www.harmj0y.net Open in urlscan Pro
104.145.225.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Submission Tags: falconsandbox
Submission: On February 06 via api (February 6th 2022, 1:45:25 am UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 63 HTTP transactions. The main IP is 104.145.225.3, located in Piscataway, United States and belongs to AS-DIGITALFYRE, US. The main domain is www.harmj0y.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 17th 2021. Valid for: 3 months.

This is the only time www.harmj0y.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	104.145.225.3 104.145.225.3	64245 (AS-DIGITA...) (AS-DIGITALFYRE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
14	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
63	10

32 104.145.225.3 (Piscataway, United States) 1 redirects

ASN64245 (AS-DIGITALFYRE, US)

www.harmj0y.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	harmj0y.net 1 redirects www.harmj0y.net	878 KB
16	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1493 pbs.twimg.com — Cisco Umbrella Rank: 668 ton.twimg.com — Cisco Umbrella Rank: 5586	489 KB
9	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 592 syndication.twitter.com — Cisco Umbrella Rank: 844	214 KB
3	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1713	10 KB
2	gstatic.com fonts.gstatic.com	24 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2822 pixel.wp.com — Cisco Umbrella Rank: 2494	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
63	7

	Domain	Requested by
32	www.harmj0y.net	1 redirects www.harmj0y.net
13	pbs.twimg.com	platform.twitter.com
7	platform.twitter.com	www.harmj0y.net platform.twitter.com
3	secure.gravatar.com	www.harmj0y.net secure.gravatar.com
2	ton.twimg.com	platform.twitter.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	fonts.gstatic.com	fonts.googleapis.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	pixel.wp.com	www.harmj0y.net
1	stats.wp.com	www.harmj0y.net
1	fonts.googleapis.com	www.harmj0y.net
63	11

This site contains links to these domains. Also see Links.

Domain
twitter.com
labs.mwrinfosecurity.com
adsecurity.org
msdn.microsoft.com
powersploit.readthedocs.io
technet.microsoft.com
foxglovesecurity.com
github.com
blogs.technet.microsoft.com
medium.com
horizon.guidepointsecurity.com
syhack.wordpress.com
akismet.com
specterops.io
posts.specterops.io
felicitybrigham.com

Subject Issuer	Validity	Valid
harmj0y.net cPanel, Inc. Certification Authority	`2021-11-17` - `2022-02-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Frame ID: C28253980C1C6CADE426DA57AA7225B9
Requests: 45 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.harmj0y.net
Frame ID: 92A96570E0D099ED2453295C1F92F787
Requests: 2 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1488906828905861127/tJGzlvuH?format=jpg&name=600x314
Frame ID: 2DD2F9DAD1C43DDB473F7BC395E3F781
Requests: 20 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 4BB65EE5F281494D9DF620151456497A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

S4U2Pwnage - harmj0y Email

Page URL History Show full URLs

https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/ Page URL
https://www.harmj0y.net/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=22299768 HTTP 302
https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

63
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

11
Subdomains

10
IPs

3
Countries

1619 kB
Transfer

3402 kB
Size

1
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/harmj0y
Title: Twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/tifkin_
Title: Lee Christensen

Search URL Search Domain Scan URL

URL: https://twitter.com/gentilkiwi/
Title: Benjamin Delpy

Search URL Search Domain Scan URL

URL: https://twitter.com/Meatballs__
Title: Ben Campbell

Search URL Search Domain Scan URL

URL: https://twitter.com/gentilkiwi/status/806474372785512448
Title: public conversation about the same topic

Search URL Search Domain Scan URL

URL: https://twitter.com/gentilkiwi/status/806643377278173185
Title: modification to Kekeo

Search URL Search Domain Scan URL

URL: https://labs.mwrinfosecurity.com/blog/trust-years-to-earn-seconds-to-break/
Title: excellent post

Search URL Search Domain Scan URL

URL: https://twitter.com/pyrotek3
Title: Sean Metcalf

Search URL Search Domain Scan URL

URL: https://adsecurity.org/?p=1667
Title: great post that covers it in depth

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/cc246080.aspx

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/ms680832(v=vs.85).aspx
Title: userAccountControl

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/aa772300(v=vs.85).aspx
Title: ADS_UF_TRUSTED_FOR_DELEGATION

Search URL Search Domain Scan URL

URL: http://powersploit.readthedocs.io/en/latest/Recon/Get-DomainComputer/#parameters
Title: Get-DomainComputer

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us/library/cc995228.aspx
Title: There’s

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us/library/jj553400(v=ws.11).aspx
Title: documentation

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/cc246072.aspx
Title: Kerberos Protocol Extensions: Service for User and Constrained Delegation Protocol

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/cc246078.aspx
Title: S4U2self

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/cc246073.aspx#gt_4c6cd79b-120d-4ee1-ab24-d1b000e0b3ca
Title: forwardable

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/cc246089.aspx
Title: PA-FOR-USER

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/cc246079.aspx
Title: S4U2proxy

Search URL Search Domain Scan URL

URL: https://foxglovesecurity.com/2016/09/26/rotten-potato-privilege-escalation-from-service-accounts-to-system/
Title: Rotten Potato

Search URL Search Domain Scan URL

URL: https://github.com/gentilkiwi/kekeo/releases
Title: Kekeo

Search URL Search Domain Scan URL

URL: https://twitter.com/gentilkiwi
Title: @gentilkiwi

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/windows/desktop/ms684190(v=vs.85).aspx
Title: privileges of the local machine account

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/ff649317.aspx
Title: helpfully provided by Microsoft

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/ff649317.aspx#paght000024_step1
Title: As detailed by Microsoft

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us/library/cc976700.aspx
Title: SeTcbPrivilege

Search URL Search Domain Scan URL

URL: https://blogs.technet.microsoft.com/poshchap/2015/05/01/security-focus-analysing-account-is-sensitive-and-cannot-be-delegated-for-privileged-accounts/
Title: Account is sensitive and cannot be delegated

Search URL Search Domain Scan URL

URL: https://medium.com/@harmj0y/s4u2pwnage-36efe1a2777c
Title: Medium

Search URL Search Domain Scan URL

URL: https://horizon.guidepointsecurity.com/tutorials/delegating-like-a-boss-abusing-kerberos-delegation-in-active-directory/
Title: Delegating Like a Boss: Abusing Kerberos Delegation in Active Directory | GuidePoint Security : Horizon

Search URL Search Domain Scan URL

URL: https://syhack.wordpress.com/2019/10/01/active-directory-kill-chain-attack-101/
Title: Active Directory Kill Chain Attack 101 – syhack

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: https://specterops.io/

Search URL Search Domain Scan URL

URL: https://github.com/harmj0y

Search URL Search Domain Scan URL

URL: https://posts.specterops.io/

Search URL Search Domain Scan URL

URL: http://felicitybrigham.com/
Title: Felicity Brigham Design

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/ Page URL
https://www.harmj0y.net/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=22299768 HTTP 302
https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

63 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.harmj0y.net/blog/activedirectory/s4u2pwnage/ 1 KB
2 KB 318ms
96ms Document
text/html 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 7801f4fcb7bfe2e5e689915795b9149ae42e30f92fa45dc579d84e476cfe7860

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 06 Feb 2022 01:45:08 GMT
content-type: text/html
server: imunify360-webshield/1.18
last-modified: Sunday, 06-Feb-2022 01:45:08 GMT
cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-edge-cache: no-cache

GET
H2

200

Primary Request / Show response
www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Redirect Chain

https://www.harmj0y.net/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=22299768
https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/

141 KB
30 KB

195ms
194ms

Document
text/html

104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),

Reverse DNS

Software

imunify360-webshield/1.18 / PHP/7.0.33

Resource Hash

0dbaae4cc3da0301c716b6e23724988d608c91b5d552a73356ce449359d3dc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff,nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/

Response headers

date: Sun, 06 Feb 2022 01:45:08 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.33
x-pingback: https://www.harmj0y.net/blog/xmlrpc.php
link: <https://www.harmj0y.net/blog/wp-json/>; rel="https://api.w.org/" <https://www.harmj0y.net/blog/wp-json/wp/v2/posts/3537>; rel="alternate"; type="application/json" <https://wp.me/p4qDDn-V3>; rel=shortlink
etag: "968147-1644106753;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding,User-Agent
pragma: public
cache-control: public, must-revalidate, proxy-revalidate,public, must-revalidate, proxy-revalidate
x-content-type-options: nosniff,nosniff
x-turbo-charged-by: LiteSpeed
server: imunify360-webshield/1.18

Redirect headers

date: Sun, 06 Feb 2022 01:45:08 GMT
content-type: text/html
content-length: 142
location: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
server: imunify360-webshield/1.18

GET
H2 200 crayon.min.css
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/css/min/ 20 KB
4 KB 101ms
101ms Stylesheet
text/css 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css?ver=_2.7.2_beta
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Wed, 11 May 2016 01:41:40 GMT
server: imunify360-webshield/1.18
etag: "4ecc-57328dd4-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3724
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 classic.css
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/themes/classic/ 4 KB
1 KB 112ms
111ms Stylesheet
text/css 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css?ver=_2.7.2_beta
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Wed, 11 May 2016 01:41:40 GMT
server: imunify360-webshield/1.18
etag: "1110-57328dd4-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 672
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 monaco.css
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/fonts/ 529 B
697 B 112ms
112ms Stylesheet
text/css 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css?ver=_2.7.2_beta
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 8b33eebc11529672afc8f1ac6d5d4ef24bed8dfec1505a2510c805e0dd21565f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Wed, 11 May 2016 01:41:40 GMT
server: imunify360-webshield/1.18
etag: "211-57328dd4-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 212
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 main.min.css
www.harmj0y.net/blog/wp-content/themes/astra/assets/css/minified/ 41 KB
8 KB 113ms
112ms Stylesheet
text/css 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.6.6
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: be10d81e5cf62f6d5befd410c3ccd9c568d298c2185833c515967589a4d67ab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 18:26:47 GMT
server: imunify360-webshield/1.18
etag: "a5ba-61004fe7-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 8005
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 135ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C%7COxanium%3A400%2C&display=fallback&ver=3.6.6

Requested by

Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

367e2f588e254d788be8e242a776f1c3d26b98c3540a989568f43a545d725ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Feb 2022 01:45:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Feb 2022 01:45:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Feb 2022 01:45:11 GMT

GET
H2 200 style.min.css
www.harmj0y.net/blog/wp-includes/css/dist/block-library/ 79 KB
10 KB 112ms
112ms Stylesheet
text/css 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 18:11:46 GMT
server: imunify360-webshield/1.18
etag: "13abe-61004c62-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 9960
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
www.harmj0y.net/blog/wp-includes/js/mediaelement/ 11 KB
3 KB 111ms
110ms Stylesheet
text/css 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Mon, 10 May 2021 18:19:47 GMT
server: imunify360-webshield/1.18
etag: "2bf8-60997943-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 2394
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 wp-mediaelement.min.css
www.harmj0y.net/blog/wp-includes/js/mediaelement/ 4 KB
1 KB 204ms
203ms Stylesheet
text/css 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.3
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Tue, 03 Dec 2019 05:48:56 GMT
server: imunify360-webshield/1.18
etag: "105a-5de5f748-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 982
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 734e5f942.min.css
www.harmj0y.net/blog/wp-content/uploads/essential-addons-elementor/ 329 KB
39 KB 204ms
202ms Stylesheet
text/css 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/uploads/essential-addons-elementor/734e5f942.min.css?ver=1644106753
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: e5941d48b4cb371b5f5a7a5cf0b2799ba23714314f39799571ca6b725a0c89c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Tue, 11 May 2021 00:34:25 GMT
server: imunify360-webshield/1.18
etag: "52373-6099d111-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 39666
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 default.min.css
www.harmj0y.net/blog/wp-content/plugins/tablepress/css/ 5 KB
2 KB 204ms
203ms Stylesheet
text/css 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Wed, 21 Jul 2021 01:06:38 GMT
server: imunify360-webshield/1.18
etag: "13e4-60f7731e-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 2016
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 jetpack.css
www.harmj0y.net/blog/wp-content/plugins/jetpack/css/ 86 KB
16 KB 204ms
203ms Stylesheet
text/css 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/plugins/jetpack/css/jetpack.css?ver=10.6
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Wed, 02 Feb 2022 08:06:52 GMT
server: imunify360-webshield/1.18
etag: "15784-61fa3b9c-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 16057
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 jquery.min.js Show response
www.harmj0y.net/blog/wp-includes/js/jquery/ 87 KB
30 KB 204ms
203ms Script
application/javascript 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 18:11:46 GMT
server: imunify360-webshield/1.18
etag: "15db1-61004c62-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30273
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.harmj0y.net/blog/wp-includes/js/jquery/ 11 KB
4 KB 204ms
204ms Script
application/javascript 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Mon, 10 May 2021 18:19:47 GMT
server: imunify360-webshield/1.18
etag: "2bd8-60997943-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3995
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 crayon.min.js Show response
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/js/min/ 22 KB
7 KB 204ms
204ms Script
application/javascript 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js?ver=_2.7.2_beta
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Wed, 11 May 2016 01:41:40 GMT
server: imunify360-webshield/1.18
etag: "5741-57328dd4-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6461
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 Union-120x38.png
www.harmj0y.net/blog/wp-content/uploads/2021/05/ 2 KB
3 KB 188ms
187ms Image
image/png 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harmj0y.net/blog/wp-content/uploads/2021/05/Union-120x38.png
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 9a197448b02f5190c3bf230430e42f7d9ce5d6357c711f4d57c7e1077d581730

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Tue, 08 Jun 2021 15:53:14 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2305
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.harmj0y.net/blog/wp-includes/js/ 18 KB
5 KB 189ms
188ms Script
application/javascript 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 18:11:46 GMT
server: imunify360-webshield/1.18
etag: "4705-61004c62-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4539
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 comment-reply.min.js Show response
www.harmj0y.net/blog/wp-includes/js/ 3 KB
2 KB 96ms
96ms Script
application/javascript 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-includes/js/comment-reply.min.js?ver=5.8.3
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Mon, 10 May 2021 18:19:47 GMT
server: imunify360-webshield/1.18
etag: "ba8-60997943-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1228
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 frontend.min.js Show response
www.harmj0y.net/blog/wp-content/themes/astra/assets/js/minified/ 16 KB
4 KB 111ms
111ms Script
application/javascript 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.6.6
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 73055d8272f3a7987c4fceae38084d54996bfb29360f45ac01b06510b10be987

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 18:26:47 GMT
server: imunify360-webshield/1.18
etag: "41a4-61004fe7-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3730
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 734e5f942.min.js Show response
www.harmj0y.net/blog/wp-content/uploads/essential-addons-elementor/ 796 KB
183 KB 110ms
108ms Script
application/javascript 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1644106753
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: bf807ef637bf4fb727e0ce4fcd0bd6135cc58deb869eb423db85a1c2a4f2e52f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Tue, 11 May 2021 00:34:25 GMT
server: imunify360-webshield/1.18
etag: "c6fd0-6099d111-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 186831
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 gprofiles.js Show response
secure.gravatar.com/js/ 23 KB
7 KB 27ms
6ms Script
application/javascript 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/js/gprofiles.js?ver=202205
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:11 GMT
content-encoding: br
last-modified: Thu, 02 Apr 2020 15:50:36 GMT
server: nginx
etag: W/"5e8609cc-5dea"
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 13 Feb 2022 01:45:11 GMT

GET
H2 200 wpgroho.js Show response
www.harmj0y.net/blog/wp-content/plugins/jetpack/modules/ 2 KB
1 KB 188ms
186ms Script
application/javascript 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/plugins/jetpack/modules/wpgroho.js?ver=10.6
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: ccd911729403decd6e3b74702fdc4d2c1b1e3ecf35a147f7e5373669932cc708

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Wed, 02 Feb 2022 08:06:53 GMT
server: imunify360-webshield/1.18
etag: "7a1-61fa3b9d-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 731
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 twitter-timeline.min.js Show response
www.harmj0y.net/blog/wp-content/plugins/jetpack/_inc/build/ 270 B
595 B 188ms
187ms Script
application/javascript 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 3688a29bbda548acee73eb4383de2cfe65fee84e27fe7d2bccb7d670f697fa18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
last-modified: Wed, 02 Feb 2022 08:06:52 GMT
server: imunify360-webshield/1.18
etag: "10e-61fa3b9c-0;;;"
vary: User-Agent,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 270
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 wp-embed.min.js Show response
www.harmj0y.net/blog/wp-includes/js/ 1 KB
1016 B 189ms
187ms Script
application/javascript 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Mon, 10 May 2021 18:19:47 GMT
server: imunify360-webshield/1.18
etag: "592-60997943-0;br"
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800,public, must-revalidate, proxy-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 663
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 e-202205.js Show response
stats.wp.com/ 9 KB
3 KB 22ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202205.js
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn
date: Sun, 06 Feb 2022 01:45:11 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 22 Jan 2023 23:29:03 GMT

GET
H2 200 buttons.png
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/css/images/toolbar/ 2 KB
2 KB 177ms
176ms Image
image/png 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/css/images/toolbar/buttons.png
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css?ver=_2.7.2_beta
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 630d0a3cc8f4c4aa7bf49b40ae6f59f3a137707e0d7bba46ba44e2e5f2c53aab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css?ver=_2.7.2_beta
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:08 GMT
content-encoding: br
last-modified: Wed, 11 May 2016 01:41:40 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1836
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 RrQPboN_4yJ0JmiMUW7sIGjd1IA9G81JfkiLD3U.woff2
fonts.gstatic.com/s/oxanium/v12/ 8 KB
8 KB 148ms
50ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxanium/v12/RrQPboN_4yJ0JmiMUW7sIGjd1IA9G81JfkiLD3U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C%7COxanium%3A400%2C&display=fallback&ver=3.6.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b2b9b21bbe89adeaf68680f63f76e63b6e415cf5889842e3f0ac58f16e777a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.harmj0y.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 14:16:32 GMT
x-content-type-options: nosniff
age: 214119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8044
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:08 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 03 Feb 2023 14:16:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 137ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C%7COxanium%3A400%2C&display=fallback&ver=3.6.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.harmj0y.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 143828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 09:48:03 GMT

GET
H2 200 monaco-webfont.woff
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco/ 21 KB
21 KB 138ms
137ms Font
font/woff 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco/monaco-webfont.woff
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css?ver=_2.7.2_beta
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 9c2e1d2864f53c224d6542bed9a1ab1de620dae21a2146eb4ff982dd8fcd4567

Request headers

Referer: https://www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css?ver=_2.7.2_beta
Origin: https://www.harmj0y.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:09 GMT
last-modified: Wed, 11 May 2016 01:41:40 GMT
server: imunify360-webshield/1.18
vary: User-Agent
content-type: font/woff
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 21372

GET
H2 200 seriously.jpg
www.harmj0y.net/blog/wp-content/uploads/2017/01/ 98 KB
98 KB 114ms
113ms Image
image/jpeg 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harmj0y.net/blog/wp-content/uploads/2017/01/seriously.jpg
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: fdbd05132493cc939aedf5fcc2ea38771b70fd21a5ea561d82446526354d385e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:09 GMT
content-encoding: br
last-modified: Thu, 05 Jan 2017 06:37:02 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 99852
expires: Sun, 13 Feb 2022 01:45:08 GMT

GET
H2 200 delegation_forwarded_tgt.png
www.harmj0y.net/blog/wp-content/uploads/2016/12/ 33 KB
33 KB 132ms
131ms Image
image/png 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harmj0y.net/blog/wp-content/uploads/2016/12/delegation_forwarded_tgt.png
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 7f04bb187a91cedcf1d8b45f0bc365a1df7d3ae424b2e26441b5383353f67961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:09 GMT
content-encoding: br
last-modified: Sun, 18 Dec 2016 23:12:03 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 33427
expires: Sun, 13 Feb 2022 01:45:09 GMT

GET
H2 200 get_domaincomputer_unconstrained-768x399.png
www.harmj0y.net/blog/wp-content/uploads/2016/12/ 114 KB
113 KB 211ms
210ms Image
image/png 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harmj0y.net/blog/wp-content/uploads/2016/12/get_domaincomputer_unconstrained-768x399.png
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 3a4a2642411fd5e8dbd7a0e4b200c2ccfc5d7fa3ae321349acb609deba47f727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:09 GMT
content-encoding: br
last-modified: Sun, 18 Dec 2016 23:52:51 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 114888
expires: Sun, 13 Feb 2022 01:45:09 GMT

GET
H2 200 sqlservice_delegation_properties-768x1021.png
www.harmj0y.net/blog/wp-content/uploads/2016/12/ 197 KB
194 KB 137ms
137ms Image
image/png 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harmj0y.net/blog/wp-content/uploads/2016/12/sqlservice_delegation_properties-768x1021.png
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: bad92e9b7b47ef8ebc60c0faaec54068f73291eb220f8afb01769c1ec5137681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:09 GMT
content-encoding: br
last-modified: Mon, 19 Dec 2016 00:30:57 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 198096
expires: Sun, 13 Feb 2022 01:45:09 GMT

GET
H2 200 sqlservice_delegation_powerview-768x365.png
www.harmj0y.net/blog/wp-content/uploads/2016/12/ 52 KB
52 KB 209ms
209ms Image
image/png 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harmj0y.net/blog/wp-content/uploads/2016/12/sqlservice_delegation_powerview-768x365.png
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: imunify360-webshield/1.18 /
Resource Hash: 84a03d2a7abfcb98fa73ae6df99a252f1a1a65637ee30436ba6ce1e153f2a199

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:09 GMT
content-encoding: br
last-modified: Mon, 19 Dec 2016 00:32:37 GMT
server: imunify360-webshield/1.18
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 52528
expires: Sun, 13 Feb 2022 01:45:09 GMT

GET
H3-Q050 200 SO-logo-300x119.png
www.harmj0y.net/blog/wp-content/uploads/2021/06/ 8 KB
8 KB 104ms
102ms Image
image/png 104.145.225.3
AS-DIGITALFYRE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.harmj0y.net/blog/wp-content/uploads/2021/06/SO-logo-300x119.png
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 104.145.225.3 Piscataway, United States, ASN64245 (AS-DIGITALFYRE, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 4a8b68ea05f8700184289a3823c6bd3781c98678e1c50bdfabaf12d44dc7f8a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:09 GMT
content-encoding: br
last-modified: Wed, 02 Jun 2021 20:58:15 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8100
expires: Sun, 13 Feb 2022 01:45:09 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 40ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 06 Feb 2022 01:45:12 GMT
Content-Encoding: gzip
Age: 164
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29179
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 20:03:56 GMT
Server: ECS (frb/6723)
Etag: "94840c3a0697481258cd2b28513e7509+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 13ms
5ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.6&blog=65454229&post=3537&tz=-5&srv=www.harmj0y.net&host=www.harmj0y.net&ref=https%3A%2F%2Fwww.harmj0y.net%2Fblog%2Factivedirectory%2Fs4u2pwnage%2F&fcp=742&rand=0.5061200115459534
Requested by: Host: www.harmj0y.net
URL: https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 06 Feb 2022 01:45:12 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 hovercard.min.css
secure.gravatar.com/dist/css/ 8 KB
2 KB 10ms
6ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/dist/css/hovercard.min.css?ver=202205
Requested by: Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=202205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
content-encoding: br
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
server: nginx
etag: W/"5fac09d6-1e86"
content-type: text/css
cache-control: max-age=604800
expires: Sun, 13 Feb 2022 01:45:12 GMT

GET
H2 200 services.min.css
secure.gravatar.com/dist/css/ 3 KB
582 B 8ms
6ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/dist/css/services.min.css?ver=202205
Requested by: Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=202205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
content-encoding: br
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
server: nginx
etag: W/"5ab37b5c-a54"
content-type: text/css
cache-control: max-age=604800
expires: Sun, 13 Feb 2022 01:45:12 GMT

GET
H/1.1 200
OK widget_iframe.4e067713e19d4fff483536ddc4df18b9.html Show response
platform.twitter.com/widgets/ Frame 92A9 319 KB
104 KB 13ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.harmj0y.net
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 99224
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 06 Feb 2022 01:45:12 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Tue, 01 Feb 2022 20:00:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/669E)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 92A9 232 B
447 B 136ms
120ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=fe4196e391693dd194cb3d75a75a39e1bcc4be11

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.harmj0y.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 113
date: Sun, 06 Feb 2022 01:45:11 GMT
content-encoding: gzip
last-modified: Sun, 06 Feb 2022 01:45:12 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: fa519e32badd0b0e59d6e990ba6c1bb9e65402742325629a0a331e10c72f0a66
content-length: 166

GET
H/1.1 200
OK moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js Show response
platform.twitter.com/js/ 25 KB
8 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 06 Feb 2022 01:45:12 GMT
Content-Encoding: gzip
Age: 99224
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 8012
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 19:59:51 GMT
Server: ECS (frb/6738)
Etag: "3123bdaf11a1d77bcf1836091c9b4631+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.34cf38a85ac899f1d6a0438a1659decc.js Show response
platform.twitter.com/js/ 20 KB
7 KB 15ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 06 Feb 2022 01:45:12 GMT
Content-Encoding: gzip
Age: 99225
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 6444
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 19:59:51 GMT
Server: ECS (frb/6723)
Etag: "0a27acfd1028aaadad57ff8929bf7266+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 39 KB
6 KB 210ms
165ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_harmj0y_old&dnt=false&domain=www.harmj0y.net&lang=en&screen_name=harmj0y&suppress_response_codes=true&t=1826791&tweet_limit=5&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

703fdf7e62d29127444fb018a55500bee9c0e1a452c8aebf6de68f071c3d6364

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=159
content-length: 5572
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 145
last-modified: Sun, 06 Feb 2022 01:45:12 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 1372fbca9bbf4c4086d9e87f1efe28ec3af82b53d117f4acad646812e1a11779
timing-allow-origin: *
x-transaction: e1171657ac94d64a
expires: Sun, 06 Feb 2022 01:50:12 GMT

GET
H2 200 tJGzlvuH
pbs.twimg.com/card_img/1488906828905861127/ Frame 2DD2 28 KB
28 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1488906828905861127/tJGzlvuH?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

1014e513c7c78de0a629ec8a1f8206504392bd9818e6b9a11f930fbfb5943654

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 291034
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 28416
x-response-time: 268
surrogate-key: card_img card_img/bucket/1 card_img/1488906828905861127
last-modified: Wed, 02 Feb 2022 16:05:05 GMT
server: ECS (frb/673A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8fc8e2c7228dfcc06803196d186dd4fa0d5ee63012673d5d6293179b414485ff
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 HTtPdu2r
pbs.twimg.com/card_img/1489282717904617475/ Frame 2DD2 757 B
1 KB 8ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1489282717904617475/HTtPdu2r?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

12e8e203630026ac35d5bde6484267ae0bbec86bc848c4a53f37cb8393eea193

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 203879
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 757
x-response-time: 130
surrogate-key: card_img card_img/bucket/6 card_img/1489282717904617475
last-modified: Thu, 03 Feb 2022 16:58:44 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2ba3bdb9684de0a762e7ea7f9317cc8dc3a7740bc671b05527bb308a80685250
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
platform.twitter.com/css/ Frame 2DD2 53 KB
12 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 32ae1222c34ac8d4ca2dcd6455e4b25c789515cbc05291c565dc49c64c21675e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 06 Feb 2022 01:45:12 GMT
Content-Encoding: gzip
Age: 99224
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12179
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 19:59:44 GMT
Server: ECS (frb/6796)
Etag: "436682de2fd3039cb30ca50d238371c0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 7ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 06 Feb 2022 01:45:12 GMT
Content-Encoding: gzip
Age: 99224
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12179
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 19:59:44 GMT
Server: ECS (frb/6796)
Etag: "436682de2fd3039cb30ca50d238371c0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 tJGzlvuH
pbs.twimg.com/card_img/1488906828905861127/ Frame 2DD2 28 KB
28 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1488906828905861127/tJGzlvuH?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

1014e513c7c78de0a629ec8a1f8206504392bd9818e6b9a11f930fbfb5943654

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 291034
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 28416
x-response-time: 268
surrogate-key: card_img card_img/bucket/1 card_img/1488906828905861127
last-modified: Wed, 02 Feb 2022 16:05:05 GMT
server: ECS (frb/673A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8fc8e2c7228dfcc06803196d186dd4fa0d5ee63012673d5d6293179b414485ff
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 HTtPdu2r
pbs.twimg.com/card_img/1489282717904617475/ Frame 2DD2 757 B
847 B 7ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1489282717904617475/HTtPdu2r?format=png&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

12e8e203630026ac35d5bde6484267ae0bbec86bc848c4a53f37cb8393eea193

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 203879
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 757
x-response-time: 130
surrogate-key: card_img card_img/bucket/6 card_img/1489282717904617475
last-modified: Thu, 03 Feb 2022 16:58:44 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2ba3bdb9684de0a762e7ea7f9317cc8dc3a7740bc671b05527bb308a80685250
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 HBkrd7yc_normal.jpg
pbs.twimg.com/profile_images/1376219130722836480/ Frame 2DD2 2 KB
2 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1376219130722836480/HBkrd7yc_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

cd5780444eb23e4d5d5cd3728f4df5f8968ce6f70f6741977d37ab95edf73f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 563942
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 2111
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/7 profile_images/1376219130722836480
last-modified: Sun, 28 Mar 2021 17:04:24 GMT
server: ECS (frb/673A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ba074f96bdf955ea908c67e49e50eae84904eb046aa575e59624036fdbee6662
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 dG9Y4RhK_normal.jpg
pbs.twimg.com/profile_images/883033419827032065/ Frame 2DD2 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/883033419827032065/dG9Y4RhK_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C2) /

Resource Hash

2192a8a11b3b0968c13f8933c5fdb91355f5584681429d76567cdbd4eda32fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 495154
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 2263
x-response-time: 115
surrogate-key: profile_images profile_images/bucket/8 profile_images/883033419827032065
last-modified: Thu, 06 Jul 2017 18:40:27 GMT
server: ECS (frb/67C2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b2771c5199f0cbd1e24fffa3d9e9d219ba345c88ee777031d80184cb035d6663
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 9YsmTOdI_normal.jpg
pbs.twimg.com/profile_images/1297211975017979904/ Frame 2DD2 3 KB
3 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1297211975017979904/9YsmTOdI_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6739) /

Resource Hash

dab45959354cf924af6a2e42c5d27d37fc04f31e89e2f727473c9266d387cde1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 505325
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 2567
x-response-time: 127
surrogate-key: profile_images profile_images/bucket/6 profile_images/1297211975017979904
last-modified: Sat, 22 Aug 2020 16:38:10 GMT
server: ECS (frb/6739)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d667f547466ff3f0ac5f3cfe165a09f68e22e426ea7ebf7911262f6762c7fe90
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 iNf3tqcS_normal.jpg
pbs.twimg.com/profile_images/675777404477054976/ Frame 2DD2 2 KB
2 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/675777404477054976/iNf3tqcS_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

715da4d45e91462b0a8222792520c98e1a232fa947be1ffdde6699103030c258

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 207146
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 2111
x-response-time: 117
surrogate-key: profile_images profile_images/bucket/8 profile_images/675777404477054976
last-modified: Sat, 12 Dec 2015 20:39:03 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 978ba5b8779b7382e4085a67538b513e3e8b6b9c52cf453fd6736600b4f3f361
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 j8CBJD3p_normal.jpg
pbs.twimg.com/profile_images/1488377771365568518/ Frame 2DD2 2 KB
3 KB 9ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1488377771365568518/j8CBJD3p_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

bc914b134aa5683a015918803cccc7c734dccff00aa50f9ad0fbd660578038a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 419978
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 2491
x-response-time: 122
surrogate-key: profile_images profile_images/bucket/0 profile_images/1488377771365568518
last-modified: Tue, 01 Feb 2022 05:02:48 GMT
server: ECS (frb/67DF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f506b5003e69305ac57730caae87d30af368a0245d40f837a0ee9118afc60579
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FKcj5vzXwA0frVV
pbs.twimg.com/media/ Frame 2DD2 12 KB
12 KB 9ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FKcj5vzXwA0frVV?format=jpg&name=360x360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) /

Resource Hash

14e2d2f3e23cd433c341a6fee019662b73fd41c98cd880475fbe46e43b4a05e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 462897
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 11946
x-response-time: 171
surrogate-key: media media/bucket/5 media/1488197676860686349
last-modified: Mon, 31 Jan 2022 17:07:10 GMT
server: ECS (frb/6793)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 95653ff19b1a37a141bfba85f278d8de2417725567347a21d424f6284f4e118c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FKbfcsyXMAMd6Hl
pbs.twimg.com/media/ Frame 2DD2 321 KB
321 KB 8ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FKbfcsyXMAMd6Hl?format=png&name=small

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

f8a65ae3938f08a0bee4443592952d206fcb684a1851cdf6d879f3630f01d802

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 480891
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 328715
x-response-time: 220
surrogate-key: media media/bucket/0 media/1488122411044253699
last-modified: Mon, 31 Jan 2022 12:08:05 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dca7bed6b9447182febacd4d32f87beb622c8b49d79b425a96a39a86abd34977
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 2DD2 44 KB
7 KB 100ms
7ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224228
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 6e2650a45a341ddcba3ee4032e2fcd8aa74f38bf155a7de73f7a85300f4ddc39
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sun, 13 Feb 2022 01:45:12 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 103ms
10ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.harmj0y.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224228
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 6e2650a45a341ddcba3ee4032e2fcd8aa74f38bf155a7de73f7a85300f4ddc39
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sun, 13 Feb 2022 01:45:12 GMT

GET
DATA 200
OK truncated
/ Frame 2DD2 503 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aac05095d40ef0103466fa75159c0fcc72baf7f2ec1335e20d0ca05b7fdc919d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 2DD2 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7617ed30b8adef52b9e11ad72dd08abec0947acf8a609e599093efa9f83b28af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 2DD2 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 2DD2 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d67cbe62c3c2c50fa3af647e3f7910c28a9927aeca37463ae28ffff9a240376d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 2DD2 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46448909ce97ba850c6c0753a47bba758da621333b0fa3a11931a396a8bac43e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 tJGzlvuH
pbs.twimg.com/card_img/1488906828905861127/ Frame 2DD2 28 KB
28 KB 9ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1488906828905861127/tJGzlvuH?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

1014e513c7c78de0a629ec8a1f8206504392bd9818e6b9a11f930fbfb5943654

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 291034
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 28416
x-response-time: 268
surrogate-key: card_img card_img/bucket/1 card_img/1488906828905861127
last-modified: Wed, 02 Feb 2022 16:05:05 GMT
server: ECS (frb/673A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8fc8e2c7228dfcc06803196d186dd4fa0d5ee63012673d5d6293179b414485ff
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 HTtPdu2r
pbs.twimg.com/card_img/1489282717904617475/ Frame 2DD2 757 B
976 B 7ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1489282717904617475/HTtPdu2r?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

12e8e203630026ac35d5bde6484267ae0bbec86bc848c4a53f37cb8393eea193

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 01:45:12 GMT
x-content-type-options: nosniff
age: 203879
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 757
x-response-time: 130
surrogate-key: card_img card_img/bucket/6 card_img/1489282717904617475
last-modified: Thu, 03 Feb 2022 16:58:44 GMT
server: ECS (frb/67BA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2ba3bdb9684de0a762e7ea7f9317cc8dc3a7740bc671b05527bb308a80685250
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 4BB6
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
634 B

7ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.harmj0y.net
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 99225
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 06 Feb 2022 01:45:13 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 01 Feb 2022 20:03:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6711)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Sun, 06 Feb 2022 01:45:13 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Sun, 06 Feb 2022 01:45:13 GMT
x-transaction: ee5fab03999bbbdb
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 122
x-connection-hash: fa519e32badd0b0e59d6e990ba6c1bb9e65402742325629a0a331e10c72f0a66

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.harmj0y.net/	1970-01-20 01:25:03	Name: wschkid Value: c5d58449a0d774354343c6d9fb908816216ed5ef.1644198308.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.syndication.twimg.com
fonts.googleapis.com
fonts.gstatic.com
pbs.twimg.com
pixel.wp.com
platform.twitter.com
secure.gravatar.com
stats.wp.com
syndication.twitter.com
ton.twimg.com
www.harmj0y.net
104.145.225.3
104.244.42.136
192.0.76.3
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:803::2003
2a00:1450:4001:812::200a
2a04:fa87:fffe::c000:4902
01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0dbaae4cc3da0301c716b6e23724988d608c91b5d552a73356ce449359d3dc3e
1014e513c7c78de0a629ec8a1f8206504392bd9818e6b9a11f930fbfb5943654
1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22
12e8e203630026ac35d5bde6484267ae0bbec86bc848c4a53f37cb8393eea193
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14e2d2f3e23cd433c341a6fee019662b73fd41c98cd880475fbe46e43b4a05e5
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b
1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d
1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479
2192a8a11b3b0968c13f8933c5fdb91355f5584681429d76567cdbd4eda32fed
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
32ae1222c34ac8d4ca2dcd6455e4b25c789515cbc05291c565dc49c64c21675e
367e2f588e254d788be8e242a776f1c3d26b98c3540a989568f43a545d725ad6
3688a29bbda548acee73eb4383de2cfe65fee84e27fe7d2bccb7d670f697fa18
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2
3a4a2642411fd5e8dbd7a0e4b200c2ccfc5d7fa3ae321349acb609deba47f727
46448909ce97ba850c6c0753a47bba758da621333b0fa3a11931a396a8bac43e
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376
4a8b68ea05f8700184289a3823c6bd3781c98678e1c50bdfabaf12d44dc7f8a6
4b2b9b21bbe89adeaf68680f63f76e63b6e415cf5889842e3f0ac58f16e777a4
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
630d0a3cc8f4c4aa7bf49b40ae6f59f3a137707e0d7bba46ba44e2e5f2c53aab
703fdf7e62d29127444fb018a55500bee9c0e1a452c8aebf6de68f071c3d6364
715da4d45e91462b0a8222792520c98e1a232fa947be1ffdde6699103030c258
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73055d8272f3a7987c4fceae38084d54996bfb29360f45ac01b06510b10be987
7617ed30b8adef52b9e11ad72dd08abec0947acf8a609e599093efa9f83b28af
7801f4fcb7bfe2e5e689915795b9149ae42e30f92fa45dc579d84e476cfe7860
7f04bb187a91cedcf1d8b45f0bc365a1df7d3ae424b2e26441b5383353f67961
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84a03d2a7abfcb98fa73ae6df99a252f1a1a65637ee30436ba6ce1e153f2a199
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1
8b33eebc11529672afc8f1ac6d5d4ef24bed8dfec1505a2510c805e0dd21565f
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
9a197448b02f5190c3bf230430e42f7d9ce5d6357c711f4d57c7e1077d581730
9c2e1d2864f53c224d6542bed9a1ab1de620dae21a2146eb4ff982dd8fcd4567
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
aac05095d40ef0103466fa75159c0fcc72baf7f2ec1335e20d0ca05b7fdc919d
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bad92e9b7b47ef8ebc60c0faaec54068f73291eb220f8afb01769c1ec5137681
bc914b134aa5683a015918803cccc7c734dccff00aa50f9ad0fbd660578038a7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be10d81e5cf62f6d5befd410c3ccd9c568d298c2185833c515967589a4d67ab4
bf807ef637bf4fb727e0ce4fcd0bd6135cc58deb869eb423db85a1c2a4f2e52f
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccd911729403decd6e3b74702fdc4d2c1b1e3ecf35a147f7e5373669932cc708
cd5780444eb23e4d5d5cd3728f4df5f8968ce6f70f6741977d37ab95edf73f34
d67cbe62c3c2c50fa3af647e3f7910c28a9927aeca37463ae28ffff9a240376d
dab45959354cf924af6a2e42c5d27d37fc04f31e89e2f727473c9266d387cde1
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7
e5941d48b4cb371b5f5a7a5cf0b2799ba23714314f39799571ca6b725a0c89c2
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f8a65ae3938f08a0bee4443592952d206fcb684a1851cdf6d879f3630f01d802
fdbd05132493cc939aedf5fcc2ea38771b70fd21a5ea561d82446526354d385e

www.harmj0y.net Open in urlscan Pro 104.145.225.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

67 %IPv6

7 Domains

11 Subdomains

10 IPs

3 Countries

1619 kBTransfer

3402 kBSize

1 Cookies

36 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.harmj0y.net Open in urlscan Pro
104.145.225.3 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

11
Subdomains

10
IPs

3
Countries

1619 kB
Transfer

3402 kB
Size

1
Cookies

63 HTTP transactions
5 data transactions