cqureacademy.com Open in urlscan Pro
104.198.110.226 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Submission: On November 16 via api (November 16th 2019, 2:50:54 pm UTC) from DE

Summary HTTP 144 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 27 domains to perform 144 HTTP transactions. The main IP is 104.198.110.226, located in Mountain View, United States and belongs to GOOGLE - Google LLC, US. The main domain is cqureacademy.com.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on June 20th 2019. Valid for: a year.

This is the only time cqureacademy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	104.198.110.226 104.198.110.226	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
54	94.31.29.96 94.31.29.96	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
7	104.16.21.19 104.16.21.19	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 4	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a02:26f0:6c0... 2a02:26f0:6c00:299::25eb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:30:... 2606:4700:30::6812:22a2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	151.101.113.2 151.101.113.2	54113 (FASTLY) (FASTLY - Fastly)
1	3.223.182.220 3.223.182.220	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2 7	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.202.120.185 52.202.120.185	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY - Fastly)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	2a02:6ea0:cf0... 2a02:6ea0:cf04::2	60068 (CDN77) (CDN77)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4 8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER - Twitter Inc.)
8	52.34.133.113 52.34.133.113	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:215... 2600:9000:2156:ce00:a:6697:8180:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	209.170.211.179 209.170.211.179	13649 (ASN-VINS) (ASN-VINS - ViaWest)
1	104.18.166.29 104.18.166.29	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.112.84 151.101.112.84	54113 (FASTLY) (FASTLY - Fastly)
1 1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY - Fastly)
1	151.101.113.140 151.101.113.140	54113 (FASTLY) (FASTLY - Fastly)
1	89.187.169.79 89.187.169.79	60068 (CDN77) (CDN77)
144	38

3 104.198.110.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 226.110.198.104.bc.googleusercontent.com

cqureacademy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 94.31.29.96 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.96.IPYX-077437-ZYO.above.net

4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.21.19 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

forms.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
optassets.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:299::25eb (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6812:22a2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

load.fomo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.182.220 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-223-182-220.compute-1.amazonaws.com

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.120.185 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-202-120-185.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6ea0:cf04::2 (United Kingdom)

ASN60068 (CDN77, GB)

load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 4 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.34.133.113 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-34-133-113.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ce00:a:6697:8180:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.getmoreproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.170.211.179 (Venice, United States)

ASN13649 (ASN-VINS - ViaWest, US)
PTR: mail9.ontramail.com

cqure.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.166.29 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.bufferapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

clients6.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States) 1 redirects

ASN54113 (FASTLY - Fastly, US)

reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.79 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: edge-540.b-cdn.net

micro-cdn.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	netdna-ssl.com 4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com	2 MB
27	sumo.com load.sumo.com sumo.com micro-cdn.sumo.com	708 KB
11	facebook.com 4 redirects www.facebook.com staticxx.facebook.com graph.facebook.com api.facebook.com	3 KB
9	googleapis.com fonts.googleapis.com ajax.googleapis.com	136 KB
8	ontraport.com forms.ontraport.com optassets.ontraport.com app.ontraport.com cqure.ontraport.com	168 KB
5	google-analytics.com 2 redirects www.google-analytics.com	42 KB
5	linkedin.com 2 redirects platform.linkedin.com px.ads.linkedin.com www.linkedin.com	57 KB
5	google.com 2 redirects www.google.com clients6.google.com	1 KB
4	facebook.net connect.facebook.net	172 KB
3	reddit.com 1 redirects alb.reddit.com reddit.com www.reddit.com	1 KB
3	twitter.com platform.twitter.com analytics.twitter.com	29 KB
3	cqureacademy.com cqureacademy.com	25 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	100 KB
2	google.de www.google.de	218 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	322 B
2	youtube.com www.youtube.com	950 B
2	quora.com a.quora.com q.quora.com	14 KB
1	pinterest.com widgets.pinterest.com	371 B
1	bufferapp.com api.bufferapp.com	535 B
1	getmoreproof.com cdn.getmoreproof.com	2 KB
1	ytimg.com s.ytimg.com	9 KB
1	t.co t.co	448 B
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
1	fomo.com load.fomo.com	19 KB
1	onesignal.com cdn.onesignal.com	3 KB
144	27

	Domain	Requested by
54	4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com	cqureacademy.com 4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com www.google-analytics.com
18	load.sumo.com	cqureacademy.com load.sumo.com
8	sumo.com	load.sumo.com
8	www.facebook.com	4 redirects cqureacademy.com connect.facebook.net
5	www.google-analytics.com	2 redirects www.googletagmanager.com www.google-analytics.com
5	ajax.googleapis.com	cqureacademy.com forms.ontraport.com
4	connect.facebook.net	cqureacademy.com connect.facebook.net
4	www.google.com	2 redirects cqureacademy.com www.gstatic.com
4	forms.ontraport.com	cqureacademy.com forms.ontraport.com
4	fonts.googleapis.com	cqureacademy.com ajax.googleapis.com load.sumo.com
3	cqureacademy.com	cqureacademy.com ajax.googleapis.com
2	www.linkedin.com	1 redirects load.sumo.com
2	px.ads.linkedin.com	1 redirects cqureacademy.com
2	www.google.de	cqureacademy.com
2	stats.g.doubleclick.net	2 redirects
2	www.youtube.com	cqureacademy.com www.googletagmanager.com
2	platform.twitter.com	cqureacademy.com platform.twitter.com
2	optassets.ontraport.com	cqureacademy.com www.google-analytics.com
1	micro-cdn.sumo.com
1	www.reddit.com
1	reddit.com	1 redirects
1	widgets.pinterest.com	load.sumo.com
1	clients6.google.com	load.sumo.com
1	api.facebook.com	load.sumo.com
1	graph.facebook.com	load.sumo.com
1	api.bufferapp.com	load.sumo.com
1	cqure.ontraport.com	optassets.ontraport.com
1	cdn.getmoreproof.com	cqureacademy.com
1	s.ytimg.com	www.youtube.com
1	fonts.gstatic.com	ajax.googleapis.com
1	analytics.twitter.com	static.ads-twitter.com
1	staticxx.facebook.com	connect.facebook.net
1	app.ontraport.com	forms.ontraport.com
1	www.gstatic.com	www.google.com
1	t.co	cqureacademy.com
1	snap.licdn.com	cqureacademy.com
1	static.ads-twitter.com	cqureacademy.com
1	q.quora.com	cqureacademy.com
1	www.googletagmanager.com	cqureacademy.com
1	alb.reddit.com	cqureacademy.com
1	a.quora.com	cqureacademy.com
1	load.fomo.com	cqureacademy.com
1	platform.linkedin.com	cqureacademy.com
1	cdn.onesignal.com	cqureacademy.com
144	44

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
twitter.com
github.com
telegram.me

Subject Issuer	Validity	Valid
cqureacademy.com GlobalSign Extended Validation CA - SHA256 - G3	`2019-06-20` - `2020-07-24`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-18` - `2020-02-27`	a year	crt.sh
*.ontraport.com Go Daddy Secure Certificate Authority - G2	`2019-10-23` - `2020-11-21`	a year	crt.sh
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-11` - `2020-04-18`	6 months	crt.sh
www.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2018-07-11` - `2020-07-15`	2 years	crt.sh
sni149738.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-26` - `2020-04-03`	6 months	crt.sh
quora.com Let's Encrypt Authority X3	`2019-10-25` - `2020-01-23`	3 months	crt.sh
alb.reddit.com Amazon	`2019-05-20` - `2020-06-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.quora.com Let's Encrypt Authority X3	`2019-09-30` - `2019-12-29`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.sumo.com Go Daddy Secure Certificate Authority - G2	`2018-11-17` - `2020-01-16`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.getmoreproof.com Amazon	`2018-01-22` - `2019-02-22`	a year	crt.sh
cqure.ontraport.com Let's Encrypt Authority X3	`2019-10-05` - `2020-01-03`	3 months	crt.sh
api.bufferapp.com DigiCert SHA2 Secure Server CA	`2018-07-11` - `2020-07-15`	2 years	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2018-05-30` - `2020-09-01`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh

This page contains 7 frames:

Primary Page: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Frame ID: F3C18A24E55135A2C46F6790A08F47C5
Requests: 151 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ctLVMi1_zBc?rel=0&showinfo=0
Frame ID: C3A1275D262839A94D1EB454E2543FEB
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 0BC6B8FB1EA4683907ECD453403A45F9
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=https%3A%2F%2Fcqureacademy.com
Frame ID: 9F443C380461858ACEC308BDDE6C6706
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df106ad49e7cff7c%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&sdk=joey&version=v2.6&width=550
Frame ID: 408A4D65485D25EBCE19FC0C93A4E44A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df8fadabd33d2dc%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&numposts=5&sdk=joey&version=v2.6
Frame ID: 6F165CF659AA0EFBEEC04DAFC18C34FD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeAW7YUAAAAAKMkVww0wWJLeHX4HspK47pMgqGQ&co=aHR0cHM6Ly9jcXVyZWFjYWRlbXkuY29tOjQ0Mw..&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=9lyws9be28it
Frame ID: EF15B2BBCB3AD4E53927C26AA2B6BA13
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

144
Requests

99 %
HTTPS

59 %
IPv6

27
Domains

44
Subdomains

38
IPs

6
Countries

3079 kB
Transfer

8574 kB
Size

19
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/CQURE/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/CQUREAcademy

Search URL Search Domain Scan URL

URL: https://twitter.com/cqureacademy

Search URL Search Domain Scan URL

URL: https://github.com/CoreSecurity/impacket
Title: >>Download Tools for SMB Relay Attack<<

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Reading+about+SMB+Relay+Attack&via=cqureacademy&related=cqureacademy&url=https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Title: Reading about SMB Relay Attack

Search URL Search Domain Scan URL

URL: https://telegram.me/cqure
Title: Telegram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=368491064&t=pageview&_s=1&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&ul=en-us&de=UTF-8&dt=Server%20Message%20Block%3A%20SMB%20Relay%20Attack%20(Attack%20That%20Always%20Works)%20%7C%20CQURE%20Academy&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAAEALQ~&jid=1630730735&gjid=1881358303&cid=303054163.1573915838&tid=UA-80845917-1&_gid=469899587.1573915838&_r=1&gtm=2wgav35BK3X4&z=1321987430 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_gid=469899587.1573915838&gjid=1881358303&_v=j79&z=1321987430 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_v=j79&z=1321987430 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_v=j79&z=1321987430&slf_rd=1&random=1645506062

Request Chain 85

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=29329&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&time=1573915838094 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D29329%26url%3Dhttps%253A%252F%252Fcqureacademy.com%252Fblog%252Fpenetration-testing%252Fsmb-relay-attack%26time%3D1573915838094%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=29329&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&time=1573915838094&liSync=true

Request Chain 100

https://www.facebook.com/v2.6/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df106ad49e7cff7c%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&sdk=joey&version=v2.6&width=550 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df106ad49e7cff7c%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&sdk=joey&version=v2.6&width=550 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df106ad49e7cff7c%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&sdk=joey&version=v2.6&width=550

Request Chain 101

https://www.facebook.com/v2.6/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df8fadabd33d2dc%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&numposts=5&sdk=joey&version=v2.6 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df8fadabd33d2dc%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&numposts=5&sdk=joey&version=v2.6 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df8fadabd33d2dc%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&numposts=5&sdk=joey&version=v2.6

Request Chain 136

https://reddit.com/button_info.json?url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&jsonp=jQuery110208136248744252663_1573915838264&_=1573915838265 HTTP 301
https://www.reddit.com/button_info.json?url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&jsonp=jQuery110208136248744252663_1573915838264&_=1573915838265

Request Chain 155

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=368491064&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&ul=en-us&de=UTF-8&dt=Server%20Message%20Block%3A%20SMB%20Relay%20Attack%20(Attack%20That%20Always%20Works)%20%7C%20CQURE%20Academy&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=time&ea=no%20baunce%20rate&el=10s&_u=aGDACEALR~&jid=786457979&gjid=370877583&cid=1747239934.1573915848&tid=UA-80845917-1&_gid=2069087816.1573915848&_r=1&gtm=2wgav35BK3X4&z=2080909965 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80845917-1&cid=1747239934.1573915848&jid=786457979&_gid=2069087816.1573915848&gjid=370877583&_v=j79&z=2080909965 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1747239934.1573915848&jid=786457979&_v=j79&z=2080909965 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1747239934.1573915848&jid=786457979&_v=j79&z=2080909965&slf_rd=1&random=2056591205

144 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request smb-relay-attack Show response
cqureacademy.com/blog/penetration-testing/ 78 KB
19 KB 742ms
161ms Document
text/html 104.198.110.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.198.110.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 226.110.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 275fe7d757e1f7060357961110754bc56200b2eec0aece2ae009a3827131e170

Request headers

:method: GET
:authority: cqureacademy.com
:scheme: https
:path: /blog/penetration-testing/smb-relay-attack
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx
date: Sat, 16 Nov 2019 14:50:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
link: <https://cqureacademy.com/wp-json/>; rel="https://api.w.org/" <https://cqureacademy.com/?p=521>; rel=shortlink
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-pass-why
x-cache-group: normal
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 1 KB
495 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

5740666b44e1a8b08bc837088100fd26ed47d8af036f0ee9b987a4e154c2d4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 16 Nov 2019 14:50:37 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sat, 16 Nov 2019 14:50:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Sat, 16 Nov 2019 14:50:37 GMT

GET
H2 200 style.min.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/ 29 KB
5 KB 35ms
6ms Stylesheet
text/css 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Mon, 22 Apr 2019 12:40:04 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5cbdb624-726f"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 14 KB
3 KB 35ms
6ms Stylesheet
text/css 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.3.0
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e2210d6ac94a06c7a1f14dff4babd1971a6a45e0f8691e807d0df8c595a8137f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:05 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5da49f45-3989"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 styles.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/click-to-tweet-by-todaymade/assets/css/ 3 KB
993 B 36ms
7ms Stylesheet
text/css 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/click-to-tweet-by-todaymade/assets/css/styles.css?ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a7260c89998dba51ffa677ea4292848fa9a3d364b013cb5ed5808976b42e02ec

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 11 Dec 2018 09:59:01 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5c0f8a65-cea"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 styles.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
893 B 37ms
9ms Stylesheet
text/css 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 09:32:12 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5d6e331c-695"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 editor-style-shared.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/ 414 B
495 B 46ms
17ms Stylesheet
text/css 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/editor-style-shared.css?ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 96dfa580986db416a0669725412182121c477c7fd7a164bfe79ba17bfbcdb078

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 08:59:40 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d257c-19e"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 woocommerce-layout.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/ 16 KB
2 KB 46ms
18ms Stylesheet
text/css 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.7.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e42a7af0f19adf1cf7d67e8fbecad6713ec9cde539f7dc5d134544366679e521

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5da49f46-409e"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 woocommerce.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/ 61 KB
9 KB 46ms
18ms Stylesheet
text/css 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.7.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 43cfd18499dc36719f7dd66b2b30aa62fbfc7dcd6861817d19a61c0a159c7403

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5da49f46-f4af"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/ 336 KB
49 KB 40ms
12ms Stylesheet
text/css 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: abbd792e20f71ea64e99928b3b9eac8c4052f3c4cbf6841e819aedadf19dd777

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 07 Aug 2018 13:40:27 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5b69a14b-53e3d"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style-gocloud.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/ 4 KB
1 KB 45ms
18ms Stylesheet
text/css 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style-gocloud.css?ver=24.04
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c06d3388152ecac303ec82b605cfa5768e404668e0fc92cb0f66d31025e1d832

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 02 Oct 2018 16:56:34 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5bb3a342-f71"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 moonrayJS-only-wp-forms.css
forms.ontraport.com/v2.4/include/scripts/moonrayJS/ 504 B
374 B 202ms
167ms Stylesheet
text/css 104.16.21.19
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.ontraport.com/v2.4/include/scripts/moonrayJS/moonrayJS-only-wp-forms.css?ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.21.19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc2dc58ccbe0c654faa36f6c86de15eb09b7b0e99820d1b2c4efa5c317d5f3b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
x-op-benvironment: production
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-op-pci: true
content-encoding: br
x-op-what: what
last-modified: Tue, 17 May 2016 19:03:18 GMT
server: cloudflare
etag: W/"573b6af6-1f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=120
access-control-allow-credentials: true
cf-ray: 536a47419970dff7-FRA
expires: Sat, 16 Nov 2019 14:52:37 GMT

GET
H2 200 /
forms.ontraport.com/v2.4/include/minify/ 9 KB
3 KB 65ms
29ms Stylesheet
text/css 104.16.21.19
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.ontraport.com/v2.4/include/minify/?g=moonrayCSS&ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.21.19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29af56b62112eef5e5b0547812f2b093b6a8db2be7bc31fa9a1ae634026f4c1a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 143876
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-op-pci: true
content-encoding: br
pragma: no-cache
x-op-what: what
last-modified: Tue, 18 Sep 2018 00:53:58 GMT
server: cloudflare
etag: W/"pub1537232038;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 536a47419971dff7-FRA
expires: Sat, 16 Nov 2019 15:50:37 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/smoothness/ 32 KB
6 KB 8ms
6ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/smoothness/jquery-ui.css?ver=5.2.4

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

308b1eee7a3334b8b7b0278128609357f58ee3e5ffe668e5c37b201815547ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 Nov 2019 02:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1339000
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5900
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Oct 2020 02:53:57 GMT

GET
H2 200 jquery.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 95 KB
34 KB 49ms
22ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Fri, 17 May 2019 17:08:53 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5cdeeaa5-17a69"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 10 KB
4 KB 50ms
23ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"573eaa90-2748"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 picturefill.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/js/ 12 KB
5 KB 49ms
23ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/js/picturefill.min.js?ver=3.0.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2dd0eb5e44c81a864cd68e633a69701248b9298b0dc7eb2c75e67e2b1c19b4bc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 09:34:48 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5d6e33b8-2e20"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gtm4wp-form-move-tracker.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
586 B 51ms
24ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.10.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 15 Oct 2019 06:39:02 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5da56986-5cf"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 modernizr-2.6.2-respond-1.1.0.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/ 19 KB
8 KB 46ms
19ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js?ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:01:06 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d25d2-4c1c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js?ver=5.2.4

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 Nov 2019 16:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340311
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Nov 2020 16:18:46 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 51ms
24ms Script
application/javascript 2606:4700::6812:e234
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3018
etag: W/"967648c5f43f1acc3f64970983a5d03f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 536a474188ebcbc4-VIE
expires: Sun, 17 Nov 2019 02:50:37 GMT

GET
H2 200 logo.svg
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/ 6 KB
3 KB 17ms
17ms Image
image/svg+xml 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/logo.svg
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: fa768817b962146f574bf507b3f5a5a3bf552fe2bd9593591fcfc8fe1fc6080c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:00:12 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d259c-183b"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 smb-relay-attack-e1535975746446.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/ 86 KB
86 KB 6ms
5ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/smb-relay-attack-e1535975746446.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: abde1a6237ed5d1c1ed7bebff3392073055e99fa6debe4abbd57c6ffdf3e43ae

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Mon, 03 Sep 2018 11:55:46 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5b8d2142-15829"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 88105

GET
H2 200 smb-relay-attack-2-780x282.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/ 50 KB
50 KB 6ms
5ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/smb-relay-attack-2-780x282.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e3b077ffed74a8bd3fa19a6b276771c2a6f0d4df00bd3eea81078294fe3b3600

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Thu, 29 Sep 2016 18:19:14 GMT
server: NetDNA-cache/2.2
status: 200
etag: "57ed5b22-c692"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 50834

GET
H2 200 smb-relay-attack-3-780x413.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/ 427 KB
428 KB 6ms
5ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/smb-relay-attack-3-780x413.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 0943f5876d184d55a66ac0c4989659a5dd98682fab8c5ab4d9ee5e624840317d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 21 Oct 2016 15:37:27 GMT
server: NetDNA-cache/2.2
status: 200
etag: "580a3637-6abd9"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 437209

GET
H2 200 smb-relay-attack-4-e1473335768883.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/ 122 KB
123 KB 16ms
13ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/smb-relay-attack-4-e1473335768883.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 22ce7dd45d8a91a16e53255919ccf2c5bfca042a338ad6289830dee7d1676d84

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 21 Oct 2016 15:37:05 GMT
server: NetDNA-cache/2.2
status: 200
etag: "580a3621-1e96f"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 125295

GET
H2 200 smb-relay-attack-5.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/ 221 KB
221 KB 21ms
18ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/smb-relay-attack-5.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 96c058969978510f921d90fa989287aff3fbb0c4d0312a15df5bd164c09065da

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 21 Oct 2016 15:36:49 GMT
server: NetDNA-cache/2.2
status: 200
etag: "580a3611-37421"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 226337

GET
H2 200 smb-relay-attack-6-e1535975854840.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/ 176 KB
177 KB 35ms
32ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/smb-relay-attack-6-e1535975854840.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2df44d8b29a890ddef74094a454f9043573ea1b22e61e25dad772085dd1b7a59

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Mon, 03 Sep 2018 11:57:46 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5b8d21ba-2c0e7"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 180455

GET
H2 200 hi.jpg
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/ 46 KB
46 KB 38ms
35ms Image
image/jpeg 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/hi.jpg
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: bde640de5fbcb53d6cf5bfaf352427d6371c08ae925c1ef74d18631852c4fba4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Tue, 28 Nov 2017 09:00:11 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5a1d259b-b799"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 47001

GET
H2 200 genjs-v3.php Show response
forms.ontraport.com/v2.4/include/formEditor/ 5 KB
2 KB 317ms
316ms Script
text/javascript 104.16.21.19
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.21.19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df469a6e1876e709ce0e75537541695caebfd9bfb5222840e2685a83895cec3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
x-op-benvironment: production
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-op-pci: true
content-encoding: br
pragma: no-cache
x-op-what: what
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 536a4741b9eadff7-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
cqureacademy.com/wp-includes/js/ 14 KB
5 KB 150ms
147ms Script
application/javascript 104.198.110.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cqureacademy.com/wp-includes/js/wp-emoji-release.min.js?ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.198.110.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 226.110.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Mon, 08 Apr 2019 05:22:51 GMT
server: nginx
status: 200
etag: W/"5caadaab-3610"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 woocommerce-smallscreen.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/ 7 KB
1 KB 38ms
35ms Stylesheet
text/css 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.7.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5da49f46-1a66"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 tracking.js Show response
optassets.ontraport.com/ 10 KB
3 KB 46ms
18ms Script
text/html 104.16.21.19
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/tracking.js?ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.21.19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd536bda12f3412d79f47f4aab0d693fd32cfa3fcbefbebcecde78c8116274bf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4838
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-op-release: 3
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 536a47425befdff7-FRA
expires: Sat, 16 Nov 2019 18:50:37 GMT

GET
H2 200 scripts.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 6ms
6ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 09:32:12 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5d6e331c-3868"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.blockUI.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 6ms
6ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5da49f46-255e"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js.cookie.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 5ms
5ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5da49f46-736"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 woocommerce.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/frontend/ 1 KB
870 B 5ms
5ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.7.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5da49f46-5c0"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 cart-fragments.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 6ms
5ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.7.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5da49f46-b7c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 763 B
595 B 17ms
17ms Script
text/javascript 2a00:1450:4001:818::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeAW7YUAAAAAKMkVww0wWJLeHX4HspK47pMgqGQ&ver=3.0

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

8c45ec0e9063feac05718301a772941ab47f8e509a87ce3ee5d523cf61d3ad96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 497
x-xss-protection: 1; mode=block
expires: Sat, 16 Nov 2019 14:50:37 GMT

GET
H2 200 bootstrap.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/ 28 KB
8 KB 7ms
4ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/bootstrap.min.js?ver=3.1.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:01:05 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d25d1-71b6"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 owl.carousel.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/ 44 KB
11 KB 11ms
6ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/owl.carousel.js?ver=3.1.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5487a6f59506a25686adc1bdad7ff4be9545349ddc7aadb0bfaa515ae3cf1244

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:01:06 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d25d2-b025"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 owl.navigation.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/ 10 KB
3 KB 11ms
7ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/owl.navigation.js?ver=3.1.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: d7cab659e3400afdb91ad13d5fea2fcd51025c85c1f25be6945a8e66429902d5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:01:06 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d25d2-2961"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js.cookie.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/ 4 KB
2 KB 11ms
7ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/js.cookie.js?ver=3.1.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:00:19 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d25a3-f20"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 10ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?ver=5.2.4

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

d350f4bb79509c72e6f6f2e129d474727adb21d18950f2e64a42d094faaba50f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: hR/YLgJ9MC451qhhWbCSYA==
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 1779
etag: "a306116e5bd3bb0be314f892299c6eae"
x-fb-debug: R0i4jIBOHSK3pazUXiCUti3NueMwnUkCSamkR9Re65diOTiWHvFBtGUdeHsPRYfge/qS5vCsd/NJsvDLAfpGJQ==
x-fb-trip-id: 420120009
x-fb-content-md5: 4fde0ac3a1007fdb8ba5e7e9dacdf726
x-frame-options: DENY
date: Sat, 16 Nov 2019 14:50:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 16 Nov 2019 14:59:52 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 30ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js?ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A9) /
Resource Hash: f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 16 Nov 2019 14:50:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Oct 2019 23:03:20 GMT
Server: ECS (fcn/41A9)
Etag: "dbb5834a50c19a7a8e3ad3ae8f1c1329+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28705

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 181 KB
55 KB 24ms
6ms Script
text/javascript 2a02:26f0:6c00:299::25eb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js?ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:299::25eb , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Play /
Resource Hash: 9a9285426a94bb895f4e1b03b7686dd49eeb765708f544b21ab375817cd58169

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-LI-UUID: /4E+jW6p1xWQ843s6ioAAA==
Date: Sat, 16 Nov 2019 14:50:37 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
Server: Play
X-Li-Pop: prod-ech2
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
X-LI-Proto: http/1.1
Content-Length: 55596
X-CDN: AKAM
X-Li-Fabric: prod-lva1
Expires: Sat, 16 Nov 2019 15:01:27 GMT

GET
H2 200 plugins.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/ 45 KB
12 KB 12ms
9ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/plugins.js?ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8289ed784e4285911ff9a7026d0edd50cab5adb0888824ce5e0e39b83816068d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:00:19 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d25a3-b520"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.flip.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/ 5 KB
2 KB 13ms
9ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/jquery.flip.min.js?ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 080809ddd5787387961416ee9e961e51066246556e47836c8b385630a80dd8be

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Sat, 22 Sep 2018 11:47:31 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5ba62bd3-1432"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 main.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/ 7 KB
3 KB 13ms
10ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/main.js?ver=1.83
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e5cd5c6afc45bab3a8dd7a1645b94a8b4598d03e0607bb145478deae02928cf4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Sat, 22 Sep 2018 12:19:10 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5ba6333e-1ca9"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 courses.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/ 4 KB
1 KB 13ms
10ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/courses.js
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ac212158a335abe8eed52a0950981a4aba012d70032cd0486835046a3fc0df53

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:00:19 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d25a3-1193"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/ 1 KB
1004 B 14ms
11ms Script
application/javascript 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=5.2.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Thu, 30 Aug 2018 12:40:26 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5b87e5ba-57b"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 load.js Show response
load.fomo.com/api/v1/D0-mndMM1SvdX5rGnwAssw/ 71 KB
19 KB 523ms
489ms Script
text/javascript 2606:4700:30::6812:22a2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://load.fomo.com/api/v1/D0-mndMM1SvdX5rGnwAssw/load.js

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:22a2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5577b181c7b96a6f503a457c50132a00c5aab30029de6ac6054a4f9fb4723ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
f-cache: hit
status: 200
content-encoding: br
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-request-id: d4042311-d916-4493-9d24-30947a240baf
x-runtime: 0.003697
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
f-script: load.js
etag: W/"a5577b181c7b96a6f503a457c50132a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=5, public, s-maxage=18000
cf-ray: 536a47432f51cbc4-VIE

GET
H2 200 lato-regular-webfont.woff2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/ 22 KB
22 KB 18ms
5ms Font
application/octet-stream 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/lato-regular-webfont.woff2
Requested by: Host: 4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com
URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js?ver=5.2.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b950f2899a41a8d45990d37c200c61641f5a79fbc007bf478b5144e96f0fadb9

Request headers

Sec-Fetch-Mode: cors
Referer: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin: https://cqureacademy.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 08:59:58 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d258e-5728"
vary: Accept-Encoding
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 21ms
5ms Script
text/plain 151.101.113.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
etag: "f32ebb1e93a72c0a57add6d07f688510"
age: 4576
x-cache: HIT
status: 200
content-length: 13681
x-amz-id-2: ROlPB0VFZ5GcsrT1Q7dXMbq5qidgEYG3ywjUTU60lv0RHGTf69uSQDfokYfUnMKfQKdVPOW0P7g=
x-served-by: cache-hhn4047-HHN
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1573915838.919075,VS0,VE0
date: Sat, 16 Nov 2019 14:50:37 GMT
vary: Accept-Encoding
x-amz-request-id: 78993FBD89C62755
via: 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1072

GET
H/1.1 200
OK snoo.gif
alb.reddit.com/ 35 B
316 B 352ms
88ms Image
image/gif 3.223.182.220
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAACrwE7EkAA==&s=367ckLEAUP9BdYsbCWEB-aL7h-YEiIWCv5ghuJ2RucQ=&ts=1573915837897
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.182.220 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-223-182-220.compute-1.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 16 Nov 2019 14:50:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 126 KB
34 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:81b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5BK3X4

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

452d04e57441eabb91f2a301c715b7d0f76167d585d6c01341ea819118d925e2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: br
last-modified: Sat, 16 Nov 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 34202
x-xss-protection: 0
expires: Sat, 16 Nov 2019 14:50:37 GMT

GET
H2 200 ctLVMi1_zBc
www.youtube.com/embed/ Frame C3A1 0
0 120ms
118ms Document
text/html 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ctLVMi1_zBc?rel=0&showinfo=0

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/ctLVMi1_zBc?rel=0&showinfo=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date: Sat, 16 Nov 2019 14:50:38 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=dp3KmntFGx4; path=/; domain=.youtube.com; expires=Thu, 14-May-2020 14:50:37 GMT; httponly VISITOR_INFO1_LIVE=dp3KmntFGx4; path=/; domain=.youtube.com; expires=Thu, 14-May-2020 14:50:37 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Fri, 17-Jul-2020 02:43:38 GMT YSC=xJXn0h-Swmk; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Sat, 16-Nov-2019 15:20:37 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 cqure-news.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/12/ 783 B
1009 B 36ms
34ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/12/cqure-news.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: cdc32aafdb46e903c85c178df5f250e8d90f88007643e1e492788d39fe4902b0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 07 Dec 2018 14:32:36 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5c0a8484-30f"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 783

GET
H2 200 cybersecurity-talk3.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
3 KB 36ms
33ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/cybersecurity-talk3.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a2b113be19e119bb84d4d396edf9926101dd13fbd381ca857af13037f4976d29

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 16 Nov 2018 15:48:05 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5beee6b5-9bc"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2492

GET
H2 200 forensics2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 965 B
1 KB 36ms
34ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/forensics2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: d43d91fe7a63061274c03685a82d12a2f1e15fce24fe4699231fcab4038a56b3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 16 Nov 2018 15:58:35 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5beee92b-3c5"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 965

GET
H2 200 identity-theft-protection2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 904 B
1 KB 36ms
34ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/identity-theft-protection2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 17e806417f302ed4a74c980ffde96df0d7535af0f215e97214a1cb8ee3a017ed

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 16 Nov 2018 15:58:48 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5beee938-388"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 904

GET
H2 200 ignite2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
2 KB 36ms
34ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ignite2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ef00d67e59b19eea79a2e8bf067d8910c6697de339adaee79d2856e2fdd0d760

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 16 Nov 2018 15:59:00 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5beee944-8bb"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2235

GET
H2 200 malware2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
3 KB 36ms
34ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/malware2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 3f3cd545367485ba660229234b213f845bea2841f41c580b005cb46e26605987

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 16 Nov 2018 15:59:13 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5beee951-91f"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2335

GET
H2 200 penetration-testing2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
2 KB 36ms
34ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/penetration-testing2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: dcbbf43562c4706b7646cddf34ee2f45e86b70dcff680f65287a15391bb0f272

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 16 Nov 2018 15:59:25 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5beee95d-8ad"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2221

GET
H2 200 secure-server2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
2 KB 36ms
34ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/secure-server2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 1ef0a96be1cfde52782ee9ddc0ef36f4bc1a72943c5de56fcf2a5ce677ec8a70

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 16 Nov 2018 15:59:38 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5beee96a-6e2"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1762

GET
H2 200 securing-infrastructure2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
2 KB 36ms
34ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/securing-infrastructure2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2cc358f06dc7a068cc0b177cfdbea09cf517681bb4fdca354b8ba13268b60851

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 16 Nov 2018 15:59:52 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5beee978-7f7"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2039

GET
H2 200 server-monitoring2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 960 B
1 KB 36ms
35ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/server-monitoring2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 77a5ec27e758b7c9bff23ef4f45200fe298fb51fe8ad87c008edc51b73442e33

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 16 Nov 2018 16:00:06 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5beee986-3c0"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 960

GET
H2 200 system-internals2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 871 B
1 KB 36ms
35ms Image
image/png 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/system-internals2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c2e273d2979485e959a68f54d1b5454697230d55f60dd40f12f416f591451cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Fri, 16 Nov 2018 16:02:36 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5beeea1c-367"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 871

GET
H2 200 newsletter.jpg
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/ 128 KB
128 KB 36ms
35ms Image
image/jpeg 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/newsletter.jpg
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b195b421eafc80f00471e0357daf039b5b1452ad7eef28fd4c5dfa1dc927c845

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
last-modified: Tue, 28 Nov 2017 09:00:12 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5a1d259c-1fece"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 130766

GET
H2 200 cqure_icons.ttf
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/ 19 KB
10 KB 7ms
6ms Font
application/octet-stream 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/cqure_icons.ttf?v=1.57
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5423a8eb065ad74539056dcd00ec57a155f134a6bb94338bac06167d517db2cb

Request headers

Sec-Fetch-Mode: cors
Referer: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin: https://cqureacademy.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 08:59:56 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d258c-4a78"
vary: Accept-Encoding
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 lato-bold-webfont.woff2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/ 22 KB
22 KB 8ms
7ms Font
application/octet-stream 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/lato-bold-webfont.woff2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f4b43899402b4c787457e1275ad825ff389fb54fc3fe146f9203e727d4aded61

Request headers

Sec-Fetch-Mode: cors
Referer: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin: https://cqureacademy.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 08:59:57 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d258d-57b0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 lato-light-webfont.woff2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/ 22 KB
22 KB 12ms
12ms Font
application/octet-stream 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/lato-light-webfont.woff2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: babd36a2da0a94172346873c11e2eb098205dfa23b553eda3d3fc7c180b1dc13

Request headers

Sec-Fetch-Mode: cors
Referer: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin: https://cqureacademy.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 08:59:58 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d258e-5680"
vary: Accept-Encoding
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/111122a0cd4b4ff782251b8f9d66a78b/ 43 B
455 B 356ms
94ms Image
image/gif 52.202.120.185
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q.quora.com/_/ad/111122a0cd4b4ff782251b8f9d66a78b/pixel?j=1&u=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&tag=ViewContent&ts=1573915837993
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.120.185 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-120-185.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 16 Nov 2019 14:50:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: 81,22a253287d44d70cefe47d67adf8d729,10.0.0.96,39178,144.76.109.30,,11288064161,1,1573915838.301,0.002,,.,0,0,0.000,0.000,-,0,0,304,191,95,10,26847,,,,,,,
Content-Type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BK3X4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1021
date: Sat, 16 Nov 2019 14:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sat, 16 Nov 2019 16:33:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 122 KB
27 KB 5ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1d0194204c2d3c2f02e0dd61ac75a7db82bf71749b8f9947adaf9145c26ba6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 27344
x-xss-protection: 0
pragma: public
x-fb-debug: KpRN/7HIVFp2/Fyunll4do8722702eudzeHQW4EsIdttLIGWnMqb1Du/t0Wl6390HHdgmkRrtQe+HT+gECXmPw==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Sat, 16 Nov 2019 14:50:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 20ms
6ms Script
application/javascript 151.101.112.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
content-encoding: gzip
age: 23854
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4034-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1573915838.044720,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 21ms
7ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 16 Nov 2019 14:50:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=50675
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.1/ 91 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js

Requested by

Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 Nov 2019 11:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358912
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33396
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Nov 2020 11:08:46 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2939
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Sat, 16 Nov 2019 15:01:39 GMT

GET
H2 200 load.gif
optassets.ontraport.com/opt_assets/images/ 13 KB
13 KB 17ms
16ms Image
image/gif 104.16.21.19
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optassets.ontraport.com/opt_assets/images/load.gif
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.21.19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ab21501c829516d91901c1f04da862d095aeb9e5019360aed6624920edd882

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://forms.ontraport.com/v2.4/include/minify/?g=moonrayCSS&ver=5.2.4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 143849
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-op-release: 3
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 536a4743cffbdff7-FRA
expires: Sat, 16 Nov 2019 15:50:38 GMT

GET
H2 200 raleway-bold-webfont.woff2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/ 18 KB
18 KB 7ms
6ms Font
application/octet-stream 94.31.29.96
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/raleway-bold-webfont.woff2
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 61d919573a1cf2539b7e2033dd8a8d9cca1363e429d20b52178dafc676f8b2e9

Request headers

Sec-Fetch-Mode: cors
Referer: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin: https://cqureacademy.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 08:59:59 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5a1d258f-48e4"
vary: Accept-Encoding
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 / Show response
load.sumo.com/ 2 KB
2 KB 41ms
12ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: b5ffce5cc19ac1e8f91222bddeedd7fef54e973a65579eb84ad5e5fb23e37eb8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: 6564BF9527AE9DB6
status: 200
cdn-cachedat: 2019-11-12 17:40:27
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: bBO4ag3n/cokDOFSstMpOUPCtT00Aqvb/pBrw+gFMO7FPXa+QVTE2Vaswh+2je89gFjTaBEO4j0=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:40:09 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=600
cdn-requestid: 32f627c44339c0d5a461e6f91087095f
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 903227543120584 Show response
connect.facebook.net/signals/config/ 348 KB
85 KB 89ms
89ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/903227543120584?v=2.9.11&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

38bafbc629255090475a0ff2769aabac6e2864c99fbfc4208d4adbf954f8c452

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: UZb2v+Ux68d+Yd8J82weExwY3LDT6ord3UeS8D3kxeeIonm9YB7lwXxG2ykzYEdSUYRX39LTi8aV1DKwN1KBtQ==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Sat, 16 Nov 2019 14:50:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ 223 KB
59 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 31 Oct 2019 10:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1398077
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 60529
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Oct 2020 10:29:21 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 59 KB
22 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5PDKTRJ&t=gtm2&cid=303054163.1573915838

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0024318f248b8f44b0ac665a5285a8277d4275129d03f5fa1da9ee980beec1b4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
content-encoding: br
last-modified: Sat, 16 Nov 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 22716
x-xss-protection: 0
expires: Sat, 16 Nov 2019 14:50:38 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=368491064&t=pageview&_s=1&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&ul=en-us&de=UTF-8&dt=Server%20Mes...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_gid=469899587.1573915838&gjid=1881358303&_v=j79&z=1321987430
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_v=j79&z=1321987430
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_v=j79&z=1321987430&slf_rd=1&random=1645506062

42 B
109 B

33ms
31ms

Image
image/gif

2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_v=j79&z=1321987430&slf_rd=1&random=1645506062

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Nov 2019 14:50:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Nov 2019 14:50:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_v=j79&z=1321987430&slf_rd=1&random=1645506062
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=29329&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&time=1573915838094
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D29329%26url%3Dhttps%253A%252F%252Fcqureacademy.com%252Fblog%252Fpenetration-testi...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=29329&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&time=1573915838094&liSync=true

0
88 B

179ms
178ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=29329&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&time=1573915838094&liSync=true
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 20
x-li-uuid: +8MLwR2s1xXQCF4pzyoAAA==

Redirect headers

date: Sat, 16 Nov 2019 14:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
vary: Accept-Encoding
content-length: 20
x-li-uuid: GpQ/th2s1xVQdxMkDCsAAA==
server: Play
pragma: no-cache
x-li-pop: prod-tln1
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=29329&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&time=1573915838094&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 130ms
117ms Image
image/gif 104.244.42.5
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvhhf&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Sat, 16 Nov 2019 14:50:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 98d2943b9aa125634aa7b522a0c7e4f9
x-transaction: 0013be5700da1156
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 / Show response
forms.ontraport.com/v2.4/include/minify/ 170 KB
45 KB 23ms
23ms Script
application/x-javascript 104.16.21.19
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.ontraport.com/v2.4/include/minify/?g=genjs-v3
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.21.19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77e1bf0857817f69d99968da0a4b99fa52c79bb8bbed3e3bf886a232c5ee0832

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 143870
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-op-pci: true
content-encoding: br
pragma: no-cache
x-op-what: what
last-modified: Thu, 12 Sep 2019 17:48:45 GMT
server: cloudflare
etag: W/"pub1568310525;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 536a47443978dff7-FRA
expires: Sat, 16 Nov 2019 15:50:38 GMT

GET
H2 200 76.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 131 KB
44 KB 15ms
15ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/76.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: c27cd5a59a652eb68cd1b2748f83e6686a41cb6876ff65c7943ca2b59a974cc0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: 3E1CF7509425BC33
status: 200
cdn-cachedat: 2019-11-12 17:40:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: 9dn9px+D6Rb/E6uHSH4Kq6eD1wOaIhPgnwziJ98dCdM40P0ZMn8iPl45fwC+tZAMFm10PKsFcC8=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:52 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: faf85d31b0732df775f7a1edf975b80a
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 78.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 289 KB
100 KB 15ms
15ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: 0ab6f946421111c85e299fa150e198410fc47c577efc815f204dbd116953c140

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: 4C3F0BC1D56C51B7
status: 200
cdn-cachedat: 2019-11-12 17:40:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: qp6f0hlG/XBOiGOFb2W76U42JhfgS8BomG1jjJoUSIkj2Fjrb+KwOWJfj5pbCQiiej1lQUvVfj0=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:54 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: d580e104269d644d2aa0850f1ca62000
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/ 254 KB
91 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeAW7YUAAAAAKMkVww0wWJLeHX4HspK47pMgqGQ&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 Nov 2019 18:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Nov 2019 05:06:47 GMT
server: sffe
age: 418953
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92852
x-xss-protection: 0
expires: Tue, 10 Nov 2020 18:28:05 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 21ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0a3a92b2efbb6841289b212a0ddcb821&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?ver=5.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

0ba1663b2c9bb708cbf55f9ded3de52c7397660dbc7b93d333551ac941695075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Origin: https://cqureacademy.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DyvkLNx2A9WHvIHBmmVv1A==
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 59475
etag: "806e10ecfb3930e40a6d28a00e07357f"
x-fb-debug: NWEek5Nfeg20gadCc0j9tTVsnIwG3f9GoVqZRP5ohXTIE1xzwUs5a912leYOi0b3R3r585cPq/CjtsrmYHg4cg==
x-fb-trip-id: 420120009
x-fb-content-md5: a8721b049472759d1c6379bb82b95481
x-frame-options: DENY
date: Sat, 16 Nov 2019 14:50:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sun, 15 Nov 2020 12:28:47 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/minify/?g=genjs-v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 Nov 2019 16:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1291283
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Oct 2020 16:09:15 GMT

GET
H2 200 moonrayform.paymentplandisplay.js Show response
app.ontraport.com/js/formeditor/moonrayform/paymentplandisplay/ 286 KB
101 KB 73ms
28ms Script
application/javascript 104.16.21.19
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ontraport.com/js/formeditor/moonrayform/paymentplandisplay/moonrayform.paymentplandisplay.js
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.21.19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f726d8c8299e58d46aeb6c01d88cd8afd6e69aa4a1346881de1492ff2575949

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
x-op-benvironment: production
vary: Accept-Encoding
cf-cache-status: HIT
age: 96
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
content-encoding: br
x-op-ca: 10.2.80.206
last-modified: Thu, 31 Oct 2019 20:43:39 GMT
server: cloudflare
etag: W/"5dbb477b-47817"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-op-release: 3
content-type: application/javascript
cache-control: public, max-age=300
x-op-class: app
cf-ray: 536a4744eb71dff7-FRA
expires: Sat, 16 Nov 2019 14:55:38 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
247 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=903227543120584&ev=PageView&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&rl=&if=false&ts=1573915838205&sw=1600&sh=1200&v=2.9.11&r=stable&ec=0&o=30&fbp=fb.1.1573915838204.1967924836&it=1573915838061&coo=false&rqm=GET

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Sat, 16 Nov 2019 14:50:38 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 0BC6 0
0 6ms
5ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0a3a92b2efbb6841289b212a0ddcb821&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
accept-encoding: gzip, deflate, br
cookie: fr=0wSZbYgNSfI5Wkkhn..Bd0Ay-...1.0.Bd0Ay-.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 14 Nov 2020 18:43:53 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: CAERiK0eqAzI+E731j92oyNsYFfD0PTu/pJZwTcbCBXDupLxmX3CK6rH7QEq8r7bbRv0OUUwq2MgJ7tLBs8JfQ==
content-length: 12385
x-fb-trip-id: 420120009
date: Sat, 16 Nov 2019 14:50:38 GMT
alt-svc: h3-23=":443"; ma=3600

GET
H2 200 css
fonts.googleapis.com/ 2 KB
600 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

9182a546655c16d5acb6103b1158a47c87ac239c03386e9200277c937a0ee6a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 16 Nov 2019 14:50:38 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sat, 16 Nov 2019 14:50:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Sat, 16 Nov 2019 14:50:38 GMT

POST
H2 200 / Show response
cqureacademy.com/ 210 B
536 B 526ms
526ms XHR
application/json 104.198.110.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cqureacademy.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.198.110.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

226.110.198.104.bc.googleusercontent.com

Software

nginx /

Resource Hash

3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 16 Nov 2019 14:50:38 GMT
x-content-type-options: nosniff
server: nginx
status: 200
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cqureacademy.com
cache-control: no-transform, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 210
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
635 B 140ms
127ms Script
application/javascript 104.244.42.131
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvhhf&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 121
pragma: no-cache
last-modified: Sat, 16 Nov 2019 14:50:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9769beb284a9848bec2f12f1eeffded4
x-transaction: 007e973f0013051e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html
platform.twitter.com/widgets/ Frame 9F44 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=https%3A%2F%2Fcqureacademy.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=5.2.4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 16 Nov 2019 14:50:38 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Tue, 22 Oct 2019 22:27:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B4)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame 408A
Redirect Chain

https://www.facebook.com/v2.6/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df106ad49e7cff7c%26domain%3Dcqu...
https://www.facebook.com/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df106ad49e7cff7c%26domain%3Dcqureaca...
https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df106ad49e7cff7c%26domain%3Dcqureaca...

0
0

82ms
82ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df106ad49e7cff7c%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&sdk=joey&version=v2.6&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0a3a92b2efbb6841289b212a0ddcb821&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df106ad49e7cff7c%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&sdk=joey&version=v2.6&width=550
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
accept-encoding: gzip, deflate, br
cookie: fr=0wSZbYgNSfI5Wkkhn..Bd0Ay-...1.0.Bd0Ay-.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 82bZ7Vagvo+YD2MYUMAVdO1YbQnkvxeDngLHitZDVm6x6GDopBWH2HytLZPMv7iNLTRP2sVsu077/O6w/zcpCQ==
date: Sat, 16 Nov 2019 14:50:38 GMT
alt-svc: h3-23=":443"; ma=3600

Redirect headers

status: 302
location: https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df106ad49e7cff7c%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&sdk=joey&version=v2.6&width=550
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: WKjS4HHNkjqlT4k5W5jgtSBB4KIBEP0Pxucue177C7x5mLp7BiqegQX729/bDYhKaYwWYXWn4XTOoSEeOIT5kQ==
content-length: 0
date: Sat, 16 Nov 2019 14:50:38 GMT
alt-svc: h3-23=":443"; ma=3600

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame 6F16
Redirect Chain

https://www.facebook.com/v2.6/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df8fadabd33d2dc%26domain%3Dcqur...
https://www.facebook.com/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df8fadabd33d2dc%26domain%3Dcqureacad...
https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df8fadabd33d2dc%26domain%3Dcqureacad...

0
0

163ms
163ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df8fadabd33d2dc%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&numposts=5&sdk=joey&version=v2.6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0a3a92b2efbb6841289b212a0ddcb821&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df8fadabd33d2dc%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&numposts=5&sdk=joey&version=v2.6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
accept-encoding: gzip, deflate, br
cookie: fr=0wSZbYgNSfI5Wkkhn..Bd0Ay-...1.0.Bd0Ay-.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: AHTdHthUZN54Kp22d+92q+jO8lGbkW57uwfLzt9P/Rw8phx1IEhkMzkYD+U5PFYKaUtcVwDazB8PnyWgdg+VLA==
date: Sat, 16 Nov 2019 14:50:38 GMT
alt-svc: h3-23=":443"; ma=3600

Redirect headers

status: 302
location: https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df8fadabd33d2dc%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff25043b6b4c65c%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&locale=en_US&numposts=5&sdk=joey&version=v2.6
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: mK7Y/2VLfpunYhWgDVx3aQ44VwtXfJ5z37FR+hS+TAN3D5IE2hjB17Wi5MIx4I7Jv7vowDzKmlahddAowGS4qg==
content-length: 0
date: Sat, 16 Nov 2019 14:50:38 GMT
alt-svc: h3-23=":443"; ma=3600

POST
H2 200 / Show response
sumo.com/api/load/ 874 B
1 KB 629ms
198ms XHR
application/json 52.34.133.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

6261ba033015b27da31749faaf492851fdbf4f1f8421404a25f2002e5228290e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cqureacademy.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 874

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame EF15 0
0 42ms
41ms Document
text/html 2a00:1450:4001:818::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeAW7YUAAAAAKMkVww0wWJLeHX4HspK47pMgqGQ&co=aHR0cHM6Ly9jcXVyZWFjYWRlbXkuY29tOjQ0Mw..&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=9lyws9be28it

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LDr27qEbgDcGS3MCRbvCyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeAW7YUAAAAAKMkVww0wWJLeHX4HspK47pMgqGQ&co=aHR0cHM6Ly9jcXVyZWFjYWRlbXkuY29tOjQ0Mw..&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=9lyws9be28it
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 16 Nov 2019 14:50:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-LDr27qEbgDcGS3MCRbvCyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9026
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ 20 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf2f8d980b3466bc479869776c7e22944d789cf5c1fc82e37a9cf3d8c171277

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96187aeadbd3138f31cb6b4da9bb73b4f3e952a9d633c3ca60b033aea30b2c64

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a62bc760a8fb96ac25892b4f2326450b2a14c8e79f58959a275c9c3e6a6d2fb3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5ef2e0fd81e377e8b9dac5cce525908836c9a93ed998d567b8878112b3c7716

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
950 B 23ms
22ms Script
application/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BK3X4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

46636d8106a55c20c57d84c69f60293f58f3bb4d9d174720e510450c01aa9df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:38 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300&subset=latin
Origin: https://cqureacademy.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 07:29:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 1495296
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9016
x-xss-protection: 0
expires: Thu, 29 Oct 2020 07:29:02 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflUFVyEP/ 23 KB
9 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflUFVyEP/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 13:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90327
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8680
x-xss-protection: 0
last-modified: Thu, 14 Nov 2019 11:18:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Sat, 23 Nov 2019 13:45:11 GMT

POST
H2 200 services Show response
sumo.com/ 37 KB
6 KB 336ms
335ms XHR
application/json 52.34.133.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

3cebdaf28b2bb010b471749f443a6ad85dac9c3915a05e7d6685de37392cb588

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-Sumo-Auth: zuoDMGHjgcCDqCYrV0lr1A7A
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://cqureacademy.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

GET
H2 200 proof.js Show response
cdn.getmoreproof.com/embed/latest/ 6 KB
2 KB 72ms
22ms Script
application/javascript 2600:9000:2156:ce00:a:6697:8180:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getmoreproof.com/embed/latest/proof.js?1573915839060
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:ce00:a:6697:8180:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 543c7142a0625b3ae2e5dcfa6226b98f498cc81503c526b5a36948be087ebb5f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 21:54:26 GMT
content-encoding: gzip
last-modified: Mon, 14 Jan 2019 19:54:45 GMT
server: AmazonS3
age: 3948974
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=315360000, no-transform, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ws1OjH-cxEkBOph4UvOdlk28eU4t4_MwjGxwVVmEfuciXmCYpvEYAg==
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)

GET
H/1.1 200
OK track.php Show response
cqure.ontraport.com/ 847 B
1 KB 733ms
223ms Script
text/html 209.170.211.179
ViaWest

General

Check archive.org

Show headers Download Go to

Full URL: https://cqure.ontraport.com/track.php?mid=104117_1_2&llc=https://cqureacademy.com/blog/penetration-testing/smb-relay-attack&first_visit=1&referral_page=&s=0z32rtr5w8wk6tfcn6wn&l=cqureacademy.com/blog/penetration-testing/smb-relay-attack&ti=Server%20Message%20Block:%20SMB%20Relay%20Attack%20(Attack%20That%20Always%20Works)%20%7C%20CQURE%20Academy&forms%5Bp2c104117f5%5D=0&is_unique=0
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/tracking.js?ver=5.2.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.170.211.179 Venice, United States, ASN13649 (ASN-VINS - ViaWest, US),
Reverse DNS: mail9.ontramail.com
Software: ONTRAport /
Resource Hash: e9e851223ba959dd311e6a67983855ea258cc6d5bda5a6a62b97fccaaa8b5365

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 16 Nov 2019 14:50:39 GMT
Content-Encoding: gzip
X-op-class: hosted
Server: ONTRAport
X-op-release: 3
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: text/html
X-op-ca: 144.76.109.30

GET
H2 200 9.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 97 KB
33 KB 13ms
12ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/9.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: 18b2a5aaef6a7f94c7d7e5f6cfa575892c3cdb44e7888e7096c7e67ae8b57053

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: CB6A43195ADB8987
status: 200
cdn-cachedat: 2019-11-12 17:40:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: TcLMIO+xcB8nR1RcAIdTR0SoVXVCQEzSXS39YJcsG9L5GyFWTLFntM6XPIv0zVVtA996xcb+Rb0=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:40:02 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: f7fd394298d04c178dc535192f266aae
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 6.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 5 KB
3 KB 14ms
13ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/6.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: d823724223a6b02b655f758436b570e3d2f5da12a4431a10eba167385edac476

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: A5120E0A865DFE8A
status: 200
cdn-cachedat: 2019-11-12 17:40:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: 5SqqGFTmTzxx0h8lDacv7zvuCYP6mDdtw5GQmv031TBl5/Z93CoHgyBqA7CwdZbJ46cYNUDVsVo=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:42 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 223dc5b07fb1561dacebcea7744c510c
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 2.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 3 KB
2 KB 14ms
13ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: D23082D65B065682
status: 200
cdn-cachedat: 2019-11-12 17:40:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: 8+UDaX2o+VSHHDdeAiOjobnz1h2l5/1Ie785SZqmAZqvQoT01SoiWZKpPjPANj0UD1kJL0CGtx8=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:15 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: d4fffb91e95682b03616ecfdefb23464
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 5.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 11 KB
5 KB 14ms
14ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/5.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: c8f8697a2259a036a6529be8a576ff97454f5be7d40758ac9377fe3c2f4edbc7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: AE08DA60CD492755
status: 200
cdn-cachedat: 2019-11-12 17:40:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: H0mUlTL9yq3DGs6ZI1Vs3DhHK7ICRkdO/DlRmm4Xmzh8pvuMzDU6OUvoWUETt4PHXNUsD+bnZCA=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:35 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 79c89288648ead9fb114ec04a326107e
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 24.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 92 KB
25 KB 23ms
23ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/24.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: bbac0d59459d4bc70301e3427a2188a2acd9bfb264dc93c806847a1c14bef142

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: 6779C0FA49C82D7C
status: 200
cdn-cachedat: 2019-11-12 17:40:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: cNBX4CqY+aG5EZV1ja+2+1HsnBfcQENap7HuP85kF0LkJLiP5Yby3oFA8ba19v7SpmhADv7eWBs=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:18 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 49b1ab133c07831cf8fb09d2c977e808
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 25.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 329 KB
94 KB 14ms
14ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/25.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: f49eecab4bcd973ef8095d89c112e06bfea9abd6e0c112cf2c5cc822f10f3184

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: 37B76974932DA112
status: 200
cdn-cachedat: 2019-11-12 17:40:32
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: T2hxpLd6F29TpbtW12VtyK5R7TS2pjC7HXUhsclCieXndqjGNFot8A9YE/C7+3Erj84R8fth84o=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:19 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: ecf26715cb4b5194a9b9300dc25ed5fd
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 23.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 178 KB
51 KB 20ms
20ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: ddaae4c5889faa19749c6e40b1d878c1e269708e2fd4d4dd2b50563b46de2615

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: 202920240CB77256
status: 200
cdn-cachedat: 2019-11-12 17:40:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: 8BpYhI02I8uW/QqunFJTFDy0U3CAx80juimYq+Sl4gtG8AFE4wR7TX9f9eymfDIpjx8XpsBZkxY=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:18 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: b8a881e5a3a3f3033820410398b3aee7
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 68.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 1 KB
1 KB 23ms
23ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/68.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: 245b50374a899db5d5bbe7f2f39386fbb882a47fa4ec5aa963228f4bcf7cdf31

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: C6B8CBA216CB0FE1
status: 200
cdn-cachedat: 2019-11-12 17:40:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: PbhyiZLYZYhsZWYa3a1NILTS6TsDa429Gb/8I/4l6bHSUJKmtWlx0Y6E4/iM9OWspZTXTnUvhZs=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:47 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: be63f287175f8ffc446e9d5dd0c44a89
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 0.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 5 KB
3 KB 13ms
13ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: 6db9f3631ed5d4253d68945e3db6fca861de9dfc6213932f2e63a5c8ca3ff807

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: 1E4E71D5F5CC928F
status: 200
cdn-cachedat: 2019-11-12 17:40:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: QJNZw/mqTjMlizb0Zb+PWq+GXFmTkRxruN2xQK77OZCo0f32RXKHBVcifTblLEozh3OLEQc2BJM=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:02 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: be4714bed7e1a1b96dd226cfa4cbb32f
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 1.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 1 KB
2 KB 13ms
13ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/1.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: 8f73acea2f431f8cb870e52e70e361d58848984334cbc2853d2c9feb1d111fdc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: 64BE93797BF6B625
status: 200
cdn-cachedat: 2019-11-12 17:40:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: lcjrwRFI82n9UXKTuKDXYC7wVVShMfGWx/5d0dFxzk709gI9H9qfuEE2HeHMzkQpeaYCsjM8x+c=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:03 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 9780f76ab79990f0c397b483585ceb9d
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 3.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 5 KB
2 KB 13ms
13ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/3.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: 252f563b05537cd837045b9184bdf4191740afb8ea503b4e1371f064cf082354

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: 5790C0B92F83E16A
status: 200
cdn-cachedat: 2019-11-12 17:40:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: wo8/DYCcO9z8MVthDM5/gJte/Gv2WLLOWPIWN187Anu6hLR4+KJH7KWVVkT6vIqgLi1kihqWAwk=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:22 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: b5cd522fc4d030e869e4ab354d760ea9
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 14.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 438 KB
129 KB 13ms
13ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/14.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: c7a88f5fec0eea772140c9df42cc36c96e9ccdd0a98e35c2ca04259e09f5611c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: 38C718BBAD781220
status: 200
cdn-cachedat: 2019-11-12 17:40:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: qL9MGiExRL8CivGcTFX/Pr61Q+d6UVD+k6aMdDmxmfXMFhAHEc850sgQtVf8xfpgL90rAVzcFzQ=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:11 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 029b1307679f6b17ea86d25afba72492
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 18.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 711 KB
52 KB 16ms
16ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: 9f7ccf3699372fb6fdf48a97069e636541eb5e2f34e7c6d29518ceb5dfb4b839

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: 63E0058780409458
status: 200
cdn-cachedat: 2019-11-12 17:40:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: 02+0/Tnqadrdk/7PbcKWvxGxqXbL5OMEEI6nsefyc+nhWcekEJJFCG00yvIhBhZSN2vwWwb0xL0=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:14 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 7e4a3b7670ad5740c52fb17d7cbd27ee
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 107.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 1 MB
79 KB 13ms
13ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/107.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: 13e8f2d3dc00c872c223ca8678ffd69c12105334f2a1eb372a39470342a8f315

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
cdn-edgestorageid: 540
x-amz-request-id: 674F7AC0E8879467
status: 200
cdn-cachedat: 2019-11-12 17:40:32
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2: 2B6klvoZoqd/4Y6sB5sHN+2lgOCAcOj+amjcyztEOOnmuex+O+/jkV1PVFVly0tNLzXqTQ3G0Ws=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:08 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: c9f95311e3ed4cca5455105f2c4556fa
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 111.fde4d176e489cfa75ee1.js Show response
load.sumo.com/ 219 B
822 B 15ms
15ms Script
text/javascript 2a02:6ea0:cf04::2
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/111.fde4d176e489cfa75ee1.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: BunnyCDN-DE1-540 /
Resource Hash: 9c0094a6b8b2c1188e3202bffd0a23bf1e8d852fc26d74b02d0fb2f52903e6d7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
cdn-edgestorageid: 540
x-amz-request-id: 691FA1EDB4DE1C69
status: 200
cdn-cachedat: 2019-11-12 17:40:32
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
content-length: 219
x-amz-id-2: Ypd4LRXZXA1Wpv7j1/xLpE/zEZfhCOR+gHdWWWUYvD+dsfEbs93G4T7mCYq8h8D40mhGmSZHxhU=
access-control-allow-origin: *
last-modified: Tue, 12 Nov 2019 16:39:09 GMT
server: BunnyCDN-DE1-540
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 02ca05dde9c477213a7256e658fa61c8
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/0.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 16 Nov 2019 14:50:39 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sat, 16 Nov 2019 14:50:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Sat, 16 Nov 2019 14:50:39 GMT

GET
H2 200 shares.json Show response
api.bufferapp.com/1/links/ 128 B
535 B 968ms
945ms Script
text/javascript 104.18.166.29
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bufferapp.com/1/links/shares.json?url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&callback=jQuery110208136248744252663_1573915838255&_=1573915838256

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.166.29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8434f935ec85281ba218321c12a5f28ce2eb9204aaf9694cdafc3691cf7fa56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=14400
cf-ray: 536a474e1cef9784-FRA
etag: W/"80-0zFKPA90vPOk36NANSverA"
expires: Sat, 16 Nov 2019 18:50:40 GMT

GET
H2 200 / Show response
graph.facebook.com/ 130 B
585 B 55ms
42ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&callback=jQuery110208136248744252663_1573915838257&_=1573915838258

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

af1bab56d87fbfde747a14ac0ba5ff323f50b7e6bd2d5ac49ef059994bba4533

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "d57a0879d70db18df0c26801d4aa7c769efd13c6"
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
x-fb-rev: 1001443398
alt-svc: h3-23=":443"; ma=3600
content-length: 130
pragma: no-cache
x-fb-debug: 6ARPJWRFRW8tZMSiJEUJ2rSXyr08+WrMVU/2eqha6MzK79y2iI/z6OlCjIgmsQiBlp3rF6WAG84YxCvHIS5JGg==
x-fb-trace-id: BFfjlu8zfnI
date: Sat, 16 Nov 2019 14:50:39 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AGSqWtKZY_WzmBp-c1zt6H6
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.11
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 links.getStats Show response
api.facebook.com/method/ 432 B
630 B 51ms
37ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/links.getStats?urls=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&format=json&callback=jQuery110208136248744252663_1573915838259&_=1573915838260

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

e0eea8468ceebe702396d5e7dab203d3fc6e61d9bce8ffa8b2096472f977bb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
status: 200
x-fb-rev: 1001443387
content-length: 268
pragma: no-cache
x-fb-debug: 3dONLyneZFuUwQwYHlSx5BQh6C90IijVyMRHaMlhPrutSiOlYVPzuNzzFc9WmZ9crhAdIuH3otszo5gkaD/wyg==
x-fb-trace-id: GgLM9d6mOEv
date: Sat, 16 Nov 2019 14:50:39 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-fb-request-id: AUgM8d6M_bEmh9BBRaGZR1P
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.11
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 rpc Show response
clients6.google.com/ 257 B
535 B 23ms
23ms XHR
application/json 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

58fba833efd4cb86a92cafb8ea091ffeadd0a6e5362a8d6413035c89fbe1c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/json

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 193
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
etag: "8rdxSLM23aKDGXxGktR95-tfZFY/JpBH-u0OtW7-QH55soPGsW5aYTQ"
vary: Origin, X-Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cqureacademy.com
access-control-expose-headers: Cache-Control,Content-Encoding,Content-Length,Content-Type,Date,ETag,Expires,Pragma,Server,Vary,X-Google-GFE-Backend-Request-Cost
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 404 share
www.linkedin.com/countserv/count/ 0
0 166ms
166ms Script
text/html 2a05:f500:11:101::b93f:9001
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linkedin.com/countserv/count/share?format=jsonp&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&callback=linkedinjsonpcallbackkzurmu&_=1573915838261
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9001 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 129 B
371 B 117ms
103ms Script
application/javascript 151.101.112.84
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?callback=jQuery110208136248744252663_1573915838262&source=6&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&_=1573915838263

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

bf817ab14700e4b362dbfca18dbdd2528283a68bba7803f0da70303a61ccaa1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pinterest-host: widgets.pinterest.com
date: Sat, 16 Nov 2019 14:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 7387360335082604
expires: Sat, 16 Nov 2019 15:05:39 GMT

GET
H2

200

button_info.json Show response
www.reddit.com/
Redirect Chain

https://reddit.com/button_info.json?url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&jsonp=jQuery110208136248744252663_1573915838264&_=1573915838265
https://www.reddit.com/button_info.json?url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&jsonp=jQuery110208136248744252663_1573915838264&_=1573915838265

149 B
720 B

399ms
386ms

Script
application/javascript

151.101.113.140
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/button_info.json?url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&jsonp=jQuery110208136248744252663_1573915838264&_=1573915838265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

snooserv /

Resource Hash

bd9c166e0ee5af31991d531d48fa3b897ee7f3f001fb918505fa6a12330b0451

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:40 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 149
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4077-HHN
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1573915840.746991,VS0,VE379
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

date: Sat, 16 Nov 2019 14:50:39 GMT
via: 1.1 varnish
server: snooserv
x-timer: S1573915840.710601,VS0,VE0
x-served-by: cache-fra19153-FRA
status: 301
x-cache: HIT
location: https://www.reddit.com/button_info.json?url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&jsonp=jQuery110208136248744252663_1573915838264&_=1573915838265
cache-control: private, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb44a5e28b65adaa17b5db1f931e4681ae8103a5f194b8c0704ecc5611a83bb3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f8dc7d01741f0ce36869304c3879f39798277cd03bba4c2f6ab49d72d890258

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
www.facebook.com/tr/ 44 B
151 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=903227543120584&ev=Microdata&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&rl=&if=false&ts=1573915839733&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Server%20Message%20Block%3A%20SMB%20Relay%20Attack%20(Attack%20That%20Always%20Works)%20%7C%20CQURE%20Academy%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.11&r=stable&ec=1&o=30&fbp=fb.1.1573915838204.1967924836&it=1573915838061&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Sat, 16 Nov 2019 14:50:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/0.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 16 Nov 2019 14:50:39 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sat, 16 Nov 2019 14:50:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Sat, 16 Nov 2019 14:50:39 GMT

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
237 B 183ms
183ms XHR
application/json 52.34.133.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cqureacademy.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

GET
H2 200 features Show response
sumo.com/api/site/14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f/ 3 KB
1 KB 192ms
191ms XHR
application/json 52.34.133.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f/features?site_id=14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

cef0427b6e047c2ad3394c51530c795a835df54637602c4d1768cb49758f62e9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
X-Sumo-Auth: zuoDMGHjgcCDqCYrV0lr1A7A

Response headers

date: Sat, 16 Nov 2019 14:50:40 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
etag: "-1421097924"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cqureacademy.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

GET
H2 200 features Show response
sumo.com/api/site/14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f/ 3 KB
1 KB 191ms
191ms XHR
application/json 52.34.133.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f/features?site_id=14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

cef0427b6e047c2ad3394c51530c795a835df54637602c4d1768cb49758f62e9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
X-Sumo-Auth: zuoDMGHjgcCDqCYrV0lr1A7A

Response headers

date: Sat, 16 Nov 2019 14:50:40 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
etag: "-1421097924"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cqureacademy.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
237 B 199ms
198ms XHR
application/json 52.34.133.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 16 Nov 2019 14:50:39 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cqureacademy.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
237 B 190ms
190ms XHR
application/json 52.34.133.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 16 Nov 2019 14:50:40 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cqureacademy.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 sumo-convert
micro-cdn.sumo.com/image-resize/ 69 KB
70 KB 36ms
10ms Image
image/webp 89.187.169.79
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://micro-cdn.sumo.com/image-resize/sumo-convert?uri=//media.sumo.com/6f9668e1f5ac369380dff7f0c9d3b7864cca7c0a49d4eb8ca6acfec44765ddc7&supported=webp,webp.alpha,webp.animation,webp.lossless&hash=901cc679984630adf26971d38804cd72802cdbfbd6cae0cdbc2b44ba596dc3a4&format=webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.79 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: edge-540.b-cdn.net
Software: BunnyCDN-DE1-540 / Express
Resource Hash: 0d1cabd488ce8ff50dc83b94b5fb5f01073adec598b717ccc76947c4ee9a9b38

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 14:50:40 GMT
server: BunnyCDN-DE1-540
x-powered-by: Express
status: 200
cdn-edgestorageid: 540
content-type: image/webp
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-pullzone: 31536
cdn-cachedat: 2019-10-29 07:48:07
cdn-requestid: 47da67e08884554c662533ffb9550a86
cdn-requestcountrycode: DE

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
237 B 193ms
193ms XHR
application/json 52.34.133.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 16 Nov 2019 14:50:40 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cqureacademy.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=368491064&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&ul=en-us&de=UTF-8&dt=Server%20M...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80845917-1&cid=1747239934.1573915848&jid=786457979&_gid=2069087816.1573915848&gjid=370877583&_v=j79&z=2080909965
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1747239934.1573915848&jid=786457979&_v=j79&z=2080909965
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1747239934.1573915848&jid=786457979&_v=j79&z=2080909965&slf_rd=1&random=2056591205

42 B
109 B

31ms
31ms

Image
image/gif

2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1747239934.1573915848&jid=786457979&_v=j79&z=2080909965&slf_rd=1&random=2056591205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Nov 2019 14:50:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Nov 2019 14:50:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1747239934.1573915848&jid=786457979&_v=j79&z=2080909965&slf_rd=1&random=2056591205
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 09:35:27	Name: NID Value: 191=RFYKW6ZMtLvIFDHChe4XF27Y3x8bzLYamKdGqZjl6QUu1L6f0oZEWjZcpcJhk3Uhz3d6saQyEgwV-H7NxTHlV5bLKQ7o2Nl0htEEV0SVoCQ9RK5Az5sPtUDc8oLUmFKCyhKiavsBd4KdB8OGpGe0bH7jOMx9q7ORJ28pEOLwLJE
.youtube.com/	1970-01-19 05:11:57	Name: GPS Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: xJXn0h-Swmk
.youtube.com/	1970-01-19 11:02:33	Name: PREF Value: f1=50000000
.youtube.com/	1970-01-19 09:31:07	Name: VISITOR_INFO1_LIVE Value: dp3KmntFGx4
.twitter.com/	1970-01-19 22:43:07	Name: personalization_id Value: "v1_fcuThV+6UVydSZCRf940JA=="
cqureacademy.com/	1970-01-19 13:57:31	Name: __smToken Value: zuoDMGHjgcCDqCYrV0lr1A7A
.cqureacademy.com/	1970-01-19 05:11:55	Name: _gat_UA-80845917-1 Value: 1
cqureacademy.com/	1970-01-25 20:29:45	Name: vid Value:
.cqureacademy.com/	1970-01-19 05:13:22	Name: _gid Value: GA1.2.469899587.1573915838
cqureacademy.com/	1970-01-25 20:29:45	Name: sess_ Value: 0z32rtr5w8wk6tfcn6wn
cqureacademy.com/	1970-01-25 20:29:45	Name: referral_page Value:
.facebook.com/	1970-01-19 07:21:31	Name: fr Value: 0wSZbYgNSfI5Wkkhn..Bd0Ay-...1.0.Bd0Ay-.
cqureacademy.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: fb6fe20bcae241b683487053f7ce5cba
.cqureacademy.com/	1970-01-19 22:43:07	Name: _ga Value: GA1.2.303054163.1573915838
.cqureacademy.com/	1970-01-19 07:21:31	Name: _gcl_au Value: 1.1.1697720858.1573915838
cqureacademy.com/	1970-01-25 20:29:45	Name: lastvisit Value: 1573915838
.cqureacademy.com/	1970-01-19 07:21:31	Name: _fbp Value: fb.1.1573915838204.1967924836
cqureacademy.com/blog/penetration-testing	1970-01-19 05:55:07	Name: __smVID Value: a43a14df6971323ae0633e5a72fa01f7d0d1fe8498bfc4754317fc16472a8b39

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js(Line 19) Message: Query variable %s not found sumotoken
console-api	log	URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js(Line 1) Message: install sumo badge...
console-api	log	URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js(Line 19) Message: Query variable %s not found sumopath
console-api	error	URL: https://cdn.getmoreproof.com/embed/latest/proof.js?1573915839060(Line 1) Message: You are using an old version of the Proof pixel which is no longer supported. Please replace this code with the new version https://help.useproof.com/setup/how-to-switch-to-the-new-pixel
console-api	info	URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js(Line 1) Message: CREATING SANDBOX FOR services/index/#services/index
console-api	info	URL: https://load.sumo.com/78.fde4d176e489cfa75ee1.js(Line 1) Message: CREATING SANDBOX FOR 156085c5-0017-4150-b225-a731ad248f38/service/#156085c5-0017-4150-b225-a731ad248f38/service
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: rendering share...
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: rendering for desktop...
console-api	log	URL: https://load.sumo.com/14.fde4d176e489cfa75ee1.js(Line 1) Message: style buffer update...
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: buffer
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: facebook
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: facebooklike
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: googleplus
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: linkedin
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: pinterest
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: reddit
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: yummly
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: googleplus: 0
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: pinterest: 0
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: reddit: 0
console-api	log	URL: https://load.sumo.com/18.fde4d176e489cfa75ee1.js(Line 1) Message: buffer: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com
a.quora.com
ajax.googleapis.com
alb.reddit.com
analytics.twitter.com
api.bufferapp.com
api.facebook.com
app.ontraport.com
cdn.getmoreproof.com
cdn.onesignal.com
clients6.google.com
connect.facebook.net
cqure.ontraport.com
cqureacademy.com
fonts.googleapis.com
fonts.gstatic.com
forms.ontraport.com
graph.facebook.com
load.fomo.com
load.sumo.com
micro-cdn.sumo.com
optassets.ontraport.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
q.quora.com
reddit.com
s.ytimg.com
snap.licdn.com
static.ads-twitter.com
staticxx.facebook.com
stats.g.doubleclick.net
sumo.com
t.co
widgets.pinterest.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.reddit.com
www.youtube.com
104.16.21.19
104.18.166.29
104.198.110.226
104.244.42.131
104.244.42.5
151.101.112.157
151.101.112.84
151.101.113.140
151.101.113.2
151.101.129.140
209.170.211.179
2600:9000:2156:ce00:a:6697:8180:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:30::6812:22a2
2606:4700::6812:e234
2a00:1450:4001:800::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:817::200a
2a00:1450:4001:818::2004
2a00:1450:4001:819::2003
2a00:1450:4001:81b::2008
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9a
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:299::25eb
2a02:6ea0:cf04::2
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9001
2a05:f500:11:101::b93f:9005
3.223.182.220
52.202.120.185
52.34.133.113
89.187.169.79
94.31.29.96
0024318f248b8f44b0ac665a5285a8277d4275129d03f5fa1da9ee980beec1b4
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
080809ddd5787387961416ee9e961e51066246556e47836c8b385630a80dd8be
0943f5876d184d55a66ac0c4989659a5dd98682fab8c5ab4d9ee5e624840317d
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
0ab6f946421111c85e299fa150e198410fc47c577efc815f204dbd116953c140
0ba1663b2c9bb708cbf55f9ded3de52c7397660dbc7b93d333551ac941695075
0d1cabd488ce8ff50dc83b94b5fb5f01073adec598b717ccc76947c4ee9a9b38
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
13e8f2d3dc00c872c223ca8678ffd69c12105334f2a1eb372a39470342a8f315
13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43
17e806417f302ed4a74c980ffde96df0d7535af0f215e97214a1cb8ee3a017ed
18b2a5aaef6a7f94c7d7e5f6cfa575892c3cdb44e7888e7096c7e67ae8b57053
1d0194204c2d3c2f02e0dd61ac75a7db82bf71749b8f9947adaf9145c26ba6ab
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ef0a96be1cfde52782ee9ddc0ef36f4bc1a72943c5de56fcf2a5ce677ec8a70
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
22ce7dd45d8a91a16e53255919ccf2c5bfca042a338ad6289830dee7d1676d84
245b50374a899db5d5bbe7f2f39386fbb882a47fa4ec5aa963228f4bcf7cdf31
252f563b05537cd837045b9184bdf4191740afb8ea503b4e1371f064cf082354
275fe7d757e1f7060357961110754bc56200b2eec0aece2ae009a3827131e170
29af56b62112eef5e5b0547812f2b093b6a8db2be7bc31fa9a1ae634026f4c1a
2bf2f8d980b3466bc479869776c7e22944d789cf5c1fc82e37a9cf3d8c171277
2cc358f06dc7a068cc0b177cfdbea09cf517681bb4fdca354b8ba13268b60851
2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972
2dd0eb5e44c81a864cd68e633a69701248b9298b0dc7eb2c75e67e2b1c19b4bc
2df44d8b29a890ddef74094a454f9043573ea1b22e61e25dad772085dd1b7a59
308b1eee7a3334b8b7b0278128609357f58ee3e5ffe668e5c37b201815547ca6
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
38bafbc629255090475a0ff2769aabac6e2864c99fbfc4208d4adbf954f8c452
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e
3cebdaf28b2bb010b471749f443a6ad85dac9c3915a05e7d6685de37392cb588
3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434
3f3cd545367485ba660229234b213f845bea2841f41c580b005cb46e26605987
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43cfd18499dc36719f7dd66b2b30aa62fbfc7dcd6861817d19a61c0a159c7403
44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd
452d04e57441eabb91f2a301c715b7d0f76167d585d6c01341ea819118d925e2
46636d8106a55c20c57d84c69f60293f58f3bb4d9d174720e510450c01aa9df0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4f8dc7d01741f0ce36869304c3879f39798277cd03bba4c2f6ab49d72d890258
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224
5423a8eb065ad74539056dcd00ec57a155f134a6bb94338bac06167d517db2cb
543c7142a0625b3ae2e5dcfa6226b98f498cc81503c526b5a36948be087ebb5f
5487a6f59506a25686adc1bdad7ff4be9545349ddc7aadb0bfaa515ae3cf1244
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789
5740666b44e1a8b08bc837088100fd26ed47d8af036f0ee9b987a4e154c2d4bd
58fba833efd4cb86a92cafb8ea091ffeadd0a6e5362a8d6413035c89fbe1c860
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
5df469a6e1876e709ce0e75537541695caebfd9bfb5222840e2685a83895cec3
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
61d919573a1cf2539b7e2033dd8a8d9cca1363e429d20b52178dafc676f8b2e9
6261ba033015b27da31749faaf492851fdbf4f1f8421404a25f2002e5228290e
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6db9f3631ed5d4253d68945e3db6fca861de9dfc6213932f2e63a5c8ca3ff807
6f726d8c8299e58d46aeb6c01d88cd8afd6e69aa4a1346881de1492ff2575949
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
77a5ec27e758b7c9bff23ef4f45200fe298fb51fe8ad87c008edc51b73442e33
77e1bf0857817f69d99968da0a4b99fa52c79bb8bbed3e3bf886a232c5ee0832
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8289ed784e4285911ff9a7026d0edd50cab5adb0888824ce5e0e39b83816068d
8434f935ec85281ba218321c12a5f28ce2eb9204aaf9694cdafc3691cf7fa56b
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
8c45ec0e9063feac05718301a772941ab47f8e509a87ce3ee5d523cf61d3ad96
8f73acea2f431f8cb870e52e70e361d58848984334cbc2853d2c9feb1d111fdc
9182a546655c16d5acb6103b1158a47c87ac239c03386e9200277c937a0ee6a7
96187aeadbd3138f31cb6b4da9bb73b4f3e952a9d633c3ca60b033aea30b2c64
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
96c058969978510f921d90fa989287aff3fbb0c4d0312a15df5bd164c09065da
96dfa580986db416a0669725412182121c477c7fd7a164bfe79ba17bfbcdb078
9a9285426a94bb895f4e1b03b7686dd49eeb765708f544b21ab375817cd58169
9c0094a6b8b2c1188e3202bffd0a23bf1e8d852fc26d74b02d0fb2f52903e6d7
9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642
9f7ccf3699372fb6fdf48a97069e636541eb5e2f34e7c6d29518ceb5dfb4b839
a2b113be19e119bb84d4d396edf9926101dd13fbd381ca857af13037f4976d29
a5577b181c7b96a6f503a457c50132a00c5aab30029de6ac6054a4f9fb4723ad
a62bc760a8fb96ac25892b4f2326450b2a14c8e79f58959a275c9c3e6a6d2fb3
a7260c89998dba51ffa677ea4292848fa9a3d364b013cb5ed5808976b42e02ec
a9ab21501c829516d91901c1f04da862d095aeb9e5019360aed6624920edd882
abbd792e20f71ea64e99928b3b9eac8c4052f3c4cbf6841e819aedadf19dd777
abde1a6237ed5d1c1ed7bebff3392073055e99fa6debe4abbd57c6ffdf3e43ae
ac212158a335abe8eed52a0950981a4aba012d70032cd0486835046a3fc0df53
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af1bab56d87fbfde747a14ac0ba5ff323f50b7e6bd2d5ac49ef059994bba4533
b195b421eafc80f00471e0357daf039b5b1452ad7eef28fd4c5dfa1dc927c845
b5ffce5cc19ac1e8f91222bddeedd7fef54e973a65579eb84ad5e5fb23e37eb8
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b950f2899a41a8d45990d37c200c61641f5a79fbc007bf478b5144e96f0fadb9
babd36a2da0a94172346873c11e2eb098205dfa23b553eda3d3fc7c180b1dc13
bbac0d59459d4bc70301e3427a2188a2acd9bfb264dc93c806847a1c14bef142
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bd536bda12f3412d79f47f4aab0d693fd32cfa3fcbefbebcecde78c8116274bf
bd9c166e0ee5af31991d531d48fa3b897ee7f3f001fb918505fa6a12330b0451
bde640de5fbcb53d6cf5bfaf352427d6371c08ae925c1ef74d18631852c4fba4
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0
bf817ab14700e4b362dbfca18dbdd2528283a68bba7803f0da70303a61ccaa1e
c06d3388152ecac303ec82b605cfa5768e404668e0fc92cb0f66d31025e1d832
c27cd5a59a652eb68cd1b2748f83e6686a41cb6876ff65c7943ca2b59a974cc0
c2e273d2979485e959a68f54d1b5454697230d55f60dd40f12f416f591451cd5
c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1
c7a88f5fec0eea772140c9df42cc36c96e9ccdd0a98e35c2ca04259e09f5611c
c8f8697a2259a036a6529be8a576ff97454f5be7d40758ac9377fe3c2f4edbc7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdc32aafdb46e903c85c178df5f250e8d90f88007643e1e492788d39fe4902b0
ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
cef0427b6e047c2ad3394c51530c795a835df54637602c4d1768cb49758f62e9
d350f4bb79509c72e6f6f2e129d474727adb21d18950f2e64a42d094faaba50f
d43d91fe7a63061274c03685a82d12a2f1e15fce24fe4699231fcab4038a56b3
d7cab659e3400afdb91ad13d5fea2fcd51025c85c1f25be6945a8e66429902d5
d823724223a6b02b655f758436b570e3d2f5da12a4431a10eba167385edac476
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcbbf43562c4706b7646cddf34ee2f45e86b70dcff680f65287a15391bb0f272
ddaae4c5889faa19749c6e40b1d878c1e269708e2fd4d4dd2b50563b46de2615
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0eea8468ceebe702396d5e7dab203d3fc6e61d9bce8ffa8b2096472f977bb38
e2210d6ac94a06c7a1f14dff4babd1971a6a45e0f8691e807d0df8c595a8137f
e3b077ffed74a8bd3fa19a6b276771c2a6f0d4df00bd3eea81078294fe3b3600
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a7af0f19adf1cf7d67e8fbecad6713ec9cde539f7dc5d134544366679e521
e5cd5c6afc45bab3a8dd7a1645b94a8b4598d03e0607bb145478deae02928cf4
e5ef2e0fd81e377e8b9dac5cce525908836c9a93ed998d567b8878112b3c7716
e9e851223ba959dd311e6a67983855ea258cc6d5bda5a6a62b97fccaaa8b5365
eb44a5e28b65adaa17b5db1f931e4681ae8103a5f194b8c0704ecc5611a83bb3
ecc2dc58ccbe0c654faa36f6c86de15eb09b7b0e99820d1b2c4efa5c317d5f3b
ef00d67e59b19eea79a2e8bf067d8910c6697de339adaee79d2856e2fdd0d760
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe
f49eecab4bcd973ef8095d89c112e06bfea9abd6e0c112cf2c5cc822f10f3184
f4b43899402b4c787457e1275ad825ff389fb54fc3fe146f9203e727d4aded61
f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9
fa768817b962146f574bf507b3f5a5a3bf552fe2bd9593591fcfc8fe1fc6080c
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29

cqureacademy.com Open in urlscan Pro 104.198.110.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

144 Requests

99 %HTTPS

59 %IPv6

27 Domains

44 Subdomains

38 IPs

6 Countries

3079 kBTransfer

8574 kBSize

19 Cookies

6 Outgoing links

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cqureacademy.com Open in urlscan Pro
104.198.110.226 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

99 %
HTTPS

59 %
IPv6

27
Domains

44
Subdomains

38
IPs

6
Countries

3079 kB
Transfer

8574 kB
Size

19
Cookies

144 HTTP transactions
13 data transactions