blog.zecops.com Open in urlscan Pro
2606:4700:3037::ac43:bb2e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground...
Submission: On June 17 via api (June 17th 2020, 9:58:31 am UTC) from US

Summary HTTP 111 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 111 HTTP transactions. The main IP is 2606:4700:3037::ac43:bb2e, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.zecops.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 21st 2019. Valid for: 10 months.

This is the only time blog.zecops.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	2606:4700:303... 2606:4700:3037::ac43:bb2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:fa00:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:b400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
33	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:3000:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	18.195.176.77 18.195.176.77	16509 (AMAZON-02) (AMAZON-02)
3	167.99.251.246 167.99.251.246	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a02:26f0:10c... 2a02:26f0:10c:39e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	3.223.112.50 3.223.112.50	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:218... 2600:9000:2182:a000:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	195.181.175.46 195.181.175.46	60068 (CDN77) (CDN77)
1	195.181.175.51 195.181.175.51	60068 (CDN77) (CDN77)
5	195.181.175.49 195.181.175.49	60068 (CDN77) (CDN77)
111	20

49 2606:4700:3037::ac43:bb2e (United States)

ASN13335 (CLOUDFLARENET, US)

blog.zecops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zecops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:fa00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:b400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:3000:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.176.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-176-77.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.99.251.246 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (Phoenix, United States) 1 redirects

ASN33438 (HIGHWINDS2, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:39e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.112.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-112-50.compute-1.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:a000:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.181.175.46 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-44.cdn77.com

cdn-content.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.51 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-50.cdn77.com

cdn-static.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 195.181.175.49 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-47.cdn77.com

editor-upload-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	zecops.com blog.zecops.com www.zecops.com	1 MB
33	gstatic.com fonts.gstatic.com	409 KB
11	optimonk.com front.optimonk.com cdn-content.optimonk.com cdn-static.optimonk.com editor-upload-cdn.optimonk.com	289 KB
7	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com count-server.sharethis.com platform-cdn.sharethis.com	36 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	googleapis.com fonts.googleapis.com	6 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com	811 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	w.org s.w.org	1 KB
1	licdn.com snap.licdn.com	2 KB
1	google.de www.google.de	106 B
1	google.com 1 redirects www.google.com	183 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	152 B
1	consensu.org c.sharethis.mgr.consensu.org
1	googletagmanager.com www.googletagmanager.com	33 KB
111	15

	Domain	Requested by
47	blog.zecops.com	blog.zecops.com front.optimonk.com
33	fonts.gstatic.com	blog.zecops.com
5	editor-upload-cdn.optimonk.com	blog.zecops.com
3	platform-cdn.sharethis.com	blog.zecops.com
3	front.optimonk.com	blog.zecops.com front.optimonk.com
3	fonts.googleapis.com	blog.zecops.com
2	cdn-content.optimonk.com	blog.zecops.com
2	px.ads.linkedin.com	1 redirects blog.zecops.com
2	cdn.mouseflow.com	1 redirects blog.zecops.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	www.zecops.com	blog.zecops.com
1	cdn-static.optimonk.com	blog.zecops.com
1	www.linkedin.com	1 redirects
1	count-server.sharethis.com	platform-api.sharethis.com
1	s.w.org	blog.zecops.com
1	snap.licdn.com	blog.zecops.com
1	l.sharethis.com	platform-api.sharethis.com
1	www.google.de	blog.zecops.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	blog.zecops.com
1	www.googletagmanager.com	blog.zecops.com
111	24

This site contains links to these domains. Also see Links.

Domain
landing.optimonk.com
www.zecops.com
zecops.com
portal.msrc.microsoft.com
twitter.com
github.com
ricercasecurity.blogspot.com
en.wikipedia.org
docs.microsoft.com
www.crashops.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
zecops.com CloudFlare Inc ECC CA-2	`2019-12-21` - `2020-10-09`	10 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.sharethis.com Go Daddy Secure Certificate Authority - G2	`2017-09-26` - `2020-09-29`	3 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G2	`2020-04-25` - `2021-04-26`	a year	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-12` - `2022-09-14`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-03-04` - `2020-09-04`	6 months	crt.sh
1826902134.rsc.cdn77.org Let's Encrypt Authority X3	`2020-04-21` - `2020-07-20`	3 months	crt.sh
1316577893.rsc.cdn77.org Let's Encrypt Authority X3	`2020-06-08` - `2020-09-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Frame ID: 0B961C173710D1D0EFFFDC238F594F0D
Requests: 110 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: AE5411FA1EE7C4F42D5B3ED3F2D667A7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

111
Requests

100 %
HTTPS

65 %
IPv6

15
Domains

24
Subdomains

20
IPs

5
Countries

2043 kB
Transfer

4115 kB
Size

3
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://landing.optimonk.com/powered-by-optimonk/?utm_source=link&utm_medium=optimonk_popup&utm_campaign=108824&domain=blog.zecops.com
Title: Made with ♥️ by OptiMonk

Search URL Search Domain Scan URL

URL: https://www.zecops.com/contact-us?subj=Meet+Zecops+at+BlackHat+2019+and+DEF+CON+27
Title: Meet Zecops at BlackHat 2019 & DEF CON 27 | Schedule a meeting

Search URL Search Domain Scan URL

URL: https://www.zecops.com/solutions/gluon.html
Title: Gluon

Search URL Search Domain Scan URL

URL: https://www.zecops.com/solutions/neutrino.html
Title: Neutrino

Search URL Search Domain Scan URL

URL: https://www.zecops.com/solutions/electron.html
Title: Electron

Search URL Search Domain Scan URL

URL: https://www.zecops.com/company/about-us.html
Title: About

Search URL Search Domain Scan URL

URL: https://www.zecops.com/company/news.html
Title: News

Search URL Search Domain Scan URL

URL: https://www.zecops.com/company/events.html
Title: Events

Search URL Search Domain Scan URL

URL: https://www.zecops.com/contact/contact-us.html
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.zecops.com/contact/find-a-reseller.html
Title: Find a Reseller

Search URL Search Domain Scan URL

URL: https://zecops.com/
Title: ZecOps.com

Search URL Search Domain Scan URL

URL: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv200005
Title: announced

Search URL Search Domain Scan URL

URL: https://twitter.com/chompie1337
Title: chompie1337

Search URL Search Domain Scan URL

URL: https://github.com/chompie1337/SMBGhost_RCE_PoC
Title: first public RCE POC

Search URL Search Domain Scan URL

URL: https://ricercasecurity.blogspot.com/2020/04/ill-ask-your-body-smbghost-pre-auth-rce.html
Title: the writeup

Search URL Search Domain Scan URL

URL: https://twitter.com/RicercaSec
Title: Ricerca Security

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Heartbleed
Title: Heartbleed

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/c9efe8ca-ff34-44d0-bfbe-58a9b9db50d4
Title: Connecting to a Share by Using an SMB2 Negotiate – MSDN

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares
Title: anonymous access to named pipes or shares is not restricted

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/b34032e5-3aae-4bc6-84c3-c6d80eadf7f2
Title: NTLM Negotiate message

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/033d32cc-88f9-4483-9bf2-b273055038ce
Title: NTLM Authenticate message

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/d43e2224-6fc3-449d-9f37-b90b55a29c80
Title: NTLM2 V2 Response

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/aee311d6-21a7-4470-92a5-c4ecb022a87b
Title: NTLMv2_CLIENT_CHALLENGE

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/83f5e789-660d-4781-8491-5f8c6641f75e
Title: AV_PAIR

Search URL Search Domain Scan URL

URL: https://github.com/ZecOps/CVE-2020-0796-RCE-POC/blob/793b9360347b40341c5128bf9723edbd7c492b24/leak_pool_address.py
Title: here

Search URL Search Domain Scan URL

URL: https://github.com/MITRECND/chopshop/blob/master/ext_libs/lznt1.py
Title: about 80 Python lines for a decompression function

Search URL Search Domain Scan URL

URL: https://zecops.com/solutions/neutrino.html
Title: Endpoints & Servers

Search URL Search Domain Scan URL

URL: https://zecops.com/solutions/gluon.html
Title: Mobile devices

Search URL Search Domain Scan URL

URL: https://www.crashops.com/
Title: applications

Search URL Search Domain Scan URL

URL: https://www.zecops.com/reverse-bounty
Title: Join Reverse Bounty™ >

Search URL Search Domain Scan URL

URL: https://www.zecops.com/contact-us
Title: Contact Us >

Search URL Search Domain Scan URL

URL: https://www.facebook.com/zecopsinc/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/zecops
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zecops/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://zecops.com/solutions/neutrino.html?utm_source=blog&utm_medium=referral&utm_campaign=detect-with-neutrino-strip
Title: Detect Attacks (like SMBleed) with ZecOps Neutrino

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1095532637&t=pageview&_s=1&dl=https%3A%2F%2Fblog.zecops.com%2Fvulnerabilities%2Fsmbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce%2F&ul=en-us&de=UTF-8&dt=SMBleedingGhost%20Writeup%20Part%20II%3A%20Unauthenticated%20Memory%20Read%20-%20Preparing%20the%20Ground%20for%20an%20RCE%20-%20ZecOps%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1344005012&gjid=1457089678&cid=988284641.1592387890&tid=UA-104258807-9&_gid=1433722843.1592387890&_r=1&gtm=2ou640&z=1631006769 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-104258807-9&cid=988284641.1592387890&jid=1344005012&_gid=1433722843.1592387890&gjid=1457089678&_v=j83&z=1631006769 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104258807-9&cid=988284641.1592387890&jid=1344005012&_v=j83&z=1631006769 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104258807-9&cid=988284641.1592387890&jid=1344005012&_v=j83&z=1631006769&slf_rd=1&random=2841112854

Request Chain 64

https://cdn.mouseflow.com/projects/ebc65754-14d0-4b0e-bab5-fe23b2d089f0.js HTTP 301
https://cdn.mouseflow.com/projects/ebc65754-14d0-4b0e-bab5-fe23b2d089f0_eu.js

Request Chain 72

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2060060&url=https%3A%2F%2Fblog.zecops.com%2Fvulnerabilities%2Fsmbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce%2F&time=1592387892125 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2060060%26url%3Dhttps%253A%252F%252Fblog.zecops.com%252Fvulnerabilities%252Fsmbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce%252F%26time%3D1592387892125%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2060060&url=https%3A%2F%2Fblog.zecops.com%2Fvulnerabilities%2Fsmbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce%2F&time=1592387892125&liSync=true

111 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/ 93 KB
21 KB 1104ms
1070ms Document
text/html 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83b471816b2cfa34979c6ccf0cbc1ac1cc62d87678ea36743f6b291fa0227645

Request headers

:method: GET
:authority: blog.zecops.com
:scheme: https
:path: /vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 17 Jun 2020 09:58:08 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d662b051f5e5bc03d7453e70f230beda61592387887; expires=Fri, 17-Jul-20 09:58:07 GMT; path=/; domain=.zecops.com; HttpOnly; SameSite=Lax; Secure
x-pingback: https://blog.zecops.com/xmlrpc.php
link: <https://blog.zecops.com/wp-json/>; rel="https://api.w.org/", <https://blog.zecops.com/?p=1183>; rel=shortlink
cache-control: max-age=2592000
expires: Fri, 17 Jul 2020 09:58:08 GMT
cf-cache-status: DYNAMIC
cf-request-id: 03634ffaeb00009c573e3fa200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4be90b1fe59c57-AMS
content-encoding: br

GET
H2 200 style.min.css
blog.zecops.com/wp-content/themes/astra/assets/css/minified/ 94 KB
14 KB 39ms
34ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=1.6.4
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61dc93914b1acdeb58d7dd7a3ddfe0a7ef5c1adce030697f4a754683076a63a1

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 186859
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be918f99c9c57-AMS
cf-request-id: 036350039800009c573e067200000001
expires: Sat, 12 Dec 2020 06:03:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
760 B 20ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C%7COswald%3A500%2C&ver=1.6.4

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdf0ff4d784f7cc33bdfe014b90c2be1b79799ba7b4c0c8caf962cac96e03007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 09:58:10 GMT
server: ESF
date: Wed, 17 Jun 2020 09:58:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jun 2020 09:58:10 GMT

GET
H2 200 menu-animation.min.css
blog.zecops.com/wp-content/themes/astra/assets/css/minified/ 4 KB
442 B 38ms
34ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=1.6.4
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69a270b8516b01e9d59ed94b7fc69503eb08a475e81fc87f582c690851dee3cd

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 186859
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be918f99f9c57-AMS
cf-request-id: 036350039800009c573e068200000001
expires: Sat, 12 Dec 2020 06:03:51 GMT

GET
H2 200 style.min.css
blog.zecops.com/wp-includes/css/dist/block-library/ 52 KB
7 KB 26ms
22ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.1
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 863423
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be918f9a09c57-AMS
cf-request-id: 036350039900009c573e069200000001
expires: Fri, 04 Dec 2020 10:07:47 GMT

GET
H2 200 elementor-icons.min.css
blog.zecops.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 16 KB
3 KB 24ms
20ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.7.0
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e02d57c21d12f6a6a15787a18bfea58bc95887c2a21b23c4381b070c17472a

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 686727
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be918f9a19c57-AMS
cf-request-id: 036350039900009c573e06a200000001
expires: Sun, 06 Dec 2020 11:12:43 GMT

GET
H2 200 animations.min.css
blog.zecops.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
2 KB 28ms
24ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.11
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 686727
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be918f9a29c57-AMS
cf-request-id: 036350039900009c573e06b200000001
expires: Sun, 06 Dec 2020 11:12:43 GMT

GET
H2 200 frontend.min.css
blog.zecops.com/wp-content/plugins/elementor/assets/css/ 106 KB
14 KB 37ms
33ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.11
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c91018a6dd3f65e8cf561ef0b42aa05a89465e9ed70b2cc78e5c064b6ea11d7

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 686727
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be918f9a39c57-AMS
cf-request-id: 036350039900009c573e06c200000001
expires: Sun, 06 Dec 2020 11:12:43 GMT

GET
H2 200 frontend.min.css
blog.zecops.com/wp-content/plugins/elementor-pro/assets/css/ 201 KB
20 KB 26ms
23ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.9.5
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f29b92db1da38b76eb101f850d96b0a5b30d0ef692270512636bda16ad39330e

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 686419
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be918f9a49c57-AMS
cf-request-id: 036350039900009c573e06d200000001
expires: Sun, 06 Dec 2020 11:17:51 GMT

GET
H2 200 font-awesome.min.css
blog.zecops.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 30 KB
7 KB 35ms
32ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 834861
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be918f9a59c57-AMS
cf-request-id: 036350039900009c573e06e200000001
expires: Fri, 04 Dec 2020 18:03:49 GMT

GET
H2 200 global.css
blog.zecops.com/wp-content/uploads/elementor/css/ 18 KB
2 KB 24ms
21ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/uploads/elementor/css/global.css?ver=1591699670
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f4253e2bd8e31a6a8d3724f1677b0c1a8c09f5fa1319b047d5b3540d16045fc

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 686727
cf-polished: origSize=18995
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be918f9a69c57-AMS
cf-request-id: 036350039900009c573e06f200000001
expires: Sun, 06 Dec 2020 11:12:43 GMT

GET
H2 200 post-36.css
blog.zecops.com/wp-content/uploads/elementor/css/ 8 KB
1 KB 25ms
22ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/uploads/elementor/css/post-36.css?ver=1591699670
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b42a31843df2ba82c10c040287815bd8ca753f2b98ae6bd378ad1eb42137e0e5

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 686419
cf-polished: origSize=8837
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be918f9a79c57-AMS
cf-request-id: 036350039900009c573e070200000001
expires: Sun, 06 Dec 2020 11:17:51 GMT

GET
H2 200 post-66.css
blog.zecops.com/wp-content/uploads/elementor/css/ 3 KB
638 B 35ms
33ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/uploads/elementor/css/post-66.css?ver=1591699671
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a0ff25b7c074890ae406ee9811f70922c44b9ed9da5e68f4138db8b02f56d32

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 686419
cf-polished: origSize=2891
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be918f9a99c57-AMS
cf-request-id: 036350039900009c573e071200000001
expires: Sun, 06 Dec 2020 11:17:51 GMT

GET
H2 200 post-73.css
blog.zecops.com/wp-content/uploads/elementor/css/ 9 KB
1 KB 33ms
31ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/uploads/elementor/css/post-73.css?ver=1591699694
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d78fecdfd3598599ac9b376ef655c63333afc9930b93dcfc99c12fab5294b6

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 685710
cf-polished: origSize=10453
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be918f9aa9c57-AMS
cf-request-id: 036350039900009c573e072200000001
expires: Sun, 06 Dec 2020 11:29:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 83 KB
3 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22b58a4db86c1b3f60e95c940854307c2eb2ef74e4a3898b46f9f5adf6d34cdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 09:58:10 GMT
server: ESF
date: Wed, 17 Jun 2020 09:58:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jun 2020 09:58:10 GMT

GET
H2 200 wp-emoji-release.min.js Show response
blog.zecops.com/wp-includes/js/ 14 KB
4 KB 392ms
392ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.1
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be91939db9c57-AMS
cf-request-id: 03635003c300009c573e074200000001
expires: Fri, 17 Jul 2020 09:58:10 GMT

GET
H2 200 608.css
blog.zecops.com/wp-content/uploads/custom-css-js/ 1 KB
454 B 16ms
15ms Stylesheet
text/css 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/uploads/custom-css-js/608.css?v=9031
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5504fb4cfc85c849c966674e05316834df44e820d4ffb54253d15211e758511

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 99734
cf-polished: origSize=1460
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be9197a039c57-AMS
cf-request-id: 03635003ea00009c573e076200000001
expires: Sun, 13 Dec 2020 06:15:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104258807-9

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6dbe14add75213dda8d3878ac932bc4edee8b800a5b1442e9cb3bb9a7342aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33240
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Jun 2020 09:58:10 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 96 KB
30 KB 44ms
13ms Script
text/javascript 2600:9000:2182:fa00:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:fa00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: aecbe5a6f9da11593df75bb5d078c12e712bdb9387472faecbfd46191ffab054

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:57:42 GMT
content-encoding: gzip
age: 27
etag: W/"18076-fNFKa/tcaWxdnZRmxTa6qj+ppWA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
status: 200
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: uZTdG-363IPnVcQktJJ2rCovfSnET07_BjntbRHpWGvCEvwY--mFtg==
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)

GET
H2 200 notif-arrow.svg
www.zecops.com/images/ 1017 B
641 B 35ms
19ms Image
image/svg+xml 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zecops.com/images/notif-arrow.svg
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aaa6eec27a87a5db38bc737452200178c34c4356fc6b8031fddc07e96c4c901

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Apr 2020 14:09:09 GMT
server: cloudflare
age: 25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=7200
cf-ray: 5a4be91a3a739c57-AMS
cf-request-id: 036350046400009c573e07b200000001

GET
H2 200 zecops-blog-logo.svg
blog.zecops.com/wp-content/uploads/2020/04/ 13 KB
5 KB 20ms
19ms Image
image/svg+xml 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2020/04/zecops-blog-logo.svg
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edafd4a386b7df2b635342ec8173c93d1d4f1b3b2a0374fc16bc00ebb5a96546

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1145854
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2628000
cf-ray: 5a4be91a2a649c57-AMS
cf-request-id: 036350045800009c573e078200000001
expires: Tue, 01 Dec 2020 03:40:36 GMT

GET
H2 200 5e08fc03de9d4c0012d1058c.js Show response
buttons-config.sharethis.com/js/ 2 KB
3 KB 377ms
356ms Script
text/javascript 2600:9000:2182:b400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5e08fc03de9d4c0012d1058c.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:b400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5805bce3534a5504a2daa5b5324ff14498df7f2e863ecd566458cc4f1df8d5d5

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 17 Jun 2020 09:58:11 GMT
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jun 2020 23:48:59 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "10444bf81b701518efbe45729afa826d"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 2206
x-amz-cf-id: Qpagrl5ybF1ILPnrzlX5I8JD5G3CUuUIZpjGt5IGTGkLtJa3myj2Nw==

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Tue, 09 Jun 2020 03:24:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 714812
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Wed, 09 Jun 2021 03:24:38 GMT

GET
H2 200 HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevWnsUnxg.woff2
fonts.gstatic.com/s/sourcecodepro/v11/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcecodepro/v11/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevWnsUnxg.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad58bb5360bb0ac3964d9af1781d36e4e91e91be40e506bf6a174be865b7e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Fri, 12 Jun 2020 06:06:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 20:44:57 GMT
server: sffe
age: 445916
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11444
x-xss-protection: 0
expires: Sat, 12 Jun 2021 06:06:14 GMT

GET
H2 200 fontawesome-webfont.woff2
blog.zecops.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 75 KB
76 KB 17ms
16ms Font
font/woff2 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://blog.zecops.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Origin: https://blog.zecops.com

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
cf-cache-status: HIT
server: cloudflare
age: 1981720
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a4be91a2a659c57-AMS
content-length: 77160
cf-request-id: 036350045900009c573e079200000001
expires: Wed, 24 Jun 2020 11:29:30 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C%7COswald%3A500%2C&ver=1.6.4
Origin: https://blog.zecops.com

Response headers

date: Thu, 11 Jun 2020 02:33:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 545108
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Fri, 11 Jun 2021 02:33:02 GMT

GET
H2 200 N0bX2SlFPv1weGeLZDtgJv7Ss9XZYQ.woff2
fonts.gstatic.com/s/firamono/v8/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firamono/v8/N0bX2SlFPv1weGeLZDtgJv7Ss9XZYQ.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3fcb25354cf1e6fe068a6a83a9819574421125e1f475d0a4eac07aa912b4dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Tue, 09 Jun 2020 22:03:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:48:06 GMT
server: sffe
age: 647704
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Jun 2021 22:03:06 GMT

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame AE54 0
0 49ms
10ms Document
text/html 2600:9000:2182:3000:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:3000:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: max-age=600, public
edge-control: cache-maxage=60m,downstream-ttl=60m
accept-ranges: bytes
last-modified: Mon, 08 Jun 2020 17:01:40 GMT
etag: W/"39db-17294e16920"
content-encoding: gzip
date: Mon, 15 Jun 2020 22:16:53 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 0HiddeECbgbAh7808IMI4x-ymk2EAdVmw1gavpYNVLCnvDDsYHpOHg==
age: 128477

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104258807-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 4712
date: Wed, 17 Jun 2020 08:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 17 Jun 2020 10:39:38 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1095532637&t=pageview&_s=1&dl=https%3A%2F%2Fblog.zecops.com%2Fvulnerabilities%2Fsmbleedingghost-writeup-part-ii-unauthenticated-memory-read-p...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-104258807-9&cid=988284641.1592387890&jid=1344005012&_gid=1433722843.1592387890&gjid=1457089678&_v=j83&z=1631006769
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104258807-9&cid=988284641.1592387890&jid=1344005012&_v=j83&z=1631006769
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104258807-9&cid=988284641.1592387890&jid=1344005012&_v=j83&z=1631006769&slf_rd=1&random=2841112854

42 B
106 B

17ms
16ms

Image
image/gif

2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104258807-9&cid=988284641.1592387890&jid=1344005012&_v=j83&z=1631006769&slf_rd=1&random=2841112854

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 09:58:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Jun 2020 09:58:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104258807-9&cid=988284641.1592387890&jid=1344005012&_v=j83&z=1631006769&slf_rd=1&random=2841112854
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
337 B 89ms
22ms XHR
text/plain 18.195.176.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=blog.zecops.com&location=%2Fvulnerabilities%2Fsmbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce%2F&product=custom-share-buttons&url=https%3A%2F%2Fblog.zecops.com%2Fvulnerabilities%2Fsmbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce%2F&source=sharethis.js&fcmp=false&has_segmentio=false&title=SMBleedingGhost%20Writeup%20Part%20II%3A%20Unauthenticated%20Memory%20Read%20-%20Preparing%20the%20Ground%20for%20an%20RCE%20-%20ZecOps%20Blog&cms=unknown&publisher=5e08fc03de9d4c0012d1058c&sop=true&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&version=st_sop.js&lang=en
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.176.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-176-77.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 09:58:10 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://blog.zecops.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 profile@2x.png
blog.zecops.com/wp-content/uploads/2019/01/ 29 KB
29 KB 17ms
16ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2019/01/profile@2x.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c7c72d36f65a8575b4136f3f5ef30b8fa11f0430bc07e7370cccca0b1cae390

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
cf-cache-status: HIT
server: cloudflare
age: 1965574
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be91cdc9d9c57-AMS
content-length: 29197
cf-request-id: 036350060500009c573e08c200000001
expires: Sat, 21 Nov 2020 15:58:36 GMT

GET
H2 200 SMBleed-protocol.png
blog.zecops.com/wp-content/uploads/2020/06/ 69 KB
70 KB 18ms
18ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2020/06/SMBleed-protocol.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4912571636faec089efde2f425788bef6e3b2f9d847e98fbccd494caae338e03

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
cf-cache-status: HIT
server: cloudflare
age: 48620
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be91cdc9e9c57-AMS
content-length: 71151
cf-request-id: 036350060600009c573e08d200000001
expires: Sun, 13 Dec 2020 20:27:50 GMT

GET
H2 200 art-3@2x.jpg
blog.zecops.com/wp-content/uploads/2020/06/ 340 KB
340 KB 21ms
21ms Image
image/jpeg 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2020/06/art-3@2x.jpg
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce02494f62ec59d24a6269c9a2d3095dc2575e1da0f3409c3ee8080c496efe72

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
cf-cache-status: HIT
server: cloudflare
age: 100097
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be91cdca09c57-AMS
content-length: 347958
cf-request-id: 036350060600009c573e08e200000001
expires: Sun, 13 Dec 2020 06:09:53 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v31/ 25 KB
25 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v31/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Tue, 09 Jun 2020 00:20:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 00:19:42 GMT
server: sffe
age: 725837
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25376
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:20:53 GMT

GET
H2 200 SMBleed-AvPairs-SMB2-packet.png
blog.zecops.com/wp-content/uploads/2020/06/ 18 KB
18 KB 29ms
23ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2020/06/SMBleed-AvPairs-SMB2-packet.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67feadb2cf584943bbd1849013c8e1a01177c2b22005d1da4ad1f51c1c683185

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
cf-cache-status: HIT
server: cloudflare
age: 99856
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be91d7cf49c57-AMS
content-length: 18564
cf-request-id: 036350066600009c573e092200000001
expires: Sun, 13 Dec 2020 06:13:54 GMT

GET
H2 200 SMBleed-packet-2.png
blog.zecops.com/wp-content/uploads/2020/06/ 17 KB
18 KB 22ms
16ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2020/06/SMBleed-packet-2.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ff2aebb3d345f27358834b62ba1acef158074a183fa01cc1147f8c47b9ccfce

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
cf-cache-status: HIT
server: cloudflare
age: 99834
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be91d7cf69c57-AMS
content-length: 17849
cf-request-id: 036350066700009c573e093200000001
expires: Sun, 13 Dec 2020 06:14:16 GMT

GET
H2 200 SMBleed-table.png
blog.zecops.com/wp-content/uploads/2020/06/ 54 KB
55 KB 27ms
22ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2020/06/SMBleed-table.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e02efec98d48494053b65a31e7b8497a40495b99cbd6b84266804defe1470509

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
cf-cache-status: HIT
server: cloudflare
age: 99827
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be91d7cf79c57-AMS
content-length: 55634
cf-request-id: 036350066700009c573e094200000001
expires: Sun, 13 Dec 2020 06:14:23 GMT

GET
H2 200 SMBleed-compressed-packet-1.png
blog.zecops.com/wp-content/uploads/2020/06/ 26 KB
26 KB 23ms
18ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2020/06/SMBleed-compressed-packet-1.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 588eeb6394c42d2d83fd723d3db81b266d115ef046be36bd39fa9f46b765e2a7

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
cf-cache-status: HIT
server: cloudflare
age: 99826
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be91d7cf89c57-AMS
content-length: 26984
cf-request-id: 036350066700009c573e095200000001
expires: Sun, 13 Dec 2020 06:14:24 GMT

GET
H2 200 SMBleed-compressed-packet-2.png
blog.zecops.com/wp-content/uploads/2020/06/ 25 KB
26 KB 26ms
21ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2020/06/SMBleed-compressed-packet-2.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65c019e47166a534b5f1e162aa526bacad683bfa2e90e8efe3a1592021472f48

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
cf-cache-status: HIT
server: cloudflare
age: 99825
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be91d7cf99c57-AMS
content-length: 26104
cf-request-id: 036350066700009c573e096200000001
expires: Sun, 13 Dec 2020 06:14:25 GMT

GET
H2 200 SMBleed-packet-3.png
blog.zecops.com/wp-content/uploads/2020/06/ 17 KB
18 KB 21ms
17ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2020/06/SMBleed-packet-3.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f009819b4f72be371abc18ec79e99a31f5431fa832b05b9702813ea488c23f1f

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
cf-cache-status: HIT
server: cloudflare
age: 99823
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be91d7cfa9c57-AMS
content-length: 17835
cf-request-id: 036350066700009c573e097200000001
expires: Sun, 13 Dec 2020 06:14:27 GMT

GET
H2 200 SMBleed-compressed-packet-3.png
blog.zecops.com/wp-content/uploads/2020/06/ 27 KB
27 KB 16ms
16ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2020/06/SMBleed-compressed-packet-3.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa96b89659f8faabd7965ec036250e4f3a540a64aa8052c964f49854d1296628

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 99822
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be921effe9c57-AMS
content-length: 27891
cf-request-id: 036350093100009c573e0c1200000001
expires: Sun, 13 Dec 2020 06:14:29 GMT

GET
H2 200 SMBleed-decompression.png
blog.zecops.com/wp-content/uploads/2020/06/ 9 KB
9 KB 17ms
17ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2020/06/SMBleed-decompression.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b41f34a9aa8cb7df0efec50389b7a21656bce670e9606f79e81fd85d6965e57

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 99720
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be92208079c57-AMS
content-length: 8985
cf-request-id: 036350094200009c573e0c2200000001
expires: Sun, 13 Dec 2020 06:16:11 GMT

GET
H2 200 SMBleed-compressed-packet-4.png
blog.zecops.com/wp-content/uploads/2020/06/ 40 KB
40 KB 18ms
18ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2020/06/SMBleed-compressed-packet-4.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbb1f43277c639d1f5f1553cb604eda96b0fb18b6cdddd7013389163d078141c

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 99720
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be92228179c57-AMS
content-length: 40881
cf-request-id: 036350095600009c573e0c3200000001
expires: Sun, 13 Dec 2020 06:16:11 GMT

GET
H2 200 reverse-bounty.png
www.zecops.com/images/ 144 KB
144 KB 22ms
18ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zecops.com/images/reverse-bounty.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1633fa127f33d6a7db4b45e31e2f3258434fd37a1d391522905888931a5be93c

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:10 GMT
cf-cache-status: HIT
last-modified: Mon, 20 Apr 2020 14:09:43 GMT
server: cloudflare
age: 4492
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 5a4be91d7cfb9c57-AMS
content-length: 147190
cf-request-id: 036350066700009c573e098200000001

GET
H2 200 logo-white@2x.png
blog.zecops.com/wp-content/uploads/2019/01/ 10 KB
10 KB 16ms
15ms Image
image/png 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.zecops.com/wp-content/uploads/2019/01/logo-white@2x.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf0a15779d8618e6ee8d7147ea5630ec89254e5b3b58442dc856a62a5bbfbd9

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 195625
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 5a4be92238229c57-AMS
content-length: 10545
cf-request-id: 036350096700009c573e0c4200000001
expires: Sat, 12 Dec 2020 03:37:46 GMT

GET
H2 200 style.min.js Show response
blog.zecops.com/wp-content/themes/astra/assets/js/minified/ 9 KB
3 KB 270ms
270ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=1.6.4
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3609c9c0421133a949705dbdf62b7cc489278e96eb6389bcbd6b347cd119b1

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be91d7cfc9c57-AMS
cf-request-id: 036350066800009c573e099200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 comment-reply.min.js Show response
blog.zecops.com/wp-includes/js/ 2 KB
1 KB 299ms
295ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-includes/js/comment-reply.min.js?ver=5.4.1
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be91d9d209c57-AMS
cf-request-id: 036350067c00009c573e09b200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 wp-embed.min.js Show response
blog.zecops.com/wp-includes/js/ 1 KB
749 B 269ms
265ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-includes/js/wp-embed.min.js?ver=5.4.1
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be91d9d239c57-AMS
cf-request-id: 036350067e00009c573e09c200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 jquery.js Show response
blog.zecops.com/wp-includes/js/jquery/ 95 KB
32 KB 510ms
508ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be91d9d249c57-AMS
cf-request-id: 036350067f00009c573e09d200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 jquery-migrate.min.js Show response
blog.zecops.com/wp-includes/js/jquery/ 10 KB
4 KB 271ms
270ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be91d9d269c57-AMS
cf-request-id: 036350067f00009c573e09e200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 jquery.smartmenus.min.js Show response
blog.zecops.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
7 KB 390ms
389ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be91d9d279c57-AMS
cf-request-id: 036350067f00009c573e09f200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 frontend-modules.min.js Show response
blog.zecops.com/wp-content/plugins/elementor/assets/js/ 59 KB
16 KB 428ms
428ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.9.11
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c13d2486793a00c548b8d18157a4ff7bb360d145ed093a1c3d6f729a9fbbeaf0

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be91f2e4f9c57-AMS
cf-request-id: 036350077700009c573e0ab200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 HI_XiYsKILxRpg3hIP6sJ7fM7PqtlsnDs-cq7Gq0DA.woff2
fonts.gstatic.com/s/sourcecodepro/v11/ 11 KB
11 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcecodepro/v11/HI_XiYsKILxRpg3hIP6sJ7fM7PqtlsnDs-cq7Gq0DA.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4999f4d77d560c9fe7661a50ee67ceceded60874b3d461dfc43c6fe3a02125f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Thu, 11 Jun 2020 02:24:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 20:44:55 GMT
server: sffe
age: 545601
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11548
x-xss-protection: 0
expires: Fri, 11 Jun 2021 02:24:49 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Sat, 13 Jun 2020 02:28:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
server: sffe
age: 372551
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13640
x-xss-protection: 0
expires: Sun, 13 Jun 2021 02:28:59 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff4eb7e4df6e09b7fba76e1957f3fc0f703496a13d23a5a245bb2709810b0c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Tue, 09 Jun 2020 03:19:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:53 GMT
server: sffe
age: 715149
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14024
x-xss-protection: 0
expires: Wed, 09 Jun 2021 03:19:01 GMT

GET
H2 200 jquery.sticky.min.js Show response
blog.zecops.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 6 KB
2 KB 274ms
274ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.9.5
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be91f4e669c57-AMS
cf-request-id: 036350078a00009c573e0ad200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 frontend.min.js Show response
blog.zecops.com/wp-content/plugins/elementor-pro/assets/js/ 99 KB
21 KB 507ms
507ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.9.5
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 035dbb332037081e3284c7d52e699439ffadf14a691bf17a65d93ca1a68eb64a

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be91f4e759c57-AMS
cf-request-id: 036350078e00009c573e0ae200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 position.min.js Show response
blog.zecops.com/wp-includes/js/jquery/ui/ 6 KB
2 KB 299ms
299ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e3bd23f892a7823c8419303360e545aa10d63f307d8117abf1fb1b1f756f58a

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be91f6e9d9c57-AMS
cf-request-id: 03635007a500009c573e0af200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 dialog.min.js Show response
blog.zecops.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
3 KB 299ms
298ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.6
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb567d9bafc7064a86cd894d15a4a43073fe20789bafc64a47ac5efcf7a78285

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be9200f059c57-AMS
cf-request-id: 036350080600009c573e0b4200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 waypoints.min.js Show response
blog.zecops.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 295ms
294ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be920cf6b9c57-AMS
cf-request-id: 036350087e00009c573e0b6200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 swiper.min.js Show response
blog.zecops.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
33 KB 510ms
509ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be920ff809c57-AMS
cf-request-id: 036350089c00009c573e0b8200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 share-link.min.js Show response
blog.zecops.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 269ms
268ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=2.9.11
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20d67dc1d22cadd6326639e1510929bd3bfdefe7a3a4bd2d78160514b3aa6f50

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be9214fa79c57-AMS
cf-request-id: 03635008d100009c573e0bc200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 frontend.min.js Show response
blog.zecops.com/wp-content/plugins/elementor/assets/js/ 115 KB
29 KB 514ms
513ms Script
application/javascript 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.9.11
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8d26e64943901b4267d4be0e80ea5edfee8e7c2b7c4802ba112ffbf7ff48a84

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:11 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2628000, private
cf-ray: 5a4be921dfec9c57-AMS
cf-request-id: 036350092400009c573e0c0200000001
expires: Fri, 17 Jul 2020 09:58:11 GMT

GET
H2 200 preload.js Show response
front.optimonk.com/public/108824/js/ 37 KB
9 KB 97ms
43ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/108824/js/preload.js

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

61d09839f8532e5638a2950a06890d8ec95520efd82912695f31975443744613

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
status: 200
etag: W/"9541-lxnr71YNJiz7taHPNqZPIEzwrlQ"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2

200

ebc65754-14d0-4b0e-bab5-fe23b2d089f0_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/ebc65754-14d0-4b0e-bab5-fe23b2d089f0.js
https://cdn.mouseflow.com/projects/ebc65754-14d0-4b0e-bab5-fe23b2d089f0_eu.js

764 B
659 B

14ms
13ms

Script
application/javascript

23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/ebc65754-14d0-4b0e-bab5-fe23b2d089f0_eu.js
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2020 23:25:01 GMT
server: NetDNA-cache/2.2
etag: W/"e5e575b3544d61:0"
status: 200
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

status: 301
date: Wed, 17 Jun 2020 09:58:12 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
location: https://cdn.mouseflow.com/projects/ebc65754-14d0-4b0e-bab5-fe23b2d089f0_eu.js
content-type: text/html

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 33ms
10ms Script
application/x-javascript 2a02:26f0:10c:39e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 09:58:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=46228
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 1f4dd.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 2 KB
1 KB 42ms
13ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/svg/1f4dd.svg

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2da171deb90da583dc32b200cffee0535c00362dfe45fb3bc8df7e8f58e982e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Wed, 17 Jun 2020 09:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 Nov 2019 15:22:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 347 B
593 B 434ms
115ms Script
text/javascript 3.223.112.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb2&url=https%3A%2F%2Fblog.zecops.com%2Fvulnerabilities%2Fsmbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce%2F
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.112.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-112-50.compute-1.amazonaws.com
Software: / Express
Resource Hash: 8b2f62551474b1c82796d3b834d9a56896997fcd56cc08ce1a8b2690f7adc028

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 09:58:12 GMT
Cache-Control: public, max-age=900
ETag: 54f1f562d2aab3148e84f49be2e0d7d5
Connection: keep-alive
X-Powered-By: Express
Content-Length: 347
Content-Type: text/javascript; charset=utf-8

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
678 B 32ms
9ms Image
image/svg+xml 2600:9000:2182:a000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:a000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 02 Jun 2020 01:23:17 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1326895
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: p_1NOqIqM1OnFu0tleFw7csWUDOxeg9pIqYN55p7iDbB8t2WptL-xA==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 32ms
10ms Image
image/svg+xml 2600:9000:2182:a000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:a000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 06 Jun 2020 00:27:17 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 984656
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: leVRCQRWCyrViFiL7-5dALGAA3M_berjFwKQrVIzZsQUpss3xjP4hA==

GET
H2 200 linkedin.svg
platform-cdn.sharethis.com/img/ 456 B
834 B 32ms
10ms Image
image/svg+xml 2600:9000:2182:a000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/linkedin.svg
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:a000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 06 Jun 2020 00:51:41 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 983192
etag: "fa43b4ede18498b114fc7185993f6da7"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 456
x-amz-cf-id: vw4McAzEU2P__7Pzor5xp0iwjoxVlY1_8qKQRSMjq_dtshi3usoWzg==

GET
H2 200 eicons.woff2
blog.zecops.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 79 KB
80 KB 18ms
18ms Font
font/woff2 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.7.0
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d9d46f411b69048e67189844d87d4a4ed54b73298efb16c1109fdd5f8cd257

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://blog.zecops.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.7.0
Origin: https://blog.zecops.com

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
cf-cache-status: HIT
server: cloudflare
age: 652583
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5a4be9258a849c57-AMS
content-length: 81224
cf-request-id: 0363500b7300009c573e0ff200000001
expires: Thu, 09 Jul 2020 20:41:49 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2060060&url=https%3A%2F%2Fblog.zecops.com%2Fvulnerabilities%2Fsmbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2060060%26url%3Dhttps%253A%252F%252Fblog.zecops.com%252Fvulnerabilities%252Fsmble...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2060060&url=https%3A%2F%2Fblog.zecops.com%2Fvulnerabilities%2Fsmbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for...

0
57 B

111ms
111ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2060060&url=https%3A%2F%2Fblog.zecops.com%2Fvulnerabilities%2Fsmbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce%2F&time=1592387892125&liSync=true
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: WpUq71lMGRbQl0dQsioAAA==

Redirect headers

strict-transport-security: max-age=2592000
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: JfMI61lMGRYAIOXRWysAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 15FF46A61E9B4708ABE62BAEFA3C43DE Ref B: FRAEDGE1509 Ref C: 2020-06-17T09:58:12Z
date: Wed, 17 Jun 2020 09:58:11 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2060060&url=https%3A%2F%2Fblog.zecops.com%2Fvulnerabilities%2Fsmbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce%2F&time=1592387892125&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 load Show response
front.optimonk.com/public/108824/js/ 580 KB
172 KB 127ms
62ms XHR
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/108824/js/load

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/108824/js/preload.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

be1b02528fc6c1dd8eede8d42123784a4b058e5d49cfe1228fd51694eaca8de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
status: 200
etag: W/"91189-QM6gMlSy4Nes53kIj5HvYvd81mY"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 content.html Show response
cdn-content.optimonk.com/public/108824/5eb850fead66470019b1b8bd/ 50 KB
5 KB 116ms
22ms XHR
text/html 195.181.175.46
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-content.optimonk.com/public/108824/5eb850fead66470019b1b8bd/content.html?v=1589144137
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-44.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 43cfc30ed579cb87ef7747cef5ea1b416e64b3622147d1fc0e432b2c65ec4b20

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 8B18E9A5B23522D7
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 97814
x-amz-id-2: nOlgoRaYQTdnssJ4rBdCOMoxLjtjMPq8kwcpAbqLQ1AV3WW+UpvhSV5qnkPIG4b26QuEvQ3hgpM=
last-modified: Sun, 10 May 2020 20:55:38 GMT
server: CDN77-Turbo
etag: W/"cc34bf2e020aaf0dbeb8f3036f1beb85"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-edge-ip: 195.181.175.44

GET
H2 200 content.html Show response
cdn-content.optimonk.com/public/108824/5ea2faf4429c7600126513a1/ 50 KB
5 KB 119ms
25ms XHR
text/html 195.181.175.46
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-content.optimonk.com/public/108824/5ea2faf4429c7600126513a1/content.html?v=1589144181
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-44.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 0af588501b16a3e379e218a61780849765d8acb81ca549e70d9df59b7a7c0dfe

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 996701B7B9A63E6A
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 97814
x-amz-id-2: IFefE4toi5balYBvkYAnXkPrriN9sNhvf+tWOIqhO3T3k2u6oYkEBgwS/uutp/pO8esI5aGse20=
last-modified: Sun, 10 May 2020 20:56:22 GMT
server: CDN77-Turbo
etag: W/"273b95e3461a42dae5b30dfb831264ea"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-edge-ip: 195.181.175.44

GET
H2 200 optimonk.min.css
cdn-static.optimonk.com/bundles/wseoptimonk/css/ 15 KB
2 KB 113ms
20ms Stylesheet
text/css 195.181.175.51
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-static.optimonk.com/bundles/wseoptimonk/css/optimonk.min.css?v=213
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.51 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-50.cdn77.com
Software: CDN77-Turbo /
Resource Hash: fe69f27e8d524113d66ad6a9f76747a7ccc18c4d599262590d0a85fb76469eb5

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 09:56:17 GMT
server: CDN77-Turbo
x-edge-location: frankfurtDE
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31536000, public
x-edge-ip: 195.181.175.50
x-age: 11658969
expires: Tue, 02 Feb 2021 11:22:03 GMT

GET
H2 200 om.base.css
front.optimonk.com/assets/css/ 263 KB
24 KB 49ms
48ms Stylesheet
text/css 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/assets/css/om.base.css?v=07cda41674859d6a45e9

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b4d827717bd14ad21b65f3b155f304318b4a354f7fe877633e10a69dad1377f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
status: 200
etag: W/"41a90-SXvB7E90KVZVSp2ay9YZWTlY2oc"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

POST
H2 200 index.php Show response
blog.zecops.com/ 665 B
364 B 918ms
918ms XHR
text/html 2606:4700:3037::ac43:bb2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.zecops.com/index.php?plugin=optimonk&action=cartData
Requested by: Host: front.optimonk.com
URL: https://front.optimonk.com/public/108824/js/preload.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e12a57314c9f7c11c08374d438eebcd54e10d076f2f9365306e0af676f1666

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 17 Jun 2020 09:58:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=2592000
cf-ray: 5a4be9276bea9c57-AMS
cf-request-id: 0363500ca100009c573e10b200000001
expires: Fri, 17 Jul 2020 09:58:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 73 KB
2 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7COswald:200,300,400,500,600,700&display=swap

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f55d75205858505663ad4abc1bf0b71d2baf3fddf6bc0bc113825fb4cb561118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 09:58:12 GMT
server: ESF
date: Wed, 17 Jun 2020 09:58:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jun 2020 09:58:12 GMT

GET
H2 200 c-check%402x_1587492140207.png
editor-upload-cdn.optimonk.com/userImages/108824/5e9f294deb187e0012741580/ 942 B
1 KB 117ms
20ms Image
application/octet-stream 195.181.175.49
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/108824/5e9f294deb187e0012741580/c-check%402x_1587492140207.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.49 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-47.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 23376bec9a9d326fdd380ba1aa3e13b06d5b7310dd2d4ab36988bd702546a9f7

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
last-modified: Tue, 21 Apr 2020 18:02:21 GMT
server: CDN77-Turbo
x-amz-request-id: 88C3F4C2AD1C57AA
x-edge-location: frankfurtDE
etag: "2c1fea81a7f61017f15a625dab936372"
x-cache: HIT
content-type: application/octet-stream
status: 200
x-edge-ip: 195.181.175.47
x-age: 744417
accept-ranges: bytes
content-length: 942
x-amz-id-2: 53Yxadd5hW6bej6PfTUsV9/EYAMifofT7Cs30FdgrdQ2EOgFJ/mBsyijHDW47xS+2SoS9OBq01o=

GET
H2 200 cover%402x_1587754145260.jpg
editor-upload-cdn.optimonk.com/userImages/108824/5ea2faf4429c7600126513a1/ 51 KB
52 KB 126ms
30ms Image
application/octet-stream 195.181.175.49
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/108824/5ea2faf4429c7600126513a1/cover%402x_1587754145260.jpg
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.49 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-47.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 37cb09f88d75721699e5680432f04c90ebfc8de7b48a1882adc62a6e07f4a9d4

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
last-modified: Fri, 24 Apr 2020 18:49:07 GMT
server: CDN77-Turbo
x-amz-request-id: 014581EA757B32B9
x-edge-location: frankfurtDE
etag: "7a119d9d2dce7cbb1ff00255e82cb120"
x-cache: HIT
content-type: application/octet-stream
status: 200
x-edge-ip: 195.181.175.47
x-age: 466471
accept-ranges: bytes
content-length: 52543
x-amz-id-2: XPiv6ix+Js1zIgX9ge4s0H05fcL9EJFVOJRTqo+5A+Uoj700CfgQCluXojeohj15kNpTZSbKkSE=

GET
H2 200 mobile_bg_1587134766697.png
editor-upload-cdn.optimonk.com/userImages/108824/5ea2faf4429c7600126513a1/ 3 KB
3 KB 139ms
43ms Image
application/octet-stream 195.181.175.49
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/108824/5ea2faf4429c7600126513a1/mobile_bg_1587134766697.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.49 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-47.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 9ee251950976e3f082c3a1cd20a8ef52a98e0371974462f255536da47c18dc4b

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
last-modified: Fri, 24 Apr 2020 14:43:01 GMT
server: CDN77-Turbo
x-amz-request-id: 17811DBFA0CCDB36
x-edge-location: frankfurtDE
etag: "0e463e2dac2ab4d1aeafd81181ffd032"
x-cache: HIT
content-type: application/octet-stream
status: 200
x-edge-ip: 195.181.175.47
x-age: 466471
accept-ranges: bytes
content-length: 2719
x-amz-id-2: Iq0P1eFpv9DHK27Y6Buw2w4SBtrZ7i3IsKmt64dO6MYYNdftTvXtAMxuN+lMPwwVAKTV8vUOO3Y=

GET
H2 200 corner_02_1587131760882.svg
editor-upload-cdn.optimonk.com/userImages/108824/5ea2faf4429c7600126513a1/ 2 KB
957 B 139ms
44ms Image
image/svg+xml 195.181.175.49
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/108824/5ea2faf4429c7600126513a1/corner_02_1587131760882.svg
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.49 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-47.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 0fa93c29353fbbdf900cf2f10556ca20694a8a3866a86305d0425d04dc47d6e3

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
content-encoding: br
last-modified: Fri, 24 Apr 2020 14:43:01 GMT
server: CDN77-Turbo
x-amz-request-id: E28ADAF4D6148488
x-edge-location: frankfurtDE
etag: W/"b8da93b567f2e9c2f7e7ce60a16ac159"
x-cache: HIT
content-type: image/svg+xml
status: 200
x-edge-ip: 195.181.175.47
x-age: 466471
x-amz-id-2: TsKFOYrMx21M4h+8/NdH+fCjk4c3GCeLlbbaizkjnRyK1v4HKIVvFH283iEr33u9g0f5GjEqRMI=

GET
H2 200 popup_bg_2_1587052145677.png
editor-upload-cdn.optimonk.com/userImages/108824/5ea2faf4429c7600126513a1/ 13 KB
14 KB 139ms
44ms Image
application/octet-stream 195.181.175.49
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/108824/5ea2faf4429c7600126513a1/popup_bg_2_1587052145677.png
Requested by: Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.49 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-47.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 56fc1a208aeafdcad6777adbca55d314065f14526c4f1a06617fd53e5e000cd5

Request headers

Referer: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:58:12 GMT
last-modified: Fri, 24 Apr 2020 14:43:01 GMT
server: CDN77-Turbo
x-amz-request-id: E08024C5F2047764
x-edge-location: frankfurtDE
etag: "e4ed2a09bcfcd2728f082558677dd972"
x-cache: HIT
content-type: application/octet-stream
status: 200
x-edge-ip: 195.181.175.47
x-age: 466471
accept-ranges: bytes
content-length: 13812
x-amz-id-2: 4jZRtQqXnmA+HEH67Qtf3MpBR0bNcfbO/czxSZRZWOktX3boHIwp3Kash+Txyu/VBU+j3c0xZEw=

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZSgnz_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZSgnz_PZwjimrqw.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18bc5f5843d08acbd8118a8146ad41c98ed89435248a88b2035d5300efdf257c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Fri, 12 Jun 2020 13:32:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:03 GMT
server: sffe
age: 419172
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
expires: Sat, 12 Jun 2021 13:32:00 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Wed, 10 Jun 2020 11:30:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:58 GMT
server: sffe
age: 599274
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12504
x-xss-protection: 0
expires: Thu, 10 Jun 2021 11:30:18 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZbgjz_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZbgjz_PZwjimrqw.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6b7e13124cb6393c4e90d6be4f10bc5c925402e35cbfe3dc01719bc4df6eee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Tue, 09 Jun 2020 00:39:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 724713
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:39:39 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Tue, 09 Jun 2020 00:22:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 725744
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13516
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:22:28 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZcgvz_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZwjimrqw.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ad65bc23b5e89eede33126fb52fc00466b31434705b8052e5d776e9170a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Tue, 09 Jun 2020 00:24:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:00 GMT
server: sffe
age: 725643
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14028
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:24:09 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZFgrz_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZFgrz_PZwjimrqw.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf4c70dc28e66696cb4bf0bac4fcaf5f19b9456e07b7265be9a4452651530044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Thu, 11 Jun 2020 05:12:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:53 GMT
server: sffe
age: 535524
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13880
x-xss-protection: 0
expires: Fri, 11 Jun 2021 05:12:48 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Fri, 12 Jun 2020 06:27:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 444630
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Sat, 12 Jun 2021 06:27:42 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZOg3z_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZOg3z_PZwjimrqw.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a035f0162bc9e3d98eac0a242126860103682306a236f1cec114de42d477ca02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Thu, 11 Jun 2020 05:21:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:08 GMT
server: sffe
age: 534974
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Fri, 11 Jun 2021 05:21:58 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZYgzz_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZYgzz_PZwjimrqw.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

967f14653914225c8ecf82d70d4a0458e10db8254460d12b15903e0b6487f0d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Sat, 13 Jun 2020 02:25:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:36 GMT
server: sffe
age: 372769
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13980
x-xss-protection: 0
expires: Sun, 13 Jun 2021 02:25:23 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Tue, 09 Jun 2020 03:36:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:37 GMT
server: sffe
age: 714129
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13560
x-xss-protection: 0
expires: Wed, 09 Jun 2021 03:36:03 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZBg_z_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZBg_z_PZwjimrqw.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef78c9f1ff84bc1bf77758fc0cd8b04ff751afd74da354f8a1a6ff9d4b654520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Tue, 09 Jun 2020 22:02:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:39 GMT
server: sffe
age: 647723
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13808
x-xss-protection: 0
expires: Wed, 09 Jun 2021 22:02:49 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_aZA3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_aZA3gnD_vx3rCs.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101309796941cb9b2ada88c7219a0ba69d37bb42b6aa8843f1068664c3aca401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Tue, 09 Jun 2020 22:08:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:33 GMT
server: sffe
age: 647385
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13540
x-xss-protection: 0
expires: Wed, 09 Jun 2021 22:08:27 GMT

GET
H2 200 JTUOjIg1_i6t8kCHKm459WxZqh7k29NfpiOj.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 16ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUOjIg1_i6t8kCHKm459WxZqh7k29NfpiOj.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac28b8436b26a0226e8b3e8fa68f1410997cb405dc6fcad807bdf5aadc33d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Tue, 09 Jun 2020 03:42:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:39 GMT
server: sffe
age: 713738
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13088
x-xss-protection: 0
expires: Wed, 09 Jun 2021 03:42:34 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm45_QpRyS7m0dR9pA.woff2
fonts.gstatic.com/s/montserrat/v14/ 12 KB
12 KB 15ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUQjIg1_i6t8kCHKm45_QpRyS7m0dR9pA.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c5eb754c98dece70e0d331dd367f6105ff60436aa854c4815577e8f951b42ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Code+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CFira+Mono%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://blog.zecops.com

Response headers

date: Wed, 10 Jun 2020 08:13:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:52 GMT
server: sffe
age: 611096
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12660
x-xss-protection: 0
expires: Thu, 10 Jun 2021 08:13:16 GMT

GET
H2 200 WwkfxPmzE06v_ZW1XnrBGoIAUA.woff2
fonts.gstatic.com/s/gruppo/v10/ 17 KB
17 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gruppo/v10/WwkfxPmzE06v_ZW1XnrBGoIAUA.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

199bb0d0613ad2bf31a7a3502b80e80ed4f879bb73ae563cbf67760f502328e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7COswald:200,300,400,500,600,700&display=swap
Origin: https://blog.zecops.com

Response headers

date: Wed, 10 Jun 2020 11:04:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:44:15 GMT
server: sffe
age: 600793
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16988
x-xss-protection: 0
expires: Thu, 10 Jun 2021 11:04:59 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7COswald:200,300,400,500,600,700&display=swap
Origin: https://blog.zecops.com

Response headers

date: Thu, 11 Jun 2020 05:11:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 535608
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Fri, 11 Jun 2021 05:11:24 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7COswald:200,300,400,500,600,700&display=swap
Origin: https://blog.zecops.com

Response headers

date: Sat, 13 Jun 2020 02:33:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:56 GMT
server: sffe
age: 372259
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9744
x-xss-protection: 0
expires: Sun, 13 Jun 2021 02:33:53 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7COswald:200,300,400,500,600,700&display=swap
Origin: https://blog.zecops.com

Response headers

date: Tue, 09 Jun 2020 22:05:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 647540
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 09 Jun 2021 22:05:52 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7COswald:200,300,400,500,600,700&display=swap
Origin: https://blog.zecops.com

Response headers

date: Wed, 10 Jun 2020 11:05:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:02 GMT
server: sffe
age: 600775
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9728
x-xss-protection: 0
expires: Thu, 10 Jun 2021 11:05:17 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7COswald:200,300,400,500,600,700&display=swap
Origin: https://blog.zecops.com

Response headers

date: Thu, 11 Jun 2020 05:02:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 536141
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Fri, 11 Jun 2021 05:02:31 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKXGUdhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKXGUdhrIqOxjaPX.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a4cbe29c8a1c6c2e29b887fd58d9a02b64e7bd113acc77d370b547b9f51545d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7COswald:200,300,400,500,600,700&display=swap
Origin: https://blog.zecops.com

Response headers

date: Thu, 11 Jun 2020 02:35:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:59 GMT
server: sffe
age: 544991
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9684
x-xss-protection: 0
expires: Fri, 11 Jun 2021 02:35:01 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7COswald:200,300,400,500,600,700&display=swap
Origin: https://blog.zecops.com

Response headers

date: Thu, 11 Jun 2020 05:23:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 534909
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Fri, 11 Jun 2021 05:23:03 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7COswald:200,300,400,500,600,700&display=swap
Origin: https://blog.zecops.com

Response headers

date: Wed, 10 Jun 2020 01:08:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:15 GMT
server: sffe
age: 636587
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9416
x-xss-protection: 0
expires: Thu, 10 Jun 2021 01:08:25 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 14ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7COswald:200,300,400,500,600,700&display=swap
Origin: https://blog.zecops.com

Response headers

date: Wed, 10 Jun 2020 07:58:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:53 GMT
server: sffe
age: 611990
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9192
x-xss-protection: 0
expires: Thu, 10 Jun 2021 07:58:22 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKW-U9hrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKW-U9hrIqOxjaPX.woff2

Requested by

Host: blog.zecops.com
URL: https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bab0b356d452a6ac7735a73f860787fd845742b9d1843bfb92fac2b75092073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7COpen+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7COswald:200,300,400,500,600,700&display=swap
Origin: https://blog.zecops.com

Response headers

date: Fri, 12 Jun 2020 06:21:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:02 GMT
server: sffe
age: 444987
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9760
x-xss-protection: 0
expires: Sat, 12 Jun 2021 06:21:45 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.zecops.com/	1969-12-31 23:59:59	Name: optiMonkSession Value: 1592387892
blog.zecops.com/	1970-01-19 19:05:23	Name: optiMonkClient Value: N4IgjADAHFBMAsIBcoDGBDZpEpO1ALshADR4AO5xZqATsiAKwCm6sAZuu/PLAJyoA7ADYIEMLGGMwAZnRgQZAHYB7ACbUQBAK6YkpEAGcGASyUmiAXzKMseQpvSVNdBiwBGURhHas1w4XhBMTA+dzBPdw1ldU0dPQNjJBAzCxBLaxB2ADdkMEY+WBkoQShCsgAbXKR8wuLS8pBVcmqwDKA==
.zecops.com/	1970-01-19 11:02:59	Name: __cfduid Value: d25b332a6cd0337891bb35d746c54c6e51592387890

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://blog.zecops.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.zecops.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn-content.optimonk.com
cdn-static.optimonk.com
cdn.mouseflow.com
count-server.sharethis.com
editor-upload-cdn.optimonk.com
fonts.googleapis.com
fonts.gstatic.com
front.optimonk.com
l.sharethis.com
platform-api.sharethis.com
platform-cdn.sharethis.com
px.ads.linkedin.com
s.w.org
snap.licdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.zecops.com
167.99.251.246
18.195.176.77
192.0.77.48
195.181.175.46
195.181.175.49
195.181.175.51
23.111.9.38
2600:9000:2182:3000:c:a9b7:ddc0:93a1
2600:9000:2182:a000:1d:85c3:6640:93a1
2600:9000:2182:b400:c:abe:f440:93a1
2600:9000:2182:fa00:1c:8a07:5e80:93a1
2606:4700:3037::ac43:bb2e
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
2a00:1450:4001:819::2003
2a00:1450:4001:819::2004
2a00:1450:4001:825::2008
2a00:1450:400c:c00::9b
2a02:26f0:10c:39e::25ea
2a05:f500:10:101::b93f:9105
3.223.112.50
035dbb332037081e3284c7d52e699439ffadf14a691bf17a65d93ca1a68eb64a
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
058ad65bc23b5e89eede33126fb52fc00466b31434705b8052e5d776e9170a2a
0af588501b16a3e379e218a61780849765d8acb81ca549e70d9df59b7a7c0dfe
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8
0fa93c29353fbbdf900cf2f10556ca20694a8a3866a86305d0425d04dc47d6e3
0ff2aebb3d345f27358834b62ba1acef158074a183fa01cc1147f8c47b9ccfce
101309796941cb9b2ada88c7219a0ba69d37bb42b6aa8843f1068664c3aca401
1633fa127f33d6a7db4b45e31e2f3258434fd37a1d391522905888931a5be93c
18bc5f5843d08acbd8118a8146ad41c98ed89435248a88b2035d5300efdf257c
18e02d57c21d12f6a6a15787a18bfea58bc95887c2a21b23c4381b070c17472a
199bb0d0613ad2bf31a7a3502b80e80ed4f879bb73ae563cbf67760f502328e0
1aaa6eec27a87a5db38bc737452200178c34c4356fc6b8031fddc07e96c4c901
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e3bd23f892a7823c8419303360e545aa10d63f307d8117abf1fb1b1f756f58a
1f4253e2bd8e31a6a8d3724f1677b0c1a8c09f5fa1319b047d5b3540d16045fc
20d67dc1d22cadd6326639e1510929bd3bfdefe7a3a4bd2d78160514b3aa6f50
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22b58a4db86c1b3f60e95c940854307c2eb2ef74e4a3898b46f9f5adf6d34cdb
23376bec9a9d326fdd380ba1aa3e13b06d5b7310dd2d4ab36988bd702546a9f7
24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2da171deb90da583dc32b200cffee0535c00362dfe45fb3bc8df7e8f58e982e6
37cb09f88d75721699e5680432f04c90ebfc8de7b48a1882adc62a6e07f4a9d4
41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43cfc30ed579cb87ef7747cef5ea1b416e64b3622147d1fc0e432b2c65ec4b20
46e12a57314c9f7c11c08374d438eebcd54e10d076f2f9365306e0af676f1666
48d9d46f411b69048e67189844d87d4a4ed54b73298efb16c1109fdd5f8cd257
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4912571636faec089efde2f425788bef6e3b2f9d847e98fbccd494caae338e03
4999f4d77d560c9fe7661a50ee67ceceded60874b3d461dfc43c6fe3a02125f4
4b41f34a9aa8cb7df0efec50389b7a21656bce670e9606f79e81fd85d6965e57
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4f3609c9c0421133a949705dbdf62b7cc489278e96eb6389bcbd6b347cd119b1
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56fc1a208aeafdcad6777adbca55d314065f14526c4f1a06617fd53e5e000cd5
5805bce3534a5504a2daa5b5324ff14498df7f2e863ecd566458cc4f1df8d5d5
588eeb6394c42d2d83fd723d3db81b266d115ef046be36bd39fa9f46b765e2a7
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
61d09839f8532e5638a2950a06890d8ec95520efd82912695f31975443744613
61dc93914b1acdeb58d7dd7a3ddfe0a7ef5c1adce030697f4a754683076a63a1
65c019e47166a534b5f1e162aa526bacad683bfa2e90e8efe3a1592021472f48
67feadb2cf584943bbd1849013c8e1a01177c2b22005d1da4ad1f51c1c683185
69a270b8516b01e9d59ed94b7fc69503eb08a475e81fc87f582c690851dee3cd
6c7c72d36f65a8575b4136f3f5ef30b8fa11f0430bc07e7370cccca0b1cae390
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a4cbe29c8a1c6c2e29b887fd58d9a02b64e7bd113acc77d370b547b9f51545d
7c5eb754c98dece70e0d331dd367f6105ff60436aa854c4815577e8f951b42ed
7c91018a6dd3f65e8cf561ef0b42aa05a89465e9ed70b2cc78e5c064b6ea11d7
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
83b471816b2cfa34979c6ccf0cbc1ac1cc62d87678ea36743f6b291fa0227645
8b2f62551474b1c82796d3b834d9a56896997fcd56cc08ce1a8b2690f7adc028
91d78fecdfd3598599ac9b376ef655c63333afc9930b93dcfc99c12fab5294b6
967f14653914225c8ecf82d70d4a0458e10db8254460d12b15903e0b6487f0d6
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d
9a0ff25b7c074890ae406ee9811f70922c44b9ed9da5e68f4138db8b02f56d32
9ad58bb5360bb0ac3964d9af1781d36e4e91e91be40e506bf6a174be865b7e4e
9bab0b356d452a6ac7735a73f860787fd845742b9d1843bfb92fac2b75092073
9ee251950976e3f082c3a1cd20a8ef52a98e0371974462f255536da47c18dc4b
a035f0162bc9e3d98eac0a242126860103682306a236f1cec114de42d477ca02
a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
a6b7e13124cb6393c4e90d6be4f10bc5c925402e35cbfe3dc01719bc4df6eee4
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
aa96b89659f8faabd7965ec036250e4f3a540a64aa8052c964f49854d1296628
aecbe5a6f9da11593df75bb5d078c12e712bdb9387472faecbfd46191ffab054
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b42a31843df2ba82c10c040287815bd8ca753f2b98ae6bd378ad1eb42137e0e5
b4d827717bd14ad21b65f3b155f304318b4a354f7fe877633e10a69dad1377f8
b5504fb4cfc85c849c966674e05316834df44e820d4ffb54253d15211e758511
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bbb1f43277c639d1f5f1553cb604eda96b0fb18b6cdddd7013389163d078141c
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bdf0ff4d784f7cc33bdfe014b90c2be1b79799ba7b4c0c8caf962cac96e03007
be1b02528fc6c1dd8eede8d42123784a4b058e5d49cfe1228fd51694eaca8de8
bf4c70dc28e66696cb4bf0bac4fcaf5f19b9456e07b7265be9a4452651530044
c13d2486793a00c548b8d18157a4ff7bb360d145ed093a1c3d6f729a9fbbeaf0
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
cdf0a15779d8618e6ee8d7147ea5630ec89254e5b3b58442dc856a62a5bbfbd9
ce02494f62ec59d24a6269c9a2d3095dc2575e1da0f3409c3ee8080c496efe72
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
d8d26e64943901b4267d4be0e80ea5edfee8e7c2b7c4802ba112ffbf7ff48a84
e02efec98d48494053b65a31e7b8497a40495b99cbd6b84266804defe1470509
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
eb567d9bafc7064a86cd894d15a4a43073fe20789bafc64a47ac5efcf7a78285
edafd4a386b7df2b635342ec8173c93d1d4f1b3b2a0374fc16bc00ebb5a96546
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef78c9f1ff84bc1bf77758fc0cd8b04ff751afd74da354f8a1a6ff9d4b654520
f009819b4f72be371abc18ec79e99a31f5431fa832b05b9702813ea488c23f1f
f1ac28b8436b26a0226e8b3e8fa68f1410997cb405dc6fcad807bdf5aadc33d3
f29b92db1da38b76eb101f850d96b0a5b30d0ef692270512636bda16ad39330e
f3fcb25354cf1e6fe068a6a83a9819574421125e1f475d0a4eac07aa912b4dd4
f55d75205858505663ad4abc1bf0b71d2baf3fddf6bc0bc113825fb4cb561118
f6dbe14add75213dda8d3878ac932bc4edee8b800a5b1442e9cb3bb9a7342aa6
f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fe69f27e8d524113d66ad6a9f76747a7ccc18c4d599262590d0a85fb76469eb5
ff4eb7e4df6e09b7fba76e1957f3fc0f703496a13d23a5a245bb2709810b0c43
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

blog.zecops.com Open in urlscan Pro 2606:4700:3037::ac43:bb2e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

111 Requests

100 %HTTPS

65 %IPv6

15 Domains

24 Subdomains

20 IPs

5 Countries

2043 kBTransfer

4115 kBSize

3 Cookies

35 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.zecops.com Open in urlscan Pro
2606:4700:3037::ac43:bb2e Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

100 %
HTTPS

65 %
IPv6

15
Domains

24
Subdomains

20
IPs

5
Countries

2043 kB
Transfer

4115 kB
Size

3
Cookies

111 HTTP transactions
0 data transactions