urlscan.io logo urlscan.io
SecurityTrails logo

googleprojectzero.blogspot.com Open in urlscan Pro
2a00:1450:400d:80c::2001  Public Scan

Go To Rescan Add Verdict Report
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Submission: On February 02 via api from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 46 HTTP transactions. The main IP is 2a00:1450:400d:80c::2001, located in Ireland and belongs to GOOGLE, US. The main domain is googleprojectzero.blogspot.com. The Cisco Umbrella rank of the primary domain is 794485.
TLS certificate: Issued by GTS CA 1C3 on January 9th 2023. Valid for: 3 months.
This is the only time googleprojectzero.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)
googleprojectzero.blogspot.com
blogger.googleusercontent.com
13    2a00:1450:400d:805::2009 (Ireland)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
www.blogblog.com
4    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 13976
805 KB
12 blogspot.com
googleprojectzero.blogspot.com — Cisco Umbrella Rank: 794485
47 KB
9 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9181
590 KB
4 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 17263
www.blogblog.com — Cisco Umbrella Rank: 35293
2 KB
4 google.com
apis.google.com — Cisco Umbrella Rank: 92
146 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
1 gstatic.com
fonts.gstatic.com
17 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
455 B
46 8
Domain Requested by
13 blogger.googleusercontent.com googleprojectzero.blogspot.com
12 googleprojectzero.blogspot.com googleprojectzero.blogspot.com
9 www.blogger.com googleprojectzero.blogspot.com
www.blogger.com
apis.google.com
4 apis.google.com googleprojectzero.blogspot.com
apis.google.com
www.blogger.com
3 resources.blogblog.com googleprojectzero.blogspot.com
www.blogger.com
2 www.google-analytics.com googleprojectzero.blogspot.com
www.google-analytics.com
1 www.blogblog.com googleprojectzero.blogspot.com
1 fonts.gstatic.com googleprojectzero.blogspot.com
1 pagead2.googlesyndication.com googleprojectzero.blogspot.com
46 9
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Frame ID: C903A2671F19543F253BD87D1965B69C
Requests: 41 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=4838136820032157985&blogName=Project+Zero&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://googleprojectzero.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://googleprojectzero.blogspot.com/&targetPostID=8346187025361860666&blogPostOrPageUrl=https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html&vt=-6881559437832646763&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
Frame ID: 67AED7A1E1F4712457301E68679FA12B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Project Zero: Windows Exploitation Tricks: Exploiting Arbitrary File Writes for Local Elevation of Privilege

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

46
Requests

100 %
HTTPS

100 %
IPv6

8
Domains

9
Subdomains

6
IPs

2
Countries

1627 kB
Transfer

2222 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request windows-exploitation-tricks-exploiting.html
googleprojectzero.blogspot.com/2018/04/ 		273 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
14c35a48c019282eb8dedcd57046425ea1e4581176067b2964aae570d7597422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
30809
content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 13:49:32 GMT
etag
W/"06b8beaf0314de20fee9532dd69040e006a7d81c0032dba70438c97afc588a4d"
expires
Thu, 02 Feb 2023 13:49:32 GMT
last-modified
Thu, 02 Feb 2023 10:47:12 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 06:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7776
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 13:53:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 02 Feb 2024 06:33:29 GMT
platform.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34733e6f59010024c036b2a25e711808ef85bfcca8e1afd607ba34bfa762bfb6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 13:49:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"d180a2ced31e8f24"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Feb 2023 13:49:32 GMT
image13.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXvmz8B4ID4nH9hJQ0tvME2E2pq_0EjzC7vBBYm7UPBtFJc3RlShmleQ-MJJJW22Ay_Ymz4zR-fIK-lSA20-mj_VV3RRCoOaIhOi72X4xpLBpTO9zxtNKSB59KGc1Qc03QtfDroDNVOzriUzZh... 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXvmz8B4ID4nH9hJQ0tvME2E2pq_0EjzC7vBBYm7UPBtFJc3RlShmleQ-MJJJW22Ay_Ymz4zR-fIK-lSA20-mj_VV3RRCoOaIhOi72X4xpLBpTO9zxtNKSB59KGc1Qc03QtfDroDNVOzriUzZhaLblSFUekMLMDaVgCQySaXz729hqbfbzaD1AwdVA/s600/image13.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e1c3fe321778b934c77edb93ce95bf57c8b91ef133348e1546be1725d978be1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v191"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image13.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54423
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
image11.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirsX_stSv3E2YZBug1l9StyJYA4n2jek6Y-k_gAyTUC9Wh0AujUYlHDkkldJC4YA6bdNpjJ6bLGyrXHqwPsN45qFWwxsrXJ3mxiqAexYJEOS7yy6TGMyyBtPZam3k2AMfevTNlq_80_NSDdvUq... 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirsX_stSv3E2YZBug1l9StyJYA4n2jek6Y-k_gAyTUC9Wh0AujUYlHDkkldJC4YA6bdNpjJ6bLGyrXHqwPsN45qFWwxsrXJ3mxiqAexYJEOS7yy6TGMyyBtPZam3k2AMfevTNlq_80_NSDdvUqzMHdmIIaOOaNvzO8H7dptjO39mSugC4_q2NFzh_1/s600/image11.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0643315d70132a06e5fe24ed66b581b4c0514a84323210fd867cb5b086f27301
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v193"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image11.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84827
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
image1.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhr_r-JDkYCVp05ut7X_LEMsuSrUFXeMSPMB8FnAkCpPqFQtCujPwpMvkmp3BW9jAg6Tmaw8aMVbMiPHqZeMZC9y0e2HETds97DQFXsoFJ5WjwluCDE40d65RKjvPk9heq7qCzWRF5vN4QXg1Y... 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhr_r-JDkYCVp05ut7X_LEMsuSrUFXeMSPMB8FnAkCpPqFQtCujPwpMvkmp3BW9jAg6Tmaw8aMVbMiPHqZeMZC9y0e2HETds97DQFXsoFJ5WjwluCDE40d65RKjvPk9heq7qCzWRF5vN4QXg1YA81FScFoy-WI7JF4G65nEylhNA7jpxJVnd8T4d7p/s600/image1.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
58674e5c92d36938959112e4ff7641994539eead28acc7dcebead7452a0a7ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v195"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image1.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41529
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
image5.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmejLXbVAlYMo31XH0Mbzy2KFzhxyPxQTrO9_4k5n6gIPTP_QjRV50JTs82wdhPc8Agkbz4ONtCc3-ciZ1zc1oEt7hyI3iJZ_TLclmqrCk9w6xcSotuh3RJbqWVWmPIKWDjU9TKVVnxUXqFDI1... 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmejLXbVAlYMo31XH0Mbzy2KFzhxyPxQTrO9_4k5n6gIPTP_QjRV50JTs82wdhPc8Agkbz4ONtCc3-ciZ1zc1oEt7hyI3iJZ_TLclmqrCk9w6xcSotuh3RJbqWVWmPIKWDjU9TKVVnxUXqFDI14CswLDIJCGv9v9nmGb9oX0SLSJHL46HKQbefSgzJ/s600/image5.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a2455fb3c5c967f9e9ee345deb5d0b5cce696817a6ab785c780d11971cc04bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v197"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image5.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27958
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
image8.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvg0WH5cPp3fOq_4HBZrQUEJIsz5X13wYyec0xGNBHpcykfXcy2ldDDP62uJmlqZnZbrixW_44Lu7g6_yqdgmU3jl9GuDEtBxxdemXeqym4mHqrTa4UUaK4RH8hhRPT3WKEvpfBY8EOrKbB_dF... 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvg0WH5cPp3fOq_4HBZrQUEJIsz5X13wYyec0xGNBHpcykfXcy2ldDDP62uJmlqZnZbrixW_44Lu7g6_yqdgmU3jl9GuDEtBxxdemXeqym4mHqrTa4UUaK4RH8hhRPT3WKEvpfBY8EOrKbB_dFC2XyIk0sIyNUWr5L8n1AJPQKqgbNcFt21-_gUJBt/s600/image8.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fcfbacdadd9843c423bb4cd7e9ffffaac0b508331f7e38a5c548876b7c03ca74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v199"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image8.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57455
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
image2.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUx8OWRQzYSfS3_UKVzkemTm3O6DGGBzM8IspRi-j_eCpAuiZC2-wTw9OWa94lgIw9IlHFdIt_OhAWVim-QirI4q11Y0RtSmB6FGVuAEw3QSt2-Gr2XmUPZrYdJFi2guU8osiD6qgysuYbnG-T... 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUx8OWRQzYSfS3_UKVzkemTm3O6DGGBzM8IspRi-j_eCpAuiZC2-wTw9OWa94lgIw9IlHFdIt_OhAWVim-QirI4q11Y0RtSmB6FGVuAEw3QSt2-Gr2XmUPZrYdJFi2guU8osiD6qgysuYbnG-TB5k-uIOHDGXTYAqWSO5FAiLs0UB1cnUtjSNdmog1/s600/image2.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5739ad03a25371339cc51d7ab88b6b292ee257489a32e384446209df3ccf6df8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v19b"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image2.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80168
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
image4.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRTiEVd1Ry6lBwVeHryl9uVZNHQM5iQGnCFpmGOAKrX4ZHZnmww6qlBawpJ9fw2pBkQkDw14BjF249AD8m3wC1TDxwtMZOaRJyNKAv2TdjbXCOnweeMXTkWAXylOJZRmWvPLfR-TTgC9QwtoDH... 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRTiEVd1Ry6lBwVeHryl9uVZNHQM5iQGnCFpmGOAKrX4ZHZnmww6qlBawpJ9fw2pBkQkDw14BjF249AD8m3wC1TDxwtMZOaRJyNKAv2TdjbXCOnweeMXTkWAXylOJZRmWvPLfR-TTgC9QwtoDH0IAWFm7X5xopsrL93xhOqkDxR8gVrQiyQydgBGcF/s600/image4.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aa2ed33599b45dd9ebc9e0e7436e78da3da1abc91b7bb75e9c4a151831736113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v19f"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image4.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42151
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
image9.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjIVTuK4qymBKeqmIwWXLYS7t1ezT2EX7zcVez9I821uPZPN-3mYazemCExdWsL93nGW43nByMq1mAAPnWF85VPtiPExQzvwGCfVYKI1TJyKvRGCfzRXSmmjU21DB-7K3xTyXFgeduglreJDTiN... 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjIVTuK4qymBKeqmIwWXLYS7t1ezT2EX7zcVez9I821uPZPN-3mYazemCExdWsL93nGW43nByMq1mAAPnWF85VPtiPExQzvwGCfVYKI1TJyKvRGCfzRXSmmjU21DB-7K3xTyXFgeduglreJDTiNO4OZLKJvTgKpSZ03DtCy-AzrQKwLz9yrAQDnwqWf/s600/image9.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
634a7e3648fdc9e851e62f8412ab9ce801d6acdf345e54f0eea5c63c7dcfdba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v19f"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image9.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68274
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
image7.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgii3bacEynuKvdhHZmFUWvnVddXWWD5_1hSNUXkeIMA0oCTqgtcw9awoTjQwizxLXB76DJBGvABimU_HxmyusFPshW7wh8oUPaL6uDJ9PARtB6KxQ4QnwFKtN2J1dkzrhKXpbxqYFmpPeyPN-F... 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgii3bacEynuKvdhHZmFUWvnVddXWWD5_1hSNUXkeIMA0oCTqgtcw9awoTjQwizxLXB76DJBGvABimU_HxmyusFPshW7wh8oUPaL6uDJ9PARtB6KxQ4QnwFKtN2J1dkzrhKXpbxqYFmpPeyPN-Fz0l4OjRatG4pRfNOVwsg_aWGJm4YFOzCP3zsukC-/s600/image7.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7ae93763c21afc380180835754fa877f700741466dec6b7a7109683ffcdf504a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v19f"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image7.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94074
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
image3.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi13zX5HxiZohI2lre27NwWH1ZxR_iKsa9BSlwDBJZwKddHrFVhNYwgO7Mn0PXdOi5nj0QPxOlvu9yw-1UfCT1jd73MeerFCSqoWyTf1Y44jcFpPyrjFfoEjLIJWA0wdmuLOpoSJVGMLmI_hlTz... 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi13zX5HxiZohI2lre27NwWH1ZxR_iKsa9BSlwDBJZwKddHrFVhNYwgO7Mn0PXdOi5nj0QPxOlvu9yw-1UfCT1jd73MeerFCSqoWyTf1Y44jcFpPyrjFfoEjLIJWA0wdmuLOpoSJVGMLmI_hlTzKz06mrfks6jAAWTl6PzxDEkwodtSXP3nC-CU0XvM/s600/image3.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9275ae7a783c0be897456eda63150a0f96be8732282d6b3c81d7d08e72af4d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v1a1"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image3.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89774
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
image12.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjC8JiiS_3zM_KZZRvATsUQtXmD4vGn3HnY_KWPeBEuWwO8uVUNgFRFOiaTd0Wi_BF5r7jz6NgNwDfCmEiMVWkfeTZA7ekb7Vr4xNv2Sdpec24Vq2iaJUTm1-VtsCcGpbLnxFu7z422ksnO8j3Y... 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjC8JiiS_3zM_KZZRvATsUQtXmD4vGn3HnY_KWPeBEuWwO8uVUNgFRFOiaTd0Wi_BF5r7jz6NgNwDfCmEiMVWkfeTZA7ekb7Vr4xNv2Sdpec24Vq2iaJUTm1-VtsCcGpbLnxFu7z422ksnO8j3Y15V8JSyQVRIkEVLlVmBVypLyj__i2qAHxzgL45lD/s600/image12.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
336f34b820f7d38c29a284758e2755667b4a6ca2dcc6177bd39cb38815800ec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v1a3"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image12.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67607
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
image10.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjS0iqZILKHMOSsdFSDVRYqjqV2k7WHMqsZp9IYrcahF3zpLlPBD8p_hM6Thjkkm0JVmSa_d1EkgtJkzbHVMRBtcvj-CeV6Ip1NU_f4EtcLJK6Oz3a4A1uDmPIBFnqtT-LdbWFUoTX8VwuUlAQN... 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjS0iqZILKHMOSsdFSDVRYqjqV2k7WHMqsZp9IYrcahF3zpLlPBD8p_hM6Thjkkm0JVmSa_d1EkgtJkzbHVMRBtcvj-CeV6Ip1NU_f4EtcLJK6Oz3a4A1uDmPIBFnqtT-LdbWFUoTX8VwuUlAQNxr3n5JWdqRcXB1F-G01Kk3N8gkchKBKlxKJnjs3L/s600/image10.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7f658a22f8432dd41b3efa9e7ed0618a21a2787d3c24c4cb321223a854b3c210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v1a5"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image10.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39605
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
image6.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwBitIhP3gnCniZfE0rovCV-St1QFVkPR9za5vIBwZHD6ja0fb-JdXacUlPzzYkk9-6RqkmPHmdGOVpGQUI3kbDKldqzRRCSs_8y8pGsoLyvhtcwSbRWYRk7Ew2gtKEYhLgQ31sY_PuMa1OZq6... 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwBitIhP3gnCniZfE0rovCV-St1QFVkPR9za5vIBwZHD6ja0fb-JdXacUlPzzYkk9-6RqkmPHmdGOVpGQUI3kbDKldqzRRCSs_8y8pGsoLyvhtcwSbRWYRk7Ew2gtKEYhLgQ31sY_PuMa1OZq6i8VSil-w_lMjr5p0GnxLRJpBBBWT1XViTuNQgm2b/s600/image6.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0c65844f40fcede4e2e4dd36edb3bcafb1ee0208efe453d1cbbfa4a794944c40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v1a6"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="image6.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74543
x-xss-protection
0
expires
Fri, 03 Feb 2023 13:49:33 GMT
icon18_edit_allbkg.gif
resources.blogblog.com/img/ 		162 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_edit_allbkg.gif
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 13:40:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 30 Jan 2023 04:53:50 GMT
server
sffe
age
259740
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 06 Feb 2023 13:40:32 GMT
3469866930-comment_from_post_iframe.js
www.blogger.com/static/v1/jsbin/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12b91cbf31131a10b1fc2aa05047c027caeac0d6e0ca5deadf418fff63d68082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:51:01 GMT
x-content-type-options
nosniff
age
248311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17447
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 03:49:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 30 Jan 2024 16:51:01 GMT
cookienotice.js
googleprojectzero.blogspot.com/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleprojectzero.blogspot.com/js/cookienotice.js
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 17:16:43 GMT
x-content-type-options
nosniff
age
419569
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6513
x-xss-protection
0
last-modified
Sat, 28 Jan 2023 14:49:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 04 Feb 2023 17:16:43 GMT
1149436903-widgets.js
www.blogger.com/static/v1/widgets/ 		153 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1149436903-widgets.js
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0be22b96c9fb0154d3a4efd00097bb97c624446c4246ee389fee0e3bf4b5ffad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:11:58 GMT
x-content-type-options
nosniff
age
2254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156534
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 22:51:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 02 Feb 2024 13:11:58 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 12:54:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3282
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 02 Feb 2023 14:54:50 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4838136820032157985&zx=2a94a388-0139-4601-9b56-a784566491b4
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Thu, 02 Feb 2023 13:49:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 13:49:32 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ 		179 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4de0c639402f753e4ce8774bacf84a2a92dbec34534fd680c3540f635552e8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 22:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60729
x-xss-protection
0
last-modified
Sat, 07 Jan 2023 15:19:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Jan 2024 22:29:42 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 17:58:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
71444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Feb 2023 17:58:48 GMT
share_buttons_20_3.png
www.blogger.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/share_buttons_20_3.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 23:24:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 30 Jan 2023 15:51:51 GMT
server
sffe
age
224687
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5080
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 06 Feb 2023 23:24:45 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleprojectzero.blogspot.com/
Origin
https://googleprojectzero.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 16:07:18 GMT
x-content-type-options
nosniff
age
596534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jan 2024 16:07:18 GMT
paging_dot.png
www.blogblog.com/1kt/simple/ 		99 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogblog.com/1kt/simple/paging_dot.png
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e3869a752d8d7cfad487a6f4e2def12daa851373a9cce97dcc4a96523501dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 15:42:51 GMT
x-content-type-options
nosniff
last-modified
Thu, 26 Jan 2023 02:53:00 GMT
server
sffe
age
598001
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 02 Feb 2023 15:42:51 GMT
/
googleprojectzero.blogspot.com/ 		571 B
354 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleprojectzero.blogspot.com/?action=getTitles&widgetId=BlogArchive1&widgetType=BlogArchive&responseType=js&path=https%3A%2F%2Fgoogleprojectzero.blogspot.com%2F2023
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0682ebf861b2d89e5a499ce73256f1069e531a0d5df97a905cdd6fd9827766c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 10:47:12 GMT
server
GSE
etag
"2a94a388-0139-4601-9b56-a784566491b4"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 13:49:33 GMT
collect
www.google-analytics.com/j/ 		2 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=847136801&t=pageview&_s=1&dl=https%3A%2F%2Fgoogleprojectzero.blogspot.com%2F2018%2F04%2Fwindows-exploitation-tricks-exploiting.html&ul=en-us&de=UTF-8&dt=Project%20Zero%3A%20Windows%20Exploitation%20Tricks%3A%20Exploiting%20Arbitrary%20File%20Writes%20for%20Local%20Elevation%20of%20Privilege&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1294286114&gjid=1679936566&cid=1110389046.1675345773&tid=UA-240546891-1&_gid=1621044160.1675345773&_r=1&_slc=1&z=102712757
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleprojectzero.blogspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 13:49:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://googleprojectzero.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
navbar.g
www.blogger.com/ Frame 67AE 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=4838136820032157985&blogName=Project+Zero&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://googleprojectzero.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://googleprojectzero.blogspot.com/&targetPostID=8346187025361860666&blogPostOrPageUrl=https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html&vt=-6881559437832646763&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e2abe52c476eddc180fcf05fe972e56fce03d38baf3deb46505db275cd74838
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleprojectzero.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2676
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 13:49:32 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4838136820032157985&zx=2a94a388-0139-4601-9b56-a784566491b4
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Thu, 02 Feb 2023 13:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 13:49:33 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 67AE 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=4838136820032157985&blogName=Project+Zero&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://googleprojectzero.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://googleprojectzero.blogspot.com/&targetPostID=8346187025361860666&blogPostOrPageUrl=https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html&vt=-6881559437832646763&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b04130b467e99434f0fb6dfab008b6b3a45a769e415a2c279fd33211381f132
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 13:49:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"79ab95d7605f8093"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Feb 2023 13:49:33 GMT
icons_peach.png
resources.blogblog.com/img/navbar/ Frame 67AE 		907 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/icons_peach.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=4838136820032157985&blogName=Project+Zero&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://googleprojectzero.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://googleprojectzero.blogspot.com/&targetPostID=8346187025361860666&blogPostOrPageUrl=https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html&vt=-6881559437832646763&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 11:44:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Feb 2023 18:53:01 GMT
server
sffe
age
7512
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
907
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 09 Feb 2023 11:44:21 GMT
arrows-light.png
resources.blogblog.com/img/navbar/ Frame 67AE 		117 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/arrows-light.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=4838136820032157985&blogName=Project+Zero&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://googleprojectzero.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://googleprojectzero.blogspot.com/&targetPostID=8346187025361860666&blogPostOrPageUrl=https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html&vt=-6881559437832646763&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 14:34:00 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Jan 2023 05:53:57 GMT
server
sffe
age
515733
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 03 Feb 2023 14:34:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ Frame 67AE 		132 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42f517b3a4cebf14bbe5a56955ccc06f82104d7d6e7430a5a4c8f104e12026a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 11:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
526237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45325
x-xss-protection
0
last-modified
Sat, 07 Jan 2023 15:19:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 11:38:56 GMT
/
googleprojectzero.blogspot.com/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleprojectzero.blogspot.com/?action=getTitles&widgetId=BlogArchive1&widgetType=BlogArchive&responseType=js&path=https%3A%2F%2Fgoogleprojectzero.blogspot.com%2F2022
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7ad09ac98ab03f6e7469655d303970f2927fcccdce7917418effb59b64ae2061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 10:47:12 GMT
server
GSE
etag
"2a94a388-0139-4601-9b56-a784566491b4"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1023
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 13:49:33 GMT
2678123480-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 		35 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/v-css/2678123480-lightbox_bundle.css
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1149436903-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fadbf46a35a66cfd5d6a034520f2dc057100d46ab01a85d6ce482877f43438b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 02:04:12 GMT
x-content-type-options
nosniff
age
128721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36186
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 23:23:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 01 Feb 2024 02:04:12 GMT
3933162793-lbx.js
www.blogger.com/static/v1/jsbin/ 		368 KB
368 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/jsbin/3933162793-lbx.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1149436903-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2009 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f7baf3444a5682eef4e2f61a3412c05fa85a3d9e2b6bc2b614d617f4a5e4e91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 02:04:12 GMT
x-content-type-options
nosniff
age
128721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
376411
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 23:23:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 01 Feb 2024 02:04:12 GMT
/
googleprojectzero.blogspot.com/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleprojectzero.blogspot.com/?action=getTitles&widgetId=BlogArchive1&widgetType=BlogArchive&responseType=js&path=https%3A%2F%2Fgoogleprojectzero.blogspot.com%2F2021
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
87ad593af93cf9c61a525f2353d144f9e39424c2728faa357827170c2665605b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 10:47:12 GMT
server
GSE
etag
"2a94a388-0139-4601-9b56-a784566491b4"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1144
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 13:49:34 GMT
/
googleprojectzero.blogspot.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleprojectzero.blogspot.com/?action=getTitles&widgetId=BlogArchive1&widgetType=BlogArchive&responseType=js&path=https%3A%2F%2Fgoogleprojectzero.blogspot.com%2F2020
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9d7c1c980d3e8021bcec0116026bee6635e0c66e104211b7c1268727b9b7a6b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 10:47:12 GMT
server
GSE
etag
"2a94a388-0139-4601-9b56-a784566491b4"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1594
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 13:49:34 GMT
/
googleprojectzero.blogspot.com/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleprojectzero.blogspot.com/?action=getTitles&widgetId=BlogArchive1&widgetType=BlogArchive&responseType=js&path=https%3A%2F%2Fgoogleprojectzero.blogspot.com%2F2019
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
35282020832822a7abaefe2a8e07e0dda06d97775400bb07c184d1034c4fee6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 10:47:12 GMT
server
GSE
etag
"2a94a388-0139-4601-9b56-a784566491b4"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1238
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 13:49:34 GMT
/
googleprojectzero.blogspot.com/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleprojectzero.blogspot.com/?action=getTitles&widgetId=BlogArchive1&widgetType=BlogArchive&responseType=js&path=https%3A%2F%2Fgoogleprojectzero.blogspot.com%2F2018
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
311b90faf91944f8dcad10a0e608c1050075e779cd89abfc403b68c368cbb273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 10:47:12 GMT
server
GSE
etag
"2a94a388-0139-4601-9b56-a784566491b4"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1015
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 13:49:34 GMT
/
googleprojectzero.blogspot.com/ 		3 KB
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleprojectzero.blogspot.com/?action=getTitles&widgetId=BlogArchive1&widgetType=BlogArchive&responseType=js&path=https%3A%2F%2Fgoogleprojectzero.blogspot.com%2F2017
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c4dd25289b33f18cb5a2c98436e6453e66e774d01d18dae07c83f555acfbf28b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 10:47:12 GMT
server
GSE
etag
"2a94a388-0139-4601-9b56-a784566491b4"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
951
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 13:49:35 GMT
/
googleprojectzero.blogspot.com/ 		3 KB
896 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleprojectzero.blogspot.com/?action=getTitles&widgetId=BlogArchive1&widgetType=BlogArchive&responseType=js&path=https%3A%2F%2Fgoogleprojectzero.blogspot.com%2F2016
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6544fa005c9004d767ab0261e458b11ad721d0319955fc42e270be33ffd37b01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 10:47:12 GMT
server
GSE
etag
"2a94a388-0139-4601-9b56-a784566491b4"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
876
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 13:49:35 GMT
/
googleprojectzero.blogspot.com/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleprojectzero.blogspot.com/?action=getTitles&widgetId=BlogArchive1&widgetType=BlogArchive&responseType=js&path=https%3A%2F%2Fgoogleprojectzero.blogspot.com%2F2015
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d2c0ffc5de0b2e8a73ab6ff0f7254dd82f28d91731b865a5f3f285c1c2445de1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 10:47:12 GMT
server
GSE
etag
"2a94a388-0139-4601-9b56-a784566491b4"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1558
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 13:49:35 GMT
/
googleprojectzero.blogspot.com/ 		2 KB
689 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleprojectzero.blogspot.com/?action=getTitles&widgetId=BlogArchive1&widgetType=BlogArchive&responseType=js&path=https%3A%2F%2Fgoogleprojectzero.blogspot.com%2F2014
Requested by
Host: googleprojectzero.blogspot.com
URL: https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cf2024816eeb53936e472640c165bc639ec4cca1cc0a48797e9bf6dba4eb1859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleprojectzero.blogspot.com/2018/04/windows-exploitation-tricks-exploiting.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 10:47:12 GMT
server
GSE
etag
"2a94a388-0139-4601-9b56-a784566491b4"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
669
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 13:49:35 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange string| GoogleAnalyticsObject function| ga object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl function| BLOG_CMT_createIframe object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow boolean| google_empty_script_included function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_739348 object| cookieChoices

3 Cookies

Domain/Path Name / Value
.googleprojectzero.blogspot.com/ Name: _ga
Value: GA1.3.1110389046.1675345773
.googleprojectzero.blogspot.com/ Name: _gid
Value: GA1.3.1621044160.1675345773
.googleprojectzero.blogspot.com/ Name: _gat_blogger
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
blogger.googleusercontent.com
fonts.gstatic.com
googleprojectzero.blogspot.com
pagead2.googlesyndication.com
resources.blogblog.com
www.blogblog.com
www.blogger.com
www.google-analytics.com
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:831::200e
2a00:1450:400d:805::2009
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2001
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0643315d70132a06e5fe24ed66b581b4c0514a84323210fd867cb5b086f27301
0682ebf861b2d89e5a499ce73256f1069e531a0d5df97a905cdd6fd9827766c2
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0be22b96c9fb0154d3a4efd00097bb97c624446c4246ee389fee0e3bf4b5ffad
0c65844f40fcede4e2e4dd36edb3bcafb1ee0208efe453d1cbbfa4a794944c40
12b91cbf31131a10b1fc2aa05047c027caeac0d6e0ca5deadf418fff63d68082
14c35a48c019282eb8dedcd57046425ea1e4581176067b2964aae570d7597422
1e2abe52c476eddc180fcf05fe972e56fce03d38baf3deb46505db275cd74838
1e3869a752d8d7cfad487a6f4e2def12daa851373a9cce97dcc4a96523501dba
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
311b90faf91944f8dcad10a0e608c1050075e779cd89abfc403b68c368cbb273
336f34b820f7d38c29a284758e2755667b4a6ca2dcc6177bd39cb38815800ec5
34733e6f59010024c036b2a25e711808ef85bfcca8e1afd607ba34bfa762bfb6
35282020832822a7abaefe2a8e07e0dda06d97775400bb07c184d1034c4fee6a
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3b04130b467e99434f0fb6dfab008b6b3a45a769e415a2c279fd33211381f132
42f517b3a4cebf14bbe5a56955ccc06f82104d7d6e7430a5a4c8f104e12026a2
5739ad03a25371339cc51d7ab88b6b292ee257489a32e384446209df3ccf6df8
58674e5c92d36938959112e4ff7641994539eead28acc7dcebead7452a0a7ebd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
634a7e3648fdc9e851e62f8412ab9ce801d6acdf345e54f0eea5c63c7dcfdba0
6544fa005c9004d767ab0261e458b11ad721d0319955fc42e270be33ffd37b01
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
7ad09ac98ab03f6e7469655d303970f2927fcccdce7917418effb59b64ae2061
7ae93763c21afc380180835754fa877f700741466dec6b7a7109683ffcdf504a
7f658a22f8432dd41b3efa9e7ed0618a21a2787d3c24c4cb321223a854b3c210
87ad593af93cf9c61a525f2353d144f9e39424c2728faa357827170c2665605b
9275ae7a783c0be897456eda63150a0f96be8732282d6b3c81d7d08e72af4d67
9d7c1c980d3e8021bcec0116026bee6635e0c66e104211b7c1268727b9b7a6b3
9f7baf3444a5682eef4e2f61a3412c05fa85a3d9e2b6bc2b614d617f4a5e4e91
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2455fb3c5c967f9e9ee345deb5d0b5cce696817a6ab785c780d11971cc04bbd
aa2ed33599b45dd9ebc9e0e7436e78da3da1abc91b7bb75e9c4a151831736113
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c4dd25289b33f18cb5a2c98436e6453e66e774d01d18dae07c83f555acfbf28b
c4de0c639402f753e4ce8774bacf84a2a92dbec34534fd680c3540f635552e8a
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf2024816eeb53936e472640c165bc639ec4cca1cc0a48797e9bf6dba4eb1859
d2c0ffc5de0b2e8a73ab6ff0f7254dd82f28d91731b865a5f3f285c1c2445de1
e1c3fe321778b934c77edb93ce95bf57c8b91ef133348e1546be1725d978be1c
fadbf46a35a66cfd5d6a034520f2dc057100d46ab01a85d6ce482877f43438b1
fcfbacdadd9843c423bb4cd7e9ffffaac0b508331f7e38a5c548876b7c03ca74