servicenger.com Open in urlscan Pro
216.10.246.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Submission: On May 30 via api (May 30th 2020, 1:03:34 pm UTC) from US

Summary HTTP 28 Redirects Links 5 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 28 HTTP transactions. The main IP is 216.10.246.5, located in India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is servicenger.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 30th 2020. Valid for: 3 months.

This is the only time servicenger.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
23	216.10.246.5 216.10.246.5		394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3		32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de		32934 (FACEBOOK) (FACEBOOK)
28	3

23 216.10.246.5 (India)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)

servicenger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	servicenger.com servicenger.com	480 KB
3	facebook.net connect.facebook.net	171 KB
2	facebook.com www.facebook.com	329 B
28	3

	Domain	Requested by
23	servicenger.com	servicenger.com
3	connect.facebook.net	servicenger.com connect.facebook.net
2	www.facebook.com	servicenger.com connect.facebook.net
28	3

This site contains links to these domains. Also see Links.

Domain
www.vulnano.com
twitter.com
github.com
wordpress.org
alx.media

Subject Issuer	Validity	Valid
servicenger.com Let's Encrypt Authority X3	`2020-04-30` - `2020-07-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Frame ID: C1FC329A19EAD12E2A3F536821B0E053
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

28
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

652 kB
Transfer

1416 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vulnano.com/
Title: dmitry lukyanenko

Search URL Search Domain Scan URL

URL: https://twitter.com/rahulkankrale
Title: https://twitter.com/rahulkakrale

Search URL Search Domain Scan URL

URL: https://github.com/nccgroup/house
Title: House

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: http://alx.media/
Title: Alx

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
servicenger.com/blog/mobile/android-privilege-escalation-techniques/ 27 KB
10 KB 1259ms
718ms Document
text/html 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 4e8c5a9cbdcf43b28c56d2e4fa00eecd8019a2db2db875dac2b2b6ca7ada34cf

Request headers

:method: GET
:authority: servicenger.com
:scheme: https
:path: /blog/mobile/android-privilege-escalation-techniques/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 30 May 2020 13:02:57 GMT
server: nginx/1.17.6
content-type: text/html; charset=UTF-8
content-length: 9932
x-pingback: https://servicenger.com/blog/xmlrpc.php
link: <https://servicenger.com/blog/wp-json/>; rel="https://api.w.org/", <https://servicenger.com/blog/?p=103>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: false

GET
H2 200 style.min.css
servicenger.com/blog/wp-includes/css/dist/block-library/ 52 KB
10 KB 456ms
454ms Stylesheet
text/css 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-includes/css/dist/block-library/style.min.css?ver=5.4.1
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Wed, 29 Apr 2020 21:09:22 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 9824

GET
H2 200 style.css
servicenger.com/blog/wp-content/themes/curver/ 77 KB
22 KB 338ms
337ms Stylesheet
text/css 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-content/themes/curver/style.css?ver=5.4.1
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 08fd176909ca6267ed963a3c9b1af570158d65dfd07a28ae6cd46c354b5fb924

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes

GET
H2 200 responsive.css
servicenger.com/blog/wp-content/themes/curver/ 7 KB
2 KB 341ms
340ms Stylesheet
text/css 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-content/themes/curver/responsive.css?ver=5.4.1
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 5db1c8dbea75bf172107763852253962fd9a07403c3d8cbb807eb75136f79407

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 2324

GET
H2 200 all.min.css
servicenger.com/blog/wp-content/themes/curver/fonts/ 56 KB
12 KB 199ms
198ms Stylesheet
text/css 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-content/themes/curver/fonts/all.min.css?ver=5.4.1
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: c5843a4836523d9da6a9b4e7f6895ab16b6acaff7c0286249e9d7a3167eff483

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 12383

GET
H2 200 jquery.js Show response
servicenger.com/blog/wp-includes/js/jquery/ 95 KB
42 KB 207ms
205ms Script
application/javascript 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Fri, 17 May 2019 17:08:53 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes

GET
H2 200 jquery-migrate.min.js Show response
servicenger.com/blog/wp-includes/js/jquery/ 10 KB
4 KB 456ms
454ms Script
application/javascript 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 4444

GET
H2 200 jquery.flexslider.min.js Show response
servicenger.com/blog/wp-content/themes/curver/js/ 17 KB
7 KB 455ms
454ms Script
application/javascript 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-content/themes/curver/js/jquery.flexslider.min.js?ver=5.4.1
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: f3dce99e558cff8cbd5f975a0a8682e79de9fc5946878229035cf75e09b51215

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 6726

GET
H2 200 hackerone_award-2.jpg
servicenger.com/blog/wp-content/uploads/2020/05/ 67 KB
68 KB 323ms
321ms Image
image/jpeg 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servicenger.com/blog/wp-content/uploads/2020/05/hackerone_award-2.jpg
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 5b1b80f6b1e536ce7daf107762d21ea29ee684c5859600e7e2498e3006059cbb

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
last-modified: Thu, 28 May 2020 09:03:31 GMT
server: nginx/1.17.6
x-server-cache: false
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 68712

GET
H2 200 village_award.jpg
servicenger.com/blog/wp-content/uploads/2020/05/ 124 KB
125 KB 189ms
187ms Image
image/jpeg 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servicenger.com/blog/wp-content/uploads/2020/05/village_award.jpg
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 17ef8d13ba03050b836d6568ccb9f1c24f8f6d7fdd04411aadfd3e506c809dff

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
last-modified: Thu, 28 May 2020 09:03:48 GMT
server: nginx/1.17.6
x-server-cache: false
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 127470

GET
H2 200 98026674_275052570565661_2396113313286062080_n-520x292.jpg
servicenger.com/blog/wp-content/uploads/2020/05/ 17 KB
17 KB 197ms
196ms Image
image/jpeg 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servicenger.com/blog/wp-content/uploads/2020/05/98026674_275052570565661_2396113313286062080_n-520x292.jpg
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: fa48c41ec842a1b903a3668a5f3740b3c6abcdb6a2127e82bce30211af7931bf

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
last-modified: Mon, 18 May 2020 04:24:33 GMT
server: nginx/1.17.6
x-server-cache: false
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 17641

GET
H2 200 thumb-medium.png
servicenger.com/blog/wp-content/themes/curver/img/ 714 B
753 B 323ms
321ms Image
image/png 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servicenger.com/blog/wp-content/themes/curver/img/thumb-medium.png
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: ccf1d09ac931893c4629b32640e039340c1f26e64978772619cb50b72e229aa9

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 714

GET
H2 200 jquery.fitvids.js Show response
servicenger.com/blog/wp-content/themes/curver/js/ 3 KB
1 KB 170ms
170ms Script
application/javascript 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-content/themes/curver/js/jquery.fitvids.js?ver=5.4.1
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 9c29ff6cb8ebb7a83af704c02a235b37fd77ce8cc48d87aaef2bfd9727fbd166

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1359

GET
H2 200 jq-sticky-anything.min.js Show response
servicenger.com/blog/wp-content/themes/curver/js/ 5 KB
2 KB 323ms
322ms Script
application/javascript 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-content/themes/curver/js/jq-sticky-anything.min.js?ver=5.4.1
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: f134232a9a19dd6ab40fd09f335cb368f4441e2573462dea23b6201274d0b70b

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1548

GET
H2 200 scripts.js Show response
servicenger.com/blog/wp-content/themes/curver/js/ 4 KB
1 KB 325ms
322ms Script
application/javascript 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-content/themes/curver/js/scripts.js?ver=5.4.1
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 318e51f1a63aefe3af80d932c49fc640e032f373a4bdf4db283fe0b71c13b118

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1353

GET
H2 200 comment-reply.min.js Show response
servicenger.com/blog/wp-includes/js/ 2 KB
1 KB 323ms
321ms Script
application/javascript 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-includes/js/comment-reply.min.js?ver=5.4.1
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 07:30:44 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1184

GET
H2 200 wp-embed.min.js Show response
servicenger.com/blog/wp-includes/js/ 1 KB
815 B 323ms
320ms Script
application/javascript 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-includes/js/wp-embed.min.js?ver=5.4.1
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 07:30:44 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 782

GET
H2 200 wp-emoji-release.min.js Show response
servicenger.com/blog/wp-includes/js/ 14 KB
5 KB 321ms
320ms Script
application/javascript 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-includes/js/wp-emoji-release.min.js?ver=5.4.1
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 07:30:44 GMT
server: nginx/1.17.6
x-server-cache: false
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 4928

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
31 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

/

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: otxZ90GYhwGw6zAERB2MxYHh09cYlMrZzOTOZA70/hfuIq+F4WzwFXoMy/yp117csfRKSp7gg2eZEYoGCUBL3Q==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 30 May 2020 13:02:58 GMT, Sat, 30 May 2020 13:02:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pre.png
servicenger.com/blog/wp-content/themes/curver/img/ 72 B
102 B 440ms
439ms Image
image/png 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servicenger.com/blog/wp-content/themes/curver/img/pre.png
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: de54d20ec67beddd1b5050d80ea032494652596617c6d31f297028a7efdab7bc

Request headers

Referer: https://servicenger.com/blog/wp-content/themes/curver/style.css?ver=5.4.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 72

GET
H2 200 titillium-light-webfont.woff
servicenger.com/blog/wp-content/themes/curver/fonts/ 24 KB
24 KB 316ms
314ms Font
font/woff 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-content/themes/curver/fonts/titillium-light-webfont.woff
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 5758d1ad3c6f35962da2c4d2e162cf59ef64dc0954c54171eaa73babbb2af9e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://servicenger.com/blog/wp-content/themes/curver/style.css?ver=5.4.1
Origin: https://servicenger.com

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
content-type: font/woff
status: 200
accept-ranges: bytes
content-length: 24712

GET
H2 200 titillium-semibold-webfont.woff
servicenger.com/blog/wp-content/themes/curver/fonts/ 24 KB
24 KB 316ms
314ms Font
font/woff 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-content/themes/curver/fonts/titillium-semibold-webfont.woff
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 62ff09a8013f9dfc0f7cbefc6feb180c258818e151aff470902f29ef44342f0d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://servicenger.com/blog/wp-content/themes/curver/style.css?ver=5.4.1
Origin: https://servicenger.com

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
content-type: font/woff
status: 200
accept-ranges: bytes
content-length: 24732

GET
H2 200 fa-solid-900.woff2
servicenger.com/blog/wp-content/themes/curver/fonts/ 74 KB
75 KB 316ms
315ms Font
font/woff2 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-content/themes/curver/fonts/fa-solid-900.woff2
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://servicenger.com/blog/wp-content/themes/curver/fonts/all.min.css?ver=5.4.1
Origin: https://servicenger.com

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
content-type: font/woff2
status: 200
accept-ranges: bytes
content-length: 76120

GET
H2 200 titillium-regular-webfont.woff
servicenger.com/blog/wp-content/themes/curver/fonts/ 24 KB
24 KB 310ms
309ms Font
font/woff 216.10.246.5
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://servicenger.com/blog/wp-content/themes/curver/fonts/titillium-regular-webfont.woff
Requested by: Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.10.246.5 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 8daaa4ed16297478af007774febefe6ca3674fda47ed73e913b1b583d34883fb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://servicenger.com/blog/wp-content/themes/curver/style.css?ver=5.4.1
Origin: https://servicenger.com

Response headers

date: Sat, 30 May 2020 13:02:58 GMT
last-modified: Mon, 27 Apr 2020 10:41:52 GMT
server: nginx/1.17.6
x-server-cache: false
content-type: font/woff
status: 200
accept-ranges: bytes
content-length: 24696

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 42 KB
11 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.18

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

/

Resource Hash

d2be7803ce22ea4563d3577bf0d5bfa8de3e85a754cf233a65b8cd34a156807c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 10701
x-xss-protection: 0
pragma: public
x-fb-debug: HTz5kfOfheJv9+viIs8m9kRlF85gVIb/ycbtDO5jzVp0aDlxMws1AfV+sBxx8k76rc+YNoKGZKrXDcf1cpkP4g==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 30 May 2020 13:02:58 GMT, Sat, 30 May 2020 13:02:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 877424239430854 Show response
connect.facebook.net/signals/config/ 517 KB
130 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/877424239430854?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

/

Resource Hash

25ae2e68620356a4ffc02a9e914aa1f3f939e6c972e735b1799f1f18d9aceee2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: JXuwTG5HWgVvoo/+l0Tl8PfKVynrjCYqqEwQyAvlMlR0TbTHVrLQuCU0bRxo8Lm3EyZTqemnqjDUB6Atn8/Xfg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 30 May 2020 13:02:58 GMT, Sat, 30 May 2020 13:02:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=877424239430854&ev=PageView&dl=https%3A%2F%2Fservicenger.com%2Fblog%2Fmobile%2Fandroid-privilege-escalation-techniques%2F&rl=&if=false&ts=1590843778706&sw=1600&sh=1200&v=2.9.18&r=stable&a=wordpress-5.4.1-2.0.2&ec=0&o=30&fbp=fb.1.1590843778705.1781633878&it=1590843778555&coo=false&rqm=GET

Requested by

Host: servicenger.com
URL: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:02:58 GMT, Sat, 30 May 2020 13:02:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 30 May 2020 13:02:58 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
71 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://servicenger.com/blog/mobile/android-privilege-escalation-techniques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarypHrlWSg9gALB1Pyh

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 30 May 2020 13:02:59 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://servicenger.com
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings undefined| $ function| jQuery function| fbq function| _fbq object| addComment object| wp object| twemoji

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.servicenger.com/	1970-01-19 12:03:39	Name: _fbp Value: fb.1.1590843778705.1781633878

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://servicenger.com/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
servicenger.com
www.facebook.com
216.10.246.5
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
08fd176909ca6267ed963a3c9b1af570158d65dfd07a28ae6cd46c354b5fb924
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17ef8d13ba03050b836d6568ccb9f1c24f8f6d7fdd04411aadfd3e506c809dff
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
25ae2e68620356a4ffc02a9e914aa1f3f939e6c972e735b1799f1f18d9aceee2
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
318e51f1a63aefe3af80d932c49fc640e032f373a4bdf4db283fe0b71c13b118
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4e8c5a9cbdcf43b28c56d2e4fa00eecd8019a2db2db875dac2b2b6ca7ada34cf
5758d1ad3c6f35962da2c4d2e162cf59ef64dc0954c54171eaa73babbb2af9e2
5b1b80f6b1e536ce7daf107762d21ea29ee684c5859600e7e2498e3006059cbb
5db1c8dbea75bf172107763852253962fd9a07403c3d8cbb807eb75136f79407
62ff09a8013f9dfc0f7cbefc6feb180c258818e151aff470902f29ef44342f0d
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
8daaa4ed16297478af007774febefe6ca3674fda47ed73e913b1b583d34883fb
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9c29ff6cb8ebb7a83af704c02a235b37fd77ce8cc48d87aaef2bfd9727fbd166
a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c5843a4836523d9da6a9b4e7f6895ab16b6acaff7c0286249e9d7a3167eff483
ccf1d09ac931893c4629b32640e039340c1f26e64978772619cb50b72e229aa9
d2be7803ce22ea4563d3577bf0d5bfa8de3e85a754cf233a65b8cd34a156807c
de54d20ec67beddd1b5050d80ea032494652596617c6d31f297028a7efdab7bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f134232a9a19dd6ab40fd09f335cb368f4441e2573462dea23b6201274d0b70b
f3dce99e558cff8cbd5f975a0a8682e79de9fc5946878229035cf75e09b51215
fa48c41ec842a1b903a3668a5f3740b3c6abcdb6a2127e82bce30211af7931bf