed
84205b72580bff351eca502f9184cfac70f0f4ff4ae4456cfa8f81d34aa000d8
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
a2a876d21f7072cac8c0c8ac76a51ebe94045118973516125c6ff7cf63d1f27d
a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56
a84a96d00716db0b334e6559fc051754830462e6c6929c69d8e255be585c80e6
ac8313ba06a9e17b8315caa91e4f106795523466946f539650c716a80a882576
b46554a7c1c3c2a78d334188d3bdfe9538cee6a58cb8826eb79f8739569f1d3d
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bdbc00de393216f6118f704088accc9ebddd220480741d5ed088c01f46f84088
c074f20fe2ea2fce67468dfcbbfcbbcb4465a8e4463b4a2f9d83c0f94a505b8d
d20304a212ca8e58218a91b0b1883ee9de0903287570b599b5183db0cfbc70f9
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
e1743dc9660dd45f600e7877592a196178abb9074eb2c334168f4e85855cde0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c6d7a3ab1d5dcee8399a34a821f070130ecb3aad72f898b301a2809680a0fc
ea54b6f57c76a5c1568ad3cbd4f3f6d13cb8da2680851b7ce8ee70b0c10bfdae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fd8003d4a8a40b635570c129443345a2bd47fa940214edf96b3e19193ca4fd74