URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Submission: On November 16 via api from DE

Summary

This website contacted 38 IPs in 6 countries across 28 domains to perform 144 HTTP transactions.
The main IP is 104.198.110.226, located in Mountain View, United States and belongs to GOOGLE - Google LLC, US. The main domain is cqureacademy.com.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on June 20th 2019. Valid for: a year.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
3 104.198.110.226 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
54 94.31.29.96 33438 (HIGHWINDS2)
7 104.16.21.19 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f01... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 151.101.113.2 54113 (FASTLY)
1 3.223.182.220 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 7 2a00:1450:400... 15169 (GOOGLE)
1 52.202.120.185 14618 (AMAZON-AES)
1 151.101.112.157 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
18 2a02:6ea0:cf0... 60068 (CDN77)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 104.244.42.5 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
4 8 2a03:2880:f11... 32934 (FACEBOOK)
1 104.244.42.131 13414 (TWITTER)
8 52.34.133.113 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 209.170.211.179 13649 (ASN-VINS)
1 104.18.166.29 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.112.84 54113 (FASTLY)
1 1 151.101.129.140 54113 (FASTLY)
1 151.101.113.140 54113 (FASTLY)
1 89.187.169.79 60068 (CDN77)
144 38
Domain
Subdomains
Transfer
54 netdna-ssl.com
2 MB
27 sumo.com
708 KB
11 facebook.com
3 KB
8 ontraport.com
168 KB
5 google-analytics.com
42 KB
5 linkedin.com
57 KB
5 google.com
1 KB
5 ajax.googleapis.com
133 KB
4 facebook.net
172 KB
4 fonts.googleapis.com
3 KB
3 reddit.com
1 KB
3 twitter.com
29 KB
3 cqureacademy.com
25 KB
2 gstatic.com
100 KB
2 google.de
218 B
2 doubleclick.net
322 B
2 youtube.com
950 B
2 quora.com
14 KB
1 pinterest.com
371 B
1 bufferapp.com
535 B
1 getmoreproof.com
2 KB
1 ytimg.com
9 KB
1 t.co
448 B
1 licdn.com
2 KB
1 ads-twitter.com
2 KB
1 googletagmanager.com
34 KB
1 fomo.com
19 KB
1 onesignal.com
3 KB
144 28
Domain Requested by
54 4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com cqureacademy.com
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com
www.google-analytics.com
18 load.sumo.com cqureacademy.com
load.sumo.com
8 sumo.com load.sumo.com
8 www.facebook.com 4 redirects cqureacademy.com
connect.facebook.net
5 www.google-analytics.com 2 redirects www.googletagmanager.com
www.google-analytics.com
5 ajax.googleapis.com cqureacademy.com
forms.ontraport.com
4 connect.facebook.net cqureacademy.com
connect.facebook.net
4 www.google.com 2 redirects cqureacademy.com
www.gstatic.com
4 forms.ontraport.com cqureacademy.com
forms.ontraport.com
4 fonts.googleapis.com cqureacademy.com
ajax.googleapis.com
load.sumo.com
3 cqureacademy.com cqureacademy.com
ajax.googleapis.com
2 www.linkedin.com 1 redirects load.sumo.com
2 px.ads.linkedin.com 1 redirects cqureacademy.com
2 www.google.de cqureacademy.com
2 stats.g.doubleclick.net 2 redirects
2 www.youtube.com cqureacademy.com
www.googletagmanager.com
2 platform.twitter.com cqureacademy.com
platform.twitter.com
2 optassets.ontraport.com cqureacademy.com
www.google-analytics.com
1 micro-cdn.sumo.com
1 www.reddit.com
1 reddit.com 1 redirects
1 widgets.pinterest.com load.sumo.com
1 clients6.google.com load.sumo.com
1 api.facebook.com load.sumo.com
1 graph.facebook.com load.sumo.com
1 api.bufferapp.com load.sumo.com
1 cqure.ontraport.com optassets.ontraport.com
1 cdn.getmoreproof.com cqureacademy.com
1 s.ytimg.com www.youtube.com
1 fonts.gstatic.com ajax.googleapis.com
1 analytics.twitter.com static.ads-twitter.com
1 staticxx.facebook.com connect.facebook.net
1 app.ontraport.com forms.ontraport.com
1 www.gstatic.com www.google.com
1 t.co cqureacademy.com
1 snap.licdn.com cqureacademy.com
1 static.ads-twitter.com cqureacademy.com
1 q.quora.com cqureacademy.com
1 www.googletagmanager.com cqureacademy.com
1 alb.reddit.com cqureacademy.com
1 a.quora.com cqureacademy.com
1 load.fomo.com cqureacademy.com
1 platform.linkedin.com cqureacademy.com
1 cdn.onesignal.com cqureacademy.com
144 44

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
twitter.com
github.com
telegram.me
Subject / Issuer Validity Valid
cqureacademy.com
GlobalSign Extended Validation CA - SHA256 - G3
2019-06-20 -
2020-07-24
a year
*.googleapis.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA
2019-02-18 -
2020-02-27
a year
*.ontraport.com
Go Daddy Secure Certificate Authority - G2
2019-10-23 -
2020-11-21
a year
ssl898578.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-10-11 -
2020-04-18
6 months
www.google.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-11-06 -
2020-02-04
3 months
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-11-18
a year
platform.linkedin.com
DigiCert SHA2 Secure Server CA
2018-07-11 -
2020-07-15
2 years
sni149738.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-09-26 -
2020-04-03
6 months
quora.com
Let's Encrypt Authority X3
2019-10-25 -
2020-01-23
3 months
alb.reddit.com
Amazon
2019-05-20 -
2020-06-20
a year
*.google-analytics.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months
*.google.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months
*.quora.com
Let's Encrypt Authority X3
2019-09-30 -
2019-12-29
3 months
ads-twitter.com
DigiCert SHA2 High Assurance Server CA
2019-08-14 -
2020-08-18
a year
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years
*.sumo.com
Go Daddy Secure Certificate Authority - G2
2018-11-17 -
2020-01-16
a year
www.google.de
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2019-05-29 -
2021-06-29
2 years
t.co
DigiCert SHA2 High Assurance Server CA
2019-04-09 -
2020-04-01
a year
*.twitter.com
DigiCert SHA2 High Assurance Server CA
2019-04-09 -
2020-04-01
a year
*.getmoreproof.com
Amazon
2018-01-22 -
2019-02-22
a year
cqure.ontraport.com
Let's Encrypt Authority X3
2019-10-05 -
2020-01-03
3 months
api.bufferapp.com
DigiCert SHA2 Secure Server CA
2018-07-11 -
2020-07-15
2 years
www.linkedin.com
DigiCert SHA2 Secure Server CA
2018-05-30 -
2020-09-01
2 years
*.pinterest.com
DigiCert SHA2 High Assurance Server CA
2019-06-05 -
2020-07-22
a year
*.reddit.com
DigiCert SHA2 Secure Server CA
2018-08-17 -
2020-09-02
2 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
  • script /googleapis\.com\/.+webfont/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

144 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
smb-relay-attack
/blog/penetration-testing
78 KB
19 KB
Document
General
Full URL
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.198.110.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
226.110.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
275fe7d757e1f7060357961110754bc56200b2eec0aece2ae009a3827131e170

Request headers

:method
GET
:authority
cqureacademy.com
:scheme
https
:path
/blog/penetration-testing/smb-relay-attack
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
server
nginx
date
Sat, 16 Nov 2019 14:50:37 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
link
<https://cqureacademy.com/wp-json/>; rel="https://api.w.org/" <https://cqureacademy.com/?p=521>; rel=shortlink
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 1
x-pass-why
x-cache-group
normal
content-encoding
gzip
css?family=Hind
fonts.googleapis.com
1 KB
495 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Hind
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5740666b44e1a8b08bc837088100fd26ed47d8af036f0ee9b987a4e154c2d4bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 16 Nov 2019 14:50:37 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Sat, 16 Nov 2019 14:50:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Sat, 16 Nov 2019 14:50:37 GMT
style.min.css?ver=5.2.4
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library
29 KB
5 KB
Stylesheet
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Mon, 22 Apr 2019 12:40:04 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5cbdb624-726f"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css?ver=2.3.0
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build
14 KB
3 KB
Stylesheet
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.3.0
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e2210d6ac94a06c7a1f14dff4babd1971a6a45e0f8691e807d0df8c595a8137f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Mon, 14 Oct 2019 16:16:05 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5da49f45-3989"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
styles.css?ver=5.2.4
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/click-to-tweet-by-todaymade/assets/css
3 KB
993 B
Stylesheet
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/click-to-tweet-by-todaymade/assets/css/styles.css?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
a7260c89998dba51ffa677ea4292848fa9a3d364b013cb5ed5808976b42e02ec

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Dec 2018 09:59:01 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5c0f8a65-cea"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
styles.css?ver=5.1.4
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/contact-form-7/includes/css
2 KB
893 B
Stylesheet
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 03 Sep 2019 09:32:12 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5d6e331c-695"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
editor-style-shared.css?ver=5.2.4
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure
414 B
495 B
Stylesheet
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/editor-style-shared.css?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
96dfa580986db416a0669725412182121c477c7fd7a164bfe79ba17bfbcdb078

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 08:59:40 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d257c-19e"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
woocommerce-layout.css?ver=3.7.1
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css
16 KB
2 KB
Stylesheet
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.7.1
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e42a7af0f19adf1cf7d67e8fbecad6713ec9cde539f7dc5d134544366679e521

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Mon, 14 Oct 2019 16:16:06 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5da49f46-409e"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
woocommerce.css?ver=3.7.1
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css
61 KB
9 KB
Stylesheet
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.7.1
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
43cfd18499dc36719f7dd66b2b30aa62fbfc7dcd6861817d19a61c0a159c7403

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Mon, 14 Oct 2019 16:16:06 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5da49f46-f4af"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css?ver=2.22
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure
336 KB
49 KB
Stylesheet
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
abbd792e20f71ea64e99928b3b9eac8c4052f3c4cbf6841e819aedadf19dd777

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 07 Aug 2018 13:40:27 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5b69a14b-53e3d"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style-gocloud.css?ver=24.04
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure
4 KB
1 KB
Stylesheet
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style-gocloud.css?ver=24.04
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
c06d3388152ecac303ec82b605cfa5768e404668e0fc92cb0f66d31025e1d832

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 02 Oct 2018 16:56:34 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5bb3a342-f71"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
moonrayJS-only-wp-forms.css?ver=5.2.4
forms.ontraport.com/v2.4/include/scripts/moonrayJS
504 B
374 B
Stylesheet
General
Full URL
https://forms.ontraport.com/v2.4/include/scripts/moonrayJS/moonrayJS-only-wp-forms.css?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.21.19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc2dc58ccbe0c654faa36f6c86de15eb09b7b0e99820d1b2c4efa5c317d5f3b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
x-op-what
what
last-modified
Tue, 17 May 2016 19:03:18 GMT
server
cloudflare
etag
W/"573b6af6-1f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
536a47419970dff7-FRA
expires
Sat, 16 Nov 2019 14:52:37 GMT
?g=moonrayCSS&ver=5.2.4
forms.ontraport.com/v2.4/include/minify
9 KB
3 KB
Stylesheet
General
Full URL
https://forms.ontraport.com/v2.4/include/minify/?g=moonrayCSS&ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.21.19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
29af56b62112eef5e5b0547812f2b093b6a8db2be7bc31fa9a1ae634026f4c1a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
x-op-benvironment
production
cf-cache-status
HIT
age
143876
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
pragma
no-cache
x-op-what
what
last-modified
Tue, 18 Sep 2018 00:53:58 GMT
server
cloudflare
etag
W/"pub1537232038;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-credentials
true
cf-ray
536a47419971dff7-FRA
expires
Sat, 16 Nov 2019 15:50:37 GMT
jquery-ui.css?ver=5.2.4
ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/smoothness
32 KB
6 KB
Stylesheet
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/smoothness/jquery-ui.css?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
308b1eee7a3334b8b7b0278128609357f58ee3e5ffe668e5c37b201815547ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 02:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1339000
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5900
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Oct 2020 02:53:57 GMT
jquery.js?ver=1.12.4-wp
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery
95 KB
34 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 17:08:53 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5cdeeaa5-17a69"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js?ver=1.4.1
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery
10 KB
4 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"573eaa90-2748"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
picturefill.min.js?ver=3.0.2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/js
12 KB
5 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/js/picturefill.min.js?ver=3.0.2
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2dd0eb5e44c81a864cd68e633a69701248b9298b0dc7eb2c75e67e2b1c19b4bc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 03 Sep 2019 09:34:48 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5d6e33b8-2e20"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gtm4wp-form-move-tracker.js?ver=1.10.1
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/duracelltomi-google-tag-manager/js
1 KB
586 B
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.10.1
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 15 Oct 2019 06:39:02 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5da56986-5cf"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
modernizr-2.6.2-respond-1.1.0.min.js?ver=5.2.4
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor
19 KB
8 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 09:01:06 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d25d2-4c1c"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js?ver=5.2.4
ajax.googleapis.com/ajax/libs/jquery/3.1.0
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 16:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
340311
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30211
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Nov 2020 16:18:46 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks
8 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3018
etag
W/"967648c5f43f1acc3f64970983a5d03f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
536a474188ebcbc4-VIE
expires
Sun, 17 Nov 2019 02:50:37 GMT
logo.svg
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images
6 KB
3 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/logo.svg
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
fa768817b962146f574bf507b3f5a5a3bf552fe2bd9593591fcfc8fe1fc6080c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 09:00:12 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d259c-183b"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
smb-relay-attack-e1535975746446.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09
86 KB
86 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/smb-relay-attack-e1535975746446.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
abde1a6237ed5d1c1ed7bebff3392073055e99fa6debe4abbd57c6ffdf3e43ae

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Mon, 03 Sep 2018 11:55:46 GMT
server
NetDNA-cache/2.2
status
200
etag
"5b8d2142-15829"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
88105
smb-relay-attack-2-780x282.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09
50 KB
50 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/smb-relay-attack-2-780x282.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e3b077ffed74a8bd3fa19a6b276771c2a6f0d4df00bd3eea81078294fe3b3600

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Thu, 29 Sep 2016 18:19:14 GMT
server
NetDNA-cache/2.2
status
200
etag
"57ed5b22-c692"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
50834
smb-relay-attack-3-780x413.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09
427 KB
428 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/smb-relay-attack-3-780x413.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
0943f5876d184d55a66ac0c4989659a5dd98682fab8c5ab4d9ee5e624840317d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 21 Oct 2016 15:37:27 GMT
server
NetDNA-cache/2.2
status
200
etag
"580a3637-6abd9"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
437209
smb-relay-attack-4-e1473335768883.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09
122 KB
123 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/smb-relay-attack-4-e1473335768883.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
22ce7dd45d8a91a16e53255919ccf2c5bfca042a338ad6289830dee7d1676d84

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 21 Oct 2016 15:37:05 GMT
server
NetDNA-cache/2.2
status
200
etag
"580a3621-1e96f"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
125295
smb-relay-attack-5.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09
221 KB
221 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/smb-relay-attack-5.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
96c058969978510f921d90fa989287aff3fbb0c4d0312a15df5bd164c09065da

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 21 Oct 2016 15:36:49 GMT
server
NetDNA-cache/2.2
status
200
etag
"580a3611-37421"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
226337
smb-relay-attack-6-e1535975854840.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09
176 KB
177 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/09/smb-relay-attack-6-e1535975854840.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2df44d8b29a890ddef74094a454f9043573ea1b22e61e25dad772085dd1b7a59

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Mon, 03 Sep 2018 11:57:46 GMT
server
NetDNA-cache/2.2
status
200
etag
"5b8d21ba-2c0e7"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
180455
hi.jpg
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images
46 KB
46 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/hi.jpg
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
bde640de5fbcb53d6cf5bfaf352427d6371c08ae925c1ef74d18631852c4fba4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Tue, 28 Nov 2017 09:00:11 GMT
server
NetDNA-cache/2.2
status
200
etag
"5a1d259b-b799"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
47001
genjs-v3.php?html=false&uid=p2c104117f5
forms.ontraport.com/v2.4/include/formEditor
5 KB
2 KB
Script
General
Full URL
https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.21.19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df469a6e1876e709ce0e75537541695caebfd9bfb5222840e2685a83895cec3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:38 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
pragma
no-cache
x-op-what
what
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
536a4741b9eadff7-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
wp-emoji-release.min.js?ver=5.2.4
/wp-includes/js
14 KB
5 KB
Script
General
Full URL
https://cqureacademy.com/wp-includes/js/wp-emoji-release.min.js?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.198.110.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
226.110.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Mon, 08 Apr 2019 05:22:51 GMT
server
nginx
status
200
etag
W/"5caadaab-3610"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
woocommerce-smallscreen.css?ver=3.7.1
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css
7 KB
1 KB
Stylesheet
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.7.1
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Mon, 14 Oct 2019 16:16:06 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5da49f46-1a66"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
tracking.js?ver=5.2.4
optassets.ontraport.com
10 KB
3 KB
Script
General
Full URL
https://optassets.ontraport.com/tracking.js?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.21.19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd536bda12f3412d79f47f4aab0d693fd32cfa3fcbefbebcecde78c8116274bf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
4838
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-op-release
3
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
536a47425befdff7-FRA
expires
Sat, 16 Nov 2019 18:50:37 GMT
scripts.js?ver=5.1.4
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/contact-form-7/includes/js
14 KB
4 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 03 Sep 2019 09:32:12 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5d6e331c-3868"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.blockUI.min.js?ver=2.70
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui
9 KB
4 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Mon, 14 Oct 2019 16:16:06 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5da49f46-255e"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
js.cookie.min.js?ver=2.1.4
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/js-cookie
2 KB
1 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Mon, 14 Oct 2019 16:16:06 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5da49f46-736"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
woocommerce.min.js?ver=3.7.1
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/frontend
1 KB
870 B
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.7.1
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Mon, 14 Oct 2019 16:16:06 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5da49f46-5c0"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cart-fragments.min.js?ver=3.7.1
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/frontend
3 KB
1 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.7.1
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Mon, 14 Oct 2019 16:16:06 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5da49f46-b7c"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
api.js?render=6LeAW7YUAAAAAKMkVww0wWJLeHX4HspK47pMgqGQ&ver=3.0
www.google.com/recaptcha
763 B
595 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LeAW7YUAAAAAKMkVww0wWJLeHX4HspK47pMgqGQ&ver=3.0
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
8c45ec0e9063feac05718301a772941ab47f8e509a87ce3ee5d523cf61d3ad96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
497
x-xss-protection
1; mode=block
expires
Sat, 16 Nov 2019 14:50:37 GMT
bootstrap.min.js?ver=3.1.1
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor
28 KB
8 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/bootstrap.min.js?ver=3.1.1
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 09:01:05 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d25d1-71b6"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
owl.carousel.js?ver=3.1.1
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor
44 KB
11 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/owl.carousel.js?ver=3.1.1
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5487a6f59506a25686adc1bdad7ff4be9545349ddc7aadb0bfaa515ae3cf1244

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 09:01:06 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d25d2-b025"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
owl.navigation.js?ver=3.1.1
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor
10 KB
3 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/owl.navigation.js?ver=3.1.1
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
d7cab659e3400afdb91ad13d5fea2fcd51025c85c1f25be6945a8e66429902d5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 09:01:06 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d25d2-2961"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
js.cookie.js?ver=3.1.1
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js
4 KB
2 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/js.cookie.js?ver=3.1.1
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 09:00:19 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d25a3-f20"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sdk.js?ver=5.2.4
connect.facebook.net/en_US
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d350f4bb79509c72e6f6f2e129d474727adb21d18950f2e64a42d094faaba50f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
hR/YLgJ9MC451qhhWbCSYA==
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
1779
etag
"a306116e5bd3bb0be314f892299c6eae"
x-fb-debug
R0i4jIBOHSK3pazUXiCUti3NueMwnUkCSamkR9Re65diOTiWHvFBtGUdeHsPRYfge/qS5vCsd/NJsvDLAfpGJQ==
x-fb-trip-id
420120009
x-fb-content-md5
4fde0ac3a1007fdb8ba5e7e9dacdf726
x-frame-options
DENY
date
Sat, 16 Nov 2019 14:50:37 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 16 Nov 2019 14:59:52 GMT
widgets.js?ver=5.2.4
platform.twitter.com
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A9) /
Resource Hash
f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 16 Nov 2019 14:50:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Oct 2019 23:03:20 GMT
Server
ECS (fcn/41A9)
Etag
"dbb5834a50c19a7a8e3ad3ae8f1c1329+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28705
in.js?ver=5.2.4
platform.linkedin.com
181 KB
55 KB
Script
General
Full URL
https://platform.linkedin.com/in.js?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:299::25eb , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Play /
Resource Hash
9a9285426a94bb895f4e1b03b7686dd49eeb765708f544b21ab375817cd58169

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-LI-UUID
/4E+jW6p1xWQ843s6ioAAA==
Date
Sat, 16 Nov 2019 14:50:37 GMT
Content-Encoding
gzip
X-CDN-CLIENT-IP-VERSION
IPV6
Server
Play
X-Li-Pop
prod-ech2
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
Connection
keep-alive
X-LI-Proto
http/1.1
Content-Length
55596
X-CDN
AKAM
X-Li-Fabric
prod-lva1
Expires
Sat, 16 Nov 2019 15:01:27 GMT
plugins.js?ver=5.2.4
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js
45 KB
12 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/plugins.js?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8289ed784e4285911ff9a7026d0edd50cab5adb0888824ce5e0e39b83816068d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 09:00:19 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d25a3-b520"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.flip.min.js?ver=5.2.4
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js
5 KB
2 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/jquery.flip.min.js?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
080809ddd5787387961416ee9e961e51066246556e47836c8b385630a80dd8be

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Sat, 22 Sep 2018 11:47:31 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5ba62bd3-1432"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
main.js?ver=1.83
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js
7 KB
3 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/main.js?ver=1.83
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e5cd5c6afc45bab3a8dd7a1645b94a8b4598d03e0607bb145478deae02928cf4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Sat, 22 Sep 2018 12:19:10 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5ba6333e-1ca9"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
courses.js
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js
4 KB
1 KB
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/courses.js
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
ac212158a335abe8eed52a0950981a4aba012d70032cd0486835046a3fc0df53

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 09:00:19 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d25a3-1193"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js?ver=5.2.4
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js
1 KB
1004 B
Script
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=5.2.4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Thu, 30 Aug 2018 12:40:26 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5b87e5ba-57b"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
load.js
load.fomo.com/api/v1/D0-mndMM1SvdX5rGnwAssw
71 KB
19 KB
Script
General
Full URL
https://load.fomo.com/api/v1/D0-mndMM1SvdX5rGnwAssw/load.js
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:22a2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5577b181c7b96a6f503a457c50132a00c5aab30029de6ac6054a4f9fb4723ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:38 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
none
f-cache
hit
status
200
content-encoding
br
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-request-id
d4042311-d916-4493-9d24-30947a240baf
x-runtime
0.003697
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
f-script
load.js
etag
W/"a5577b181c7b96a6f503a457c50132a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
x-download-options
noopen
content-type
text/javascript; charset=utf-8
cache-control
max-age=5, public, s-maxage=18000
cf-ray
536a47432f51cbc4-VIE
lato-regular-webfont.woff2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts
22 KB
22 KB
Font
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/lato-regular-webfont.woff2
Requested by
Host: 4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com
URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js?ver=5.2.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
b950f2899a41a8d45990d37c200c61641f5a79fbc007bf478b5144e96f0fadb9

Request headers

Sec-Fetch-Mode
cors
Referer
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin
https://cqureacademy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 08:59:58 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d258e-5728"
vary
Accept-Encoding
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
qevents.js
a.quora.com
39 KB
14 KB
Script
General
Full URL
https://a.quora.com/qevents.js
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding
gzip
etag
"f32ebb1e93a72c0a57add6d07f688510"
age
4576
x-cache
HIT
status
200
content-length
13681
x-amz-id-2
ROlPB0VFZ5GcsrT1Q7dXMbq5qidgEYG3ywjUTU60lv0RHGTf69uSQDfokYfUnMKfQKdVPOW0P7g=
x-served-by
cache-hhn4047-HHN
last-modified
Fri, 25 Oct 2019 19:28:38 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer
S1573915838.919075,VS0,VE0
date
Sat, 16 Nov 2019 14:50:37 GMT
vary
Accept-Encoding
x-amz-request-id
78993FBD89C62755
via
1.1 varnish
cache-control
max-age=7200
accept-ranges
bytes
content-type
text/plain
x-cache-hits
1072
snoo.gif?q=CAAHAAABAAoACQAAACrwE7EkAA==&s=367ckLEAUP9BdYsbCWEB-aL7h-YEiIWCv5ghuJ2RucQ=&ts=1573915837897
alb.reddit.com
35 B
316 B
Image
General
Full URL
https://alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAACrwE7EkAA==&s=367ckLEAUP9BdYsbCWEB-aL7h-YEiIWCv5ghuJ2RucQ=&ts=1573915837897
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.182.220 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-223-182-220.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 16 Nov 2019 14:50:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
gtm.js?id=GTM-5BK3X4
www.googletagmanager.com
126 KB
34 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5BK3X4
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
452d04e57441eabb91f2a301c715b7d0f76167d585d6c01341ea819118d925e2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
br
last-modified
Sat, 16 Nov 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
34202
x-xss-protection
0
expires
Sat, 16 Nov 2019 14:50:37 GMT
ctLVMi1_zBc?rel=0&showinfo=0
www.youtube.com/embed
0
0
Document
General
Full URL
https://www.youtube.com/embed/ctLVMi1_zBc?rel=0&showinfo=0
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/ctLVMi1_zBc?rel=0&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date
Sat, 16 Nov 2019 14:50:38 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=dp3KmntFGx4; path=/; domain=.youtube.com; expires=Thu, 14-May-2020 14:50:37 GMT; httponly VISITOR_INFO1_LIVE=dp3KmntFGx4; path=/; domain=.youtube.com; expires=Thu, 14-May-2020 14:50:37 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Fri, 17-Jul-2020 02:43:38 GMT YSC=xJXn0h-Swmk; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Sat, 16-Nov-2019 15:20:37 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cqure-news.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/12
783 B
1009 B
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/12/cqure-news.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
cdc32aafdb46e903c85c178df5f250e8d90f88007643e1e492788d39fe4902b0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 07 Dec 2018 14:32:36 GMT
server
NetDNA-cache/2.2
status
200
etag
"5c0a8484-30f"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
783
cybersecurity-talk3.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11
2 KB
3 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/cybersecurity-talk3.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
a2b113be19e119bb84d4d396edf9926101dd13fbd381ca857af13037f4976d29

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 16 Nov 2018 15:48:05 GMT
server
NetDNA-cache/2.2
status
200
etag
"5beee6b5-9bc"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2492
forensics2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11
965 B
1 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/forensics2.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
d43d91fe7a63061274c03685a82d12a2f1e15fce24fe4699231fcab4038a56b3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 16 Nov 2018 15:58:35 GMT
server
NetDNA-cache/2.2
status
200
etag
"5beee92b-3c5"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
965
identity-theft-protection2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11
904 B
1 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/identity-theft-protection2.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
17e806417f302ed4a74c980ffde96df0d7535af0f215e97214a1cb8ee3a017ed

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 16 Nov 2018 15:58:48 GMT
server
NetDNA-cache/2.2
status
200
etag
"5beee938-388"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
904
ignite2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11
2 KB
2 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ignite2.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
ef00d67e59b19eea79a2e8bf067d8910c6697de339adaee79d2856e2fdd0d760

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 16 Nov 2018 15:59:00 GMT
server
NetDNA-cache/2.2
status
200
etag
"5beee944-8bb"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2235
malware2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11
2 KB
3 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/malware2.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
3f3cd545367485ba660229234b213f845bea2841f41c580b005cb46e26605987

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 16 Nov 2018 15:59:13 GMT
server
NetDNA-cache/2.2
status
200
etag
"5beee951-91f"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2335
penetration-testing2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11
2 KB
2 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/penetration-testing2.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
dcbbf43562c4706b7646cddf34ee2f45e86b70dcff680f65287a15391bb0f272

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 16 Nov 2018 15:59:25 GMT
server
NetDNA-cache/2.2
status
200
etag
"5beee95d-8ad"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2221
secure-server2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11
2 KB
2 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/secure-server2.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
1ef0a96be1cfde52782ee9ddc0ef36f4bc1a72943c5de56fcf2a5ce677ec8a70

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 16 Nov 2018 15:59:38 GMT
server
NetDNA-cache/2.2
status
200
etag
"5beee96a-6e2"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1762
securing-infrastructure2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11
2 KB
2 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/securing-infrastructure2.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2cc358f06dc7a068cc0b177cfdbea09cf517681bb4fdca354b8ba13268b60851

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 16 Nov 2018 15:59:52 GMT
server
NetDNA-cache/2.2
status
200
etag
"5beee978-7f7"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2039
server-monitoring2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11
960 B
1 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/server-monitoring2.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
77a5ec27e758b7c9bff23ef4f45200fe298fb51fe8ad87c008edc51b73442e33

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 16 Nov 2018 16:00:06 GMT
server
NetDNA-cache/2.2
status
200
etag
"5beee986-3c0"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
960
system-internals2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11
871 B
1 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/system-internals2.png
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
c2e273d2979485e959a68f54d1b5454697230d55f60dd40f12f416f591451cd5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Fri, 16 Nov 2018 16:02:36 GMT
server
NetDNA-cache/2.2
status
200
etag
"5beeea1c-367"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
871
newsletter.jpg
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images
128 KB
128 KB
Image
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/newsletter.jpg
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
b195b421eafc80f00471e0357daf039b5b1452ad7eef28fd4c5dfa1dc927c845

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
last-modified
Tue, 28 Nov 2017 09:00:12 GMT
server
NetDNA-cache/2.2
status
200
etag
"5a1d259c-1fece"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
130766
cqure_icons.ttf?v=1.57
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts
19 KB
10 KB
Font
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/cqure_icons.ttf?v=1.57
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5423a8eb065ad74539056dcd00ec57a155f134a6bb94338bac06167d517db2cb

Request headers

Sec-Fetch-Mode
cors
Referer
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin
https://cqureacademy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 08:59:56 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d258c-4a78"
vary
Accept-Encoding
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
lato-bold-webfont.woff2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts
22 KB
22 KB
Font
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/lato-bold-webfont.woff2
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f4b43899402b4c787457e1275ad825ff389fb54fc3fe146f9203e727d4aded61

Request headers

Sec-Fetch-Mode
cors
Referer
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin
https://cqureacademy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 08:59:57 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d258d-57b0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
lato-light-webfont.woff2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts
22 KB
22 KB
Font
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/lato-light-webfont.woff2
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
babd36a2da0a94172346873c11e2eb098205dfa23b553eda3d3fc7c180b1dc13

Request headers

Sec-Fetch-Mode
cors
Referer
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin
https://cqureacademy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 08:59:58 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d258e-5680"
vary
Accept-Encoding
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
pixel?j=1&u=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&tag=ViewContent&ts=1573915837993
q.quora.com/_/ad/111122a0cd4b4ff782251b8f9d66a78b
43 B
455 B
Image
General
Full URL
https://q.quora.com/_/ad/111122a0cd4b4ff782251b8f9d66a78b/pixel?j=1&u=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&tag=ViewContent&ts=1573915837993
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.120.185 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-202-120-185.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 16 Nov 2019 14:50:38 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
X-Q-Stat
81,22a253287d44d70cefe47d67adf8d729,10.0.0.96,39178,144.76.109.30,,11288064161,1,1573915838.301,0.002,,.,0,0,0.000,0.000,-,0,0,304,191,95,10,26847,,,,,,,
Content-Type
image/gif
analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BK3X4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1021
date
Sat, 16 Nov 2019 14:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sat, 16 Nov 2019 16:33:37 GMT
fbevents.js
connect.facebook.net/en_US
122 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1d0194204c2d3c2f02e0dd61ac75a7db82bf71749b8f9947adaf9145c26ba6ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
27344
x-xss-protection
0
pragma
public
x-fb-debug
KpRN/7HIVFp2/Fyunll4do8722702eudzeHQW4EsIdttLIGWnMqb1Du/t0Wl6390HHdgmkRrtQe+HT+gECXmPw==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Sat, 16 Nov 2019 14:50:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:38 GMT
content-encoding
gzip
age
23854
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-hhn4034-HHN
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1573915838.044720,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
insight.min.js
snap.licdn.com/li.lms-analytics
3 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 16 Nov 2019 14:50:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=50675
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.1
91 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js
Requested by
Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 11:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358912
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33396
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Nov 2020 11:08:46 GMT
ec.js
www.google-analytics.com/plugins/ua
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2939
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1306
x-xss-protection
0
expires
Sat, 16 Nov 2019 15:01:39 GMT
load.gif
optassets.ontraport.com/opt_assets/images
13 KB
13 KB
Image
General
Full URL
https://optassets.ontraport.com/opt_assets/images/load.gif
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.21.19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ab21501c829516d91901c1f04da862d095aeb9e5019360aed6624920edd882

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://forms.ontraport.com/v2.4/include/minify/?g=moonrayCSS&ver=5.2.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:38 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
143849
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-op-release
3
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
536a4743cffbdff7-FRA
expires
Sat, 16 Nov 2019 15:50:38 GMT
raleway-bold-webfont.woff2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts
18 KB
18 KB
Font
General
Full URL
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/raleway-bold-webfont.woff2
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
61d919573a1cf2539b7e2033dd8a8d9cca1363e429d20b52178dafc676f8b2e9

Request headers

Sec-Fetch-Mode
cors
Referer
https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin
https://cqureacademy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:38 GMT
content-encoding
gzip
last-modified
Tue, 28 Nov 2017 08:59:59 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"5a1d258f-48e4"
vary
Accept-Encoding
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
/
load.sumo.com
2 KB
2 KB
Script
General
Full URL
https://load.sumo.com/
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cf04::2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software
BunnyCDN-DE1-540 /
Resource Hash
b5ffce5cc19ac1e8f91222bddeedd7fef54e973a65579eb84ad5e5fb23e37eb8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:38 GMT
content-encoding
br
cdn-edgestorageid
540
x-amz-request-id
6564BF9527AE9DB6
status
200
cdn-cachedat
2019-11-12 17:40:27
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
x-amz-id-2
bBO4ag3n/cokDOFSstMpOUPCtT00Aqvb/pBrw+gFMO7FPXa+QVTE2Vaswh+2je89gFjTaBEO4j0=
access-control-allow-origin
*
last-modified
Tue, 12 Nov 2019 16:40:09 GMT
server
BunnyCDN-DE1-540
vary
Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=600
cdn-requestid
32f627c44339c0d5a461e6f91087095f
cdn-requestcountrycode
DE
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
903227543120584?v=2.9.11&r=stable
connect.facebook.net/signals/config
348 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/903227543120584?v=2.9.11&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
38bafbc629255090475a0ff2769aabac6e2864c99fbfc4208d4adbf954f8c452
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
UZb2v+Ux68d+Yd8J82weExwY3LDT6ord3UeS8D3kxeeIonm9YB7lwXxG2ykzYEdSUYRX39LTi8aV1DKwN1KBtQ==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Sat, 16 Nov 2019 14:50:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3
223 KB
59 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js
Requested by
Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 10:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1398077
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60529
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Oct 2020 10:29:21 GMT
js?id=GTM-5PDKTRJ&t=gtm2&cid=303054163.1573915838
www.google-analytics.com/gtm
59 KB
22 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5PDKTRJ&t=gtm2&cid=303054163.1573915838
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0024318f248b8f44b0ac665a5285a8277d4275129d03f5fa1da9ee980beec1b4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 14:50:38 GMT
content-encoding
br
last-modified
Sat, 16 Nov 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
22716
x-xss-protection
0
expires
Sat, 16 Nov 2019 14:50:38 GMT
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_v=j79&z=1321987430&slf_rd=1&random=1645506062
www.google.de/ads
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=368491064&t=pageview&_s=1&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fpenetration-testing%2Fsmb-relay-attack&ul=en-us&de=UTF-8&dt=Server%20Mes...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_gid=469899587.1573915838&gjid=1881358303&_v=j79&z=1321987430
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_v=j79&z=1321987430
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_v=j79&z=1321987430&slf_rd=1&random=1645506062
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=303054163.1573915838&jid=1630730735&_v=j79&z=1321987430&slf_rd=1&random=1645506062
Requested by
Host: cqureacademy.com
URL: https://cqureacademy.com/blog/penetration-testing/smb-relay-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM