www.pwntester.com Open in urlscan Pro
2606:4700:30::681c:537  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/	13 KB 5 KB	219ms 167ms	Document text/html	2606:4700:30::681c:537 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol HTTP/1.1 Server 2606:4700:30::681c:537 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 410447aff8907e4652adaf8e1bcf90119fa0da877cb30be67db3c735ab0bba7c Request headers Host www.pwntester.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 Nov 2019 06:40:27 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d6bb2b3ceb47b38827acdf8cdc65cbf081574059227; expires=Tue, 17-Nov-20 06:40:27 GMT; path=/; domain=.pwntester.com; HttpOnly Last-Modified Thu, 24 Oct 2019 20:43:12 GMT Access-Control-Allow-Origin * Expires Mon, 18 Nov 2019 06:50:27 GMT Cache-Control max-age=600 X-Proxy-Cache MISS X-GitHub-Request-Id 461A:2ACA:55EB9:750D6:5DD23CDB Via 1.1 varnish Age 0 X-Served-By cache-hhn4067-HHN X-Cache MISS X-Cache-Hits 0 X-Timer S1574059228.833789,VS0,VE97 Vary Accept-Encoding X-Fastly-Request-ID 334eb17f94ac84a4f749824032cad9745b99779e CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 5377f3fdafd159fa-VIE Content-Encoding gzip
GET H/1.1	200 OK	main-rendered.min.css www.pwntester.com/styles/	22 KB 6 KB	396ms 395ms	Stylesheet text/css	2606:4700:30::681c:537 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.pwntester.com/styles/main-rendered.min.css Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol HTTP/1.1 Server 2606:4700:30::681c:537 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash f0eb46842b32fccbb1741c8c57306a4fd8826b7e5e46e36dd782f0181a3d3aed Request headers Referer http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-Fastly-Request-ID fba75c9248c139b5c9d5e23f4be9568839d1c269 Date Mon, 18 Nov 2019 06:40:28 GMT Content-Encoding gzip CF-Cache-Status MISS X-Cache MISS Connection keep-alive Content-Length 5316 Via 1.1 varnish X-Served-By cache-hhn4073-HHN Last-Modified Thu, 24 Oct 2019 20:43:12 GMT Server cloudflare X-GitHub-Request-Id B12C:4E2D:26E382:33113B:5DD23CDC X-Timer S1574059228.989758,VS0,VE349 ETag W/"5db20ce0-5854" Vary Accept-Encoding Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Expires Mon, 18 Nov 2019 06:50:28 GMT Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5377f3fec89859fa-VIE X-Proxy-Cache MISS X-Cache-Hits 0
GET H2	200	css fonts.googleapis.com/	2 KB 561 B	18ms 15ms	Stylesheet text/css	2a00:1450:4001:820::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lobster Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 2877f94e91cf9654c17da5c848599e3422e57337037c804d0dc8b9d119156d31 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://www.pwntester.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Mon, 18 Nov 2019 06:40:27 GMT server ESF access-control-allow-origin * date Mon, 18 Nov 2019 06:40:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin x-xss-protection 0 expires Mon, 18 Nov 2019 06:40:27 GMT
GET H/1.1	200 OK	avatar.jpeg www.pwntester.com/images/	17 KB 18 KB	252ms 236ms	Image image/jpeg	2606:4700:30::681c:537 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.pwntester.com/images/avatar.jpeg Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol HTTP/1.1 Server 2606:4700:30::681c:537 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 1f6ed6560de0643d2d27b067053665a321fb000175d6fc8e6db42d19aaed4761 Request headers Referer http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-Fastly-Request-ID 2b1dc6607030ea840e3fad05c25b5802e7b2b433 Date Mon, 18 Nov 2019 06:40:28 GMT Via 1.1 varnish CF-Cache-Status MISS X-Cache MISS Connection keep-alive Content-Length 17443 X-Served-By cache-hhn4058-HHN Last-Modified Thu, 24 Oct 2019 20:43:12 GMT Server cloudflare X-GitHub-Request-Id DCCE:015E:246D95:2FA8ED:5DD23CDB X-Timer S1574059228.012072,VS0,VE173 ETag "5db20ce0-4423" Vary Accept-Encoding Content-Type image/jpeg Access-Control-Allow-Origin * Expires Mon, 18 Nov 2019 06:50:28 GMT Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5377f3fede75cbac-VIE X-Proxy-Cache MISS X-Cache-Hits 0
GET H/1.1	200 OK	grey-prism.svg www.pwntester.com/images/	7 KB 2 KB	156ms 141ms	Image image/svg+xml	2606:4700:30::681c:537 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.pwntester.com/images/grey-prism.svg Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol HTTP/1.1 Server 2606:4700:30::681c:537 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash d3825b0ace9b9b3ee20ef336633e486efdc951ae02b5f1c731c1fdca22373a67 Request headers Referer http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-Fastly-Request-ID c833674c7d57879be6075b430952e3e24f84fa80 Date Mon, 18 Nov 2019 06:40:28 GMT Content-Encoding gzip CF-Cache-Status MISS X-Cache MISS Connection keep-alive Content-Length 1284 Via 1.1 varnish X-Served-By cache-hhn4051-HHN Last-Modified Thu, 24 Oct 2019 20:43:12 GMT Server cloudflare X-GitHub-Request-Id 0CC6:1AFE:26D0EE:32A08E:5DD23CDB X-Timer S1574059228.008858,VS0,VE90 ETag W/"5db20ce0-1de6" Vary Accept-Encoding Content-Type image/svg+xml Access-Control-Allow-Origin * Expires Mon, 18 Nov 2019 06:50:28 GMT Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5377f3feed6c597c-VIE X-Proxy-Cache MISS X-Cache-Hits 0
GET H2	200	medium-zoom.min.js Show response cdn.jsdelivr.net/npm/medium-zoom@1.0.2/dist/	9 KB 3 KB	8ms 7ms	Script application/javascript	2a04:4e42:1b::621 Fastly
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/medium-zoom@1.0.2/dist/medium-zoom.min.js Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 1845f5edf6a4ff8114d88b86641171a044c7ec8ae0814f5d01a3b0ae1a2b7b62 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://www.pwntester.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-cache HIT, HIT status 200 date Mon, 18 Nov 2019 06:40:27 GMT content-length 2957 x-served-by cache-ams21047-AMS, cache-hhn4076-HHN etag W/"23e2-JKGntxlmvbF+R7eey9kpkrQ5vy4" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	video-js.min.css cdn.jsdelivr.net/npm/video.js@7.3.0/dist/	35 KB 10 KB	10ms 9ms	Stylesheet text/css	2a04:4e42:1b::621 Fastly
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/video.js@7.3.0/dist/video-js.min.css Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 9ae8eacf58c6f1d8dc071a099ef7ef4c88d1c73ef2e71369cd8d7cc7c6aee5c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://www.pwntester.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-cache HIT, HIT status 200 date Mon, 18 Nov 2019 06:40:27 GMT content-length 9673 x-served-by cache-ams21025-AMS, cache-hhn4076-HHN etag W/"8c9e-BlrI27Rf+Bz0oHnzQsQCLV+8vn4" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	devmode-1.png www.pwntester.com/images/octopress/	32 KB 32 KB	160ms 160ms	Image image/png	2606:4700:30::681c:537 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.pwntester.com/images/octopress/devmode-1.png Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol HTTP/1.1 Server 2606:4700:30::681c:537 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash fa6523ccf67cc8c378cd6458bb833ae7c8420a05df29cc477e18120acecc28dd Request headers Referer http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-Fastly-Request-ID 7e7b997c8cfd9d5fe8c19e3c470a824b56b06287 Date Mon, 18 Nov 2019 06:40:28 GMT Via 1.1 varnish CF-Cache-Status MISS X-Cache MISS Connection keep-alive Content-Length 32357 X-Served-By cache-hhn4047-HHN Last-Modified Thu, 24 Oct 2019 20:43:12 GMT Server cloudflare X-GitHub-Request-Id 75B4:091F:3DAB5:55BCA:5DD23CDB X-Timer S1574059228.237879,VS0,VE99 ETag "5db20ce0-7e65" Vary Accept-Encoding Content-Type image/png Access-Control-Allow-Origin * Expires Mon, 18 Nov 2019 06:50:28 GMT Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5377f40059c9cbac-VIE X-Proxy-Cache MISS X-Cache-Hits 0
GET H/1.1	200 OK	devmode-2.png www.pwntester.com/images/octopress/	199 KB 199 KB	176ms 176ms	Image image/png	2606:4700:30::681c:537 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.pwntester.com/images/octopress/devmode-2.png Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol HTTP/1.1 Server 2606:4700:30::681c:537 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 068635591a43cc3e94451ab32764132e6a20f6797b61a9432416fa6c1ae6f694 Request headers Referer http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-Fastly-Request-ID 486f55b759d2c9db5959ad0fce8847d5c1cfc978 Date Mon, 18 Nov 2019 06:40:28 GMT Via 1.1 varnish CF-Cache-Status MISS X-Cache MISS Connection keep-alive Content-Length 203518 X-Served-By cache-hhn4032-HHN Last-Modified Thu, 24 Oct 2019 20:43:12 GMT Server cloudflare X-GitHub-Request-Id CCF4:385C:227252:2D541E:5DD23CDB X-Timer S1574059228.307101,VS0,VE91 ETag "5db20ce0-31afe" Vary Accept-Encoding Content-Type image/png Access-Control-Allow-Origin * Expires Mon, 18 Nov 2019 06:50:28 GMT Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5377f400ce43597c-VIE X-Proxy-Cache MISS X-Cache-Hits 0
GET H/1.1	200 OK	email-decode.min.js Show response www.pwntester.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	13ms 13ms	Script application/javascript	2606:4700:30::681c:537 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.pwntester.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol HTTP/1.1 Server 2606:4700:30::681c:537 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 Nov 2019 06:40:28 GMT Content-Encoding gzip Last-Modified Wed, 13 Nov 2019 14:26:54 GMT Server cloudflare X-Frame-Options SAMEORIGIN ETag W/"5dcc12ae-4d7" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=172800, public Transfer-Encoding chunked Connection keep-alive CF-RAY 5377f3ffcdd4597c-VIE Expires Wed, 20 Nov 2019 06:40:28 GMT
GET H2	200	smooth-scroll.min.js Show response cdn.jsdelivr.net/npm/smooth-scroll@15.0.0/dist/	5 KB 2 KB	6ms 6ms	Script application/javascript	2a04:4e42:1b::621 Fastly
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/smooth-scroll@15.0.0/dist/smooth-scroll.min.js Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 7ef03a98cd50705b7d42ebc72ed9e036fe13e6d6c7d20d859eb227fa18259c91 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://www.pwntester.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-cache HIT, HIT status 200 date Mon, 18 Nov 2019 06:40:28 GMT content-length 2385 x-served-by cache-ams21051-AMS, cache-hhn4076-HHN etag W/"15ba-DDcuEBFLNPdlUP5d7Gm3rzgxu/s" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	video.min.js Show response cdn.jsdelivr.net/npm/video.js@7.3.0/dist/	465 KB 129 KB	9ms 7ms	Script application/javascript	2a04:4e42:1b::621 Fastly
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/video.js@7.3.0/dist/video.min.js Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 16d37702560216d44315d4081be5ccec9824177098cb30e4cac4d1df8194208e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://www.pwntester.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-cache HIT, HIT status 200 date Mon, 18 Nov 2019 06:40:28 GMT content-length 132183 x-served-by cache-ams21029-AMS, cache-hhn4076-HHN etag W/"74265-e2GRj15b9z2fpjmYVXeY2DyRHBI" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	MathJax.js Show response cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.5/	62 KB 18 KB	21ms 20ms	Script application/javascript	2606:4700::6811:4004 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.5/MathJax.js?config=TeX-AMS-MML_HTMLorMML Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 9ef249bfdc162849bcf2abe8425f5e90bd89fa4fd1588b1a492731c65b2bbfc9 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://www.pwntester.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 18 Nov 2019 06:40:28 GMT content-encoding br cf-cache-status HIT age 10692952 cf-ray 5377f4016ce58c80-VIE status 200 strict-transport-security max-age=15780000; includeSubDomains alt-svc h3-23=":443"; ma=86400 last-modified Fri, 20 Jul 2018 06:00:50 GMT server cloudflare etag W/"5b517a92-f82c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sat, 07 Nov 2020 06:40:28 GMT cache-control public, max-age=30672000 timing-allow-origin * served-in-seconds 0.007
GET H/1.1	200 OK	index.min.js Show response www.pwntester.com/scripts/	2 KB 1 KB	133ms 132ms	Script application/javascript	2606:4700:30::681c:537 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.pwntester.com/scripts/index.min.js Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol HTTP/1.1 Server 2606:4700:30::681c:537 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash dc4b95025dfd82863aaef771db6a6c57c583c43091360985c2bbd17d4fb6cea3 Request headers Referer http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-Fastly-Request-ID 0bede084e7cf21da642e52996239b17f81633e8d Date Mon, 18 Nov 2019 06:40:28 GMT Content-Encoding gzip CF-Cache-Status MISS X-Cache MISS Connection keep-alive Content-Length 714 Via 1.1 varnish X-Served-By cache-hhn4074-HHN Last-Modified Thu, 24 Oct 2019 20:43:12 GMT Server cloudflare X-GitHub-Request-Id 50C4:3290:2CE2F:4071E:5DD23CDC X-Timer S1574059228.170148,VS0,VE90 ETag W/"5db20ce0-697" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Expires Mon, 18 Nov 2019 06:50:28 GMT Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 5377f3ffede3597c-VIE X-Proxy-Cache MISS X-Cache-Hits 0
GET H2	200	font_174169_qmgvd10zwbf.woff at.alicdn.com/t/	6 KB 6 KB	65ms 6ms	Font application/octet-stream	47.246.43.252 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://at.alicdn.com/t/font_174169_qmgvd10zwbf.woff Requested by Host: www.pwntester.com URL: http://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 47.246.43.252 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 3a254e88f97e5c1e6217b8d3f9a5178c39c67f6ebf6aaa51d154919d3082a335 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://www.pwntester.com/styles/main-rendered.min.css Origin http://www.pwntester.com Response headers date Fri, 25 Jan 2019 10:01:22 GMT via cache60.l2de1[0,200-0,H], cache7.l2de1[1,0], cache10.de2[0,200-0,H], cache11.de2[0,0] x-oss-request-id 5C4ADE7297475E330EC5A504 content-md5 f9vRz+p8G5h6cQvtYLhghA== age 25648746 x-cache HIT TCP_MEM_HIT dirn:11:283384455 status 200 x-swift-cachetime 48056819 x-swift-savetime Thu, 18 Jul 2019 04:54:23 GMT content-length 5976 x-oss-object-type Normal last-modified Tue, 13 Nov 2018 07:01:03 GMT server Tengine etag "7FDBD1CFEA7C1B987A710BED60B86084" ali-swift-global-savetime 1548410483 content-type application/octet-stream access-control-allow-origin * cache-control max-age=63072000 x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 17778183737645363895 eagleid 2ff62b9f15740592284478757e x-oss-server-time 59
GET H2	200	TeX-AMS-MML_HTMLorMML.js Show response cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.5/config/	239 KB 66 KB	21ms 20ms	Script application/javascript	2606:4700::6811:4004 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.5/config/TeX-AMS-MML_HTMLorMML.js?V=2.7.5 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.5/MathJax.js?config=TeX-AMS-MML_HTMLorMML Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash f380ca5d5257b34fc5f0e4cccd7e1447dd3dfa3b65e06ed23f2a4f6af17e19f0 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://www.pwntester.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 18 Nov 2019 06:40:28 GMT content-encoding br cf-cache-status HIT age 12451399 cf-ray 5377f4026d5a8c80-VIE status 200 strict-transport-security max-age=15780000; includeSubDomains alt-svc h3-23=":443"; ma=86400 last-modified Fri, 20 Jul 2018 06:00:50 GMT server cloudflare etag W/"5b517a92-3bc8f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sat, 07 Nov 2020 06:40:28 GMT cache-control public, max-age=30672000 timing-allow-origin * served-in-seconds 0.021
GET BLOB	200 OK	0546c1b1-8cad-45cd-9bd9-4c01bf3c5323 http://www.pwntester.com/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:http://www.pwntester.com/0546c1b1-8cad-45cd-9bd9-4c01bf3c5323 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/video.js@7.3.0/dist/video.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| mediumZoom function| SmoothScroll object| html object| body object| menuToggle object| menuIcon object| siteMenu object| socialMenu object| toTopBtn object| zoomables function| randomErrorEmoji number| lastPosition boolean| ticking object| MathJax object| vttjs function| WebVTT function| videojs

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pwntester.com/	1970-01-19 13:59:55	Name: __cfduid Value: d6bb2b3ceb47b38827acdf8cdc65cbf081574059227

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.alicdn.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
www.pwntester.com
2606:4700:30::681c:537
2606:4700::6811:4004
2a00:1450:4001:820::200a
2a04:4e42:1b::621
47.246.43.252
068635591a43cc3e94451ab32764132e6a20f6797b61a9432416fa6c1ae6f694
16d37702560216d44315d4081be5ccec9824177098cb30e4cac4d1df8194208e
1845f5edf6a4ff8114d88b86641171a044c7ec8ae0814f5d01a3b0ae1a2b7b62
1f6ed6560de0643d2d27b067053665a321fb000175d6fc8e6db42d19aaed4761
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2877f94e91cf9654c17da5c848599e3422e57337037c804d0dc8b9d119156d31
3a254e88f97e5c1e6217b8d3f9a5178c39c67f6ebf6aaa51d154919d3082a335
410447aff8907e4652adaf8e1bcf90119fa0da877cb30be67db3c735ab0bba7c
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7ef03a98cd50705b7d42ebc72ed9e036fe13e6d6c7d20d859eb227fa18259c91
9ae8eacf58c6f1d8dc071a099ef7ef4c88d1c73ef2e71369cd8d7cc7c6aee5c9
9ef249bfdc162849bcf2abe8425f5e90bd89fa4fd1588b1a492731c65b2bbfc9
d3825b0ace9b9b3ee20ef336633e486efdc951ae02b5f1c731c1fdca22373a67
dc4b95025dfd82863aaef771db6a6c57c583c43091360985c2bbd17d4fb6cea3
f0eb46842b32fccbb1741c8c57306a4fd8826b7e5e46e36dd782f0181a3d3aed
f380ca5d5257b34fc5f0e4cccd7e1447dd3dfa3b65e06ed23f2a4f6af17e19f0
fa6523ccf67cc8c378cd6458bb833ae7c8420a05df29cc477e18120acecc28dd