urlscan.io logo urlscan.io
SecurityTrails logo

www.ired.team Open in urlscan Pro
104.18.1.81  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Effective URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Submission: On August 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 70 HTTP transactions. The main IP is 104.18.1.81, located in and belongs to CLOUDFLARENET, US. The main domain is www.ired.team.
TLS certificate: Issued by WE1 on June 24th 2024. Valid for: 3 months.
This is the only time www.ired.team was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 63 104.18.1.81 13335 (CLOUDFLAR...)
2 104.18.25.61 13335 (CLOUDFLAR...)
3 104.18.0.81 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 104.18.24.61 13335 (CLOUDFLAR...)
70 6
63    104.18.1.81 (None, )

ASN13335 (CLOUDFLARENET, US)
www.ired.team
2    104.18.25.61 (None, )

ASN13335 (CLOUDFLARENET, US)
integrations.gitbook.com
app.gitbook.com
3    104.18.0.81 (None, )

ASN13335 (CLOUDFLARENET, US)
386337598-files.gitbook.io
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    104.18.24.61 (None, )

ASN13335 (CLOUDFLARENET, US)
api.gitbook.com
Apex Domain
Subdomains		 Transfer
63 ired.team
www.ired.team
1 MB
4 gitbook.com
integrations.gitbook.com — Cisco Umbrella Rank: 319969
app.gitbook.com — Cisco Umbrella Rank: 135006
api.gitbook.com — Cisco Umbrella Rank: 126437
7 KB
3 gitbook.io
386337598-files.gitbook.io
568 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
101 KB
70 5
Domain Requested by
63 www.ired.team 2 redirects www.ired.team
3 386337598-files.gitbook.io www.ired.team
2 api.gitbook.com www.ired.team
1 app.gitbook.com www.ired.team
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com integrations.gitbook.com
1 integrations.gitbook.com www.ired.team
70 7

This site contains links to these domains. Also see Links.

Domain
www.gitbook.com
twitter.com
gist.github.com
policies.google.com
Subject Issuer Validity Valid
www.ired.team
WE1		 2024-06-24 -
2024-09-22		 3 months crt.sh
gitbook.com
WE1		 2024-07-12 -
2024-10-10		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
gitbook.io
WE1		 2024-06-09 -
2024-09-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Frame ID: 82C521573F5E90A680EC9FE1B8743CBC
Requests: 69 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Using MSBuild to Execute Shellcode in C# | Red Team Notes

Page URL History Show full URLs

  1. http://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c HTTP 307
    https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

70
Requests

97 %
HTTPS

33 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

1912 kB
Transfer

4311 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c HTTP 307
    https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-LbdtHN2SuDKgSnn9ehL%252F-LbdvOdWap7ZLXXIH0ZJ%252FPeek%25202019-04-04%252020-57.gif%3Falt%3Dmedia%26token%3D40330c47-89cf-48ac-8b1f-99dec494b085&width=768&dpr=1&quality=100&sign=f7976f99&sv=1 HTTP 302
  • https://386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LbdtHN2SuDKgSnn9ehL%2F-LbdvOdWap7ZLXXIH0ZJ%2FPeek%202019-04-04%2020-57.gif?alt=media&token=40330c47-89cf-48ac-8b1f-99dec494b085
Request Chain 38
  • https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-LbdtHN2SuDKgSnn9ehL%252F-LbdvOdWap7ZLXXIH0ZJ%252FPeek%25202019-04-04%252020-57.gif%3Falt%3Dmedia%26token%3D40330c47-89cf-48ac-8b1f-99dec494b085&width=768&dpr=4&quality=100&sign=f7976f99&sv=1 HTTP 302
  • https://386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LbdtHN2SuDKgSnn9ehL%2F-LbdvOdWap7ZLXXIH0ZJ%2FPeek%202019-04-04%2020-57.gif?alt=media&token=40330c47-89cf-48ac-8b1f-99dec494b085

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request using-msbuild-to-execute-shellcode-in-c
www.ired.team/offensive-security/code-execution/
Redirect Chain
  • http://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
  • https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
548 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3423f91835ed4a89b6e047010d3812ac2a94eb8c899502af715313d11a881aea
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'nonce-ZDllMDg4OTQtMmQ0MS00YTRkLWIzOTktMDhmZDU0ZWEyZWVk' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, s-maxage=86340, stale-if-error=0
cache-tag
release-10.9.822,site_gkbDu,site:site_gkbDu
cf-cache-status
DYNAMIC
cf-placement
local-FRA
cf-ray
8ac8128ece5d5c6e-FRA
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'nonce-ZDllMDg4OTQtMmQ0MS00YTRkLWIzOTktMDhmZDU0ZWEyZWVk' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
content-type
text/html; charset=utf-8
date
Thu, 01 Aug 2024 19:00:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LGyAvDYClV%2BwDefCb4kpdEoxrtSc1jPe5ZKdLEs6iFFSWpSlPHrYGtxEoxZ4hnO2xCcUyWKBNwEBr%2FoGIcMJgho5B6%2FsELKi1fpzAUqNqmj8MtPNbARIwfQEDVSecAQZydUWoGX%2BcsgfZQmt7tFA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
x-content-type-options
nosniff
x-edge-runtime
1
x-gitbook-cache
miss
x-gitbook-cache-tag
release-10.9.822,site_gkbDu,site:site_gkbDu
x-gitbook-version
d7ec2b5
x-matched-path
/[[...pathname]]

Redirect headers

Location
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Non-Authoritative-Reason
HttpsUpgrades
image
www.ired.team/~gitbook/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia&width=32&dpr=1&quality=100&sign=30f7a879&sv=1
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da8a159a110fd85f6169ed8e00deb31746090de2ee75829eb52e0669eb5b2833
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
age
22095
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
content-length
2882
cf-placement
local-FRA
cf-resized
internal=ok/h q=0 n=49+2 c=0+1 v=2024.7.0 l=2882
last-modified
Fri, 11 Mar 2022 05:32:10 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
x-matched-path
/~gitbook/image
etag
"cfoXKDdJgtkMwd988FhqEmHA5t1Aktvf7HnOXifZxSDQ:2965c5f978755802debc0291c5574853"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rF6Sa%2BD7gCXAOzx92jP1XOYAiNbr9LGXSiAGUr4vLFnxogeW0d1HYoHbIMoXLKsvrdhuz1NzgBg5l%2FESkoUAkgik9OE5urs4kZVIK5dez%2B%2FE%2B5991%2BO7cW5CEilm6Oz6R3WcJeawk7JkGLkOzmsq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ac812964f095c6e-FRA
priority
u=5;i,cf-chb=(177;u=5;i=?0)
ed75bc153c499642.css
www.ired.team/_next/static/css/ 		88 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/css/ed75bc153c499642.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c6ca28e3f7427eec2d1a09311b77d9c05d0ccb662f90bc6b1f0f5ed83e0045a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45986
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"22b5896a05610bf2a9639a2f50d6741c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNJZH3a8qVh%2BKX%2FCbqjXXYIJ6SHhc4%2B05el6H2xWhZWah37230fUcUxe6ZP1fr1WYMMeSB84CZFeJax8qymwYZy7fZk9nXpuusRcQMhP1BuJTHqrWK80B32yN4rZY%2FF1y60isymXUeyBLcOlA6Qo"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f0b5c6e-FRA
b9d4de855d30ec1d.css
www.ired.team/_next/static/css/ 		113 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/css/b9d4de855d30ec1d.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4383f3ca7a4887be8d1ca7a83786d16bdf0dae69713d768487701525dba1f8fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885332
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"97ba35e7397d407a38767a641d9e033b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D7JKIcO1uE4GUxuxr407tPpCuU20gN8163gILZBfekxtIcnLEk6Rr%2BPUmDOSEoXpGQAaPtWvhxkWezxPA29HGGgR5YDSQVw1QrZLFu06RXE%2F3m7jPixuBIJoe2gC%2BWFxEtIisN0XJCRX81jmytSa"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f0d5c6e-FRA
9788c0e64943a60e.css
www.ired.team/_next/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/css/9788c0e64943a60e.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd9b31a8aa192ee4e9a4fb9a3533db3690e23ed3116ac24223c890fb4995d52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885332
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e15abe3b82b8285377554956d408b342"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4OyQbb5TJVuIipbJsqi3KgEllmUgH68%2B80htW4%2FF%2FEuAOZyclI3KIt4vcwtXK3lKGhb0e6xMV9UIugcMqPW%2BmXJ%2BelNrb6a9Rq4PRt8qMB%2Fa9qI22%2Bvcpqs%2Bh1VLZlhucaK9cipZVPGBOyctSX%2Ft"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f0e5c6e-FRA
7a9c2d78b5e93503.css
www.ired.team/_next/static/css/ 		103 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/css/7a9c2d78b5e93503.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6876de2c0705adab60d8623fcabb16b146f4dffdae739226f0bcc51e1ba5109
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642680
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"dace39e2a94aeb67298ebf772b03b7ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o5t2JP1WmKmyb3PMsxHn4r%2BKua88A7eZ6yBVdSsoOoCeQPPJgs%2FsS3xnwi%2FVNvCvqNdXK9n6gx97BhsFf3bRv7DNE0dFCkWlJQnC8k5F9Qv8ySxzrOv5YkMfvAPzDt6x2F%2FRRpcf8MSiii6qXoNP"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f105c6e-FRA
3fe48cabb38955f2.css
www.ired.team/_next/static/css/ 		108 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/css/3fe48cabb38955f2.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9854f2635a5be987cec46e99edd00b155801124ff89362e18c95e2b28f25f030
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642680
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"5eea292c637973812528eaee21cd87c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pWaFv5DspZMxYyBnS0CucIyGOsGYMzkO3vEMDzktvycrDcSFl9auKKRt7jCnYXtaHFtnZMKPI6qKNNQNvkw%2BetXk6xPvHZLTNXdwcdomY3OPdLOBcCdrGH0IEvUBQ9YwtuhPrbP%2BtX54NBK8Gs6M"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f115c6e-FRA
webpack-b68d8b1074df2abd.js
www.ired.team/_next/static/chunks/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/webpack-b68d8b1074df2abd.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7169f589657644aecacdc6fbefcac6368d84eb538e9eed72caad26f06140d4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45986
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"769c7fb2972e3d3e6a88c91e35ca96d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7wbSiEn2NcvyyuiiJu57mj%2BfRfiS1VvRmU9phZFeCU5qWfYSkZ2etOzgqFfRKgdeXwJ2WS6mTwHKrTtIlIJ9ktDZaKygbCiVYG%2FIEh3b9cA8Fac2TVf7Q6cgjsruIUr8FOqcZyoJ6NKczTooict"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f145c6e-FRA
1dd3208c-be983e9332503385.js
www.ired.team/_next/static/chunks/ 		168 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/1dd3208c-be983e9332503385.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18bbaf771380dee334f57f8f10f5e5742aa38eead5a05616fdfc6fb6bcdacc94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
462858
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"0bc764cad08d8889e100ccf23b10d393"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=alfHvEuV1SjQMVvmwyZrI4DBUMkmsm2hL8lpB2Ee1PAgIm6bXd%2BfZDdi2cGZMt8omsd7fMUl%2FvAgR138yOXU7yU%2BncIvGo29KE6B4lBGRZ7l9aRfoatwIFbWHvxLxk2Dz6bt9GeNDpmLkbKJ1hKX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f175c6e-FRA
9297-f3eccea4ea14abf3.js
www.ired.team/_next/static/chunks/ 		162 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d86216f11387785c097b321e492fda46668e30a3e14f3ecdf8152a4e713b4b5e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885332
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2f272cd38b5549a01bdfecd9e9752638"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHtq4qOrM5qpnO%2FZ8yPc95T2VFg2TaXIIvAmXuqr8GZtI%2FDiYMDj1k%2BYOFgNsYEuzZN2eiFTDrHP4avKt1nsLjq4QSas6RFCfTIStX4faCArysY4okgah1W0oyYg87jbzbicg9mCJz6H1Ckv0JUc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f185c6e-FRA
main-app-8acc5534d63d9b66.js
www.ired.team/_next/static/chunks/ 		979 B
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/main-app-8acc5534d63d9b66.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b83621d3dfae776dda1c82033ba0db6a6fe48c273c46d66ff11e21e2c9d7516
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45986
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ccca03aa6e22195ced4633f2e650b800"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2BMO4g%2FvegQVksKho5FT7NzPzGAirjJklWWDD6wVO74vDcAJDA51Q%2B5sxlj5eGJuZW8th2bwX8JrufcjGSvlWQdioMiZ7O%2BURjQa7nqyDOt8UjGwdRGCDCZwNhgxICCYKzpShVIUfE%2FliGLTtIbU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f1c5c6e-FRA
global-error-fb32fca0ade143dc.js
www.ired.team/_next/static/chunks/app/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/app/global-error-fb32fca0ade143dc.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5347ee59ae08cf34c7c71a064b788c03d9ec9e6e2c8be07a63f904156f68712f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885332
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"a56db3d7fc50fcdaf413f55d682739f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w1WymejC5Cs9vdBeCRcDIK8FmY19Zw%2FXryuxufEL2mWDmyWrintI7pfyC9sYuJuzZwjDopJqKxqoLCNIYRf3%2FUbXzGPcKdIDrfI7tH6zqwD4gdR1yJ9vDKBkI%2FbABo5Jf9t9UGfqvJE40YYCCLgH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f1e5c6e-FRA
b5d5b83b-50e242a0019abc1b.js
www.ired.team/_next/static/chunks/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/b5d5b83b-50e242a0019abc1b.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d6b8eab4e14b589c126c9b2131d39ebcc5e59f6729cb8700fd692c56a029e12
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885332
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"247ec431a7de14aec2994348c8401efd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yBi5D0yq%2Fds9iNqSDJxyLsxNbz1EcwLfgsDCl2wbOrkQ%2F25BY%2BVAQw6bWWB79hnIa6atom3nyuRIi4AK3Dfobuibtl0zEpcU4o6VOi4pYDr1ROJI82npctaqf22PIE3SA2BudLY3uL1mQmw9FxYS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f1f5c6e-FRA
8041-39d7cacda46bd1fd.js
www.ired.team/_next/static/chunks/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/8041-39d7cacda46bd1fd.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a98f235a4474bd00250e4d2c827496432d6e848fb722f62b3f6a31fa504f5a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642680
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"75576155b8143953657718bb87569f07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnJuoZWAI%2Bibz%2FsGf6DJgVeGHNcJPrmUAt%2BJcnrC1HfCx%2BmCSLgLoAVLHjroEup0PENaJKkL6NLBPIiGNqGzHe0H7mILwnRILUHGEDpc8MfCgXktv%2B00U7g%2FfPwbDHmhx%2Fqhjt%2F9ZLzozgcv945L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f235c6e-FRA
9658-f6b5423552e90c65.js
www.ired.team/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/9658-f6b5423552e90c65.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23378b7c548130c2781eb7fe837aaf87771057f4b07f1bcac213af2c2a0c2632
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885332
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"d1f7fbf4109716de92fbcaaab8bba837"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C4g3Acb%2FOLdaFYM6kBwlfxrTT6JkZHhw8G6u%2BpmrsrBinwsoBfopyY8h5kmHTHJC5oDAhsn2Ib7h%2FqYP1e6JZvW8KdyFh9GXZD2J5h7XgsH6WXFuoGRGj8UXMrfXsPhC5PnVB213He134SLfa8Bq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f255c6e-FRA
layout-7ef2e40297ace04e.js
www.ired.team/_next/static/chunks/app/(space)/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/app/(space)/layout-7ef2e40297ace04e.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
815b4cc512e59e2aaeb6f509d075cca7eec4926e56ac02925059f72c9a7b2c31
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45986
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"a7ed44cd22a746c7af0957d578656cc5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TgfkdHmbUA7Wg5J8QrgAAfJTqsjUzSRqEOt%2FjfbR3yu%2BF%2FDmmHuVSIrDFE13faQ8XdXPSSAiUC8m6zDKBjBvBVpL0kZh3VrTWBNJtEb1BNICzlHc27lyxdfWAMXuExlBUX0M5ICoc9MOIeXOsEC7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f275c6e-FRA
error-0586e6623f4790f0.js
www.ired.team/_next/static/chunks/app/(space)/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/app/(space)/error-0586e6623f4790f0.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ac2f080bbb40f863c4131684fff62a14a94ec4fc5f8befeab9fb75d271102e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642680
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7ecfb9a4f26c4bd690bac3cbe18a3a98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wuTQnR6A5C1kJv8LPN2qrFMBnqex2aaM47cVaNqaWHiZhb5GX34ETYoATeWhoBfUgdvDJLJNrorjnnhIDxQFEKPIsIvum9CVgSqfXwdmN5vsfSGfT96I1FQLd8Q3892JlScqaFmjrpOJDWZqkg6q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f285c6e-FRA
339-d1fe13e12cfd6d9a.js
www.ired.team/_next/static/chunks/ 		300 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/339-d1fe13e12cfd6d9a.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9994c8681d06be53cdcd4d762e6ee3cc5186230b92526d08d08d1308961becc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642680
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"066d8a35d7ad3c11208ec6cca501f12f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P39DHeJg5gTK5zgjoBLHymXOpqs5AAQI%2BIa14yO2t9anxbe9oJ%2BvKHBLu8U%2Bxtgadtg7tsYOQQCifwDZ0kXkEsDk21KdMeUjlilk%2B0oVAybwjbuK0MGl%2BzYw3GXsUnlXIgFLZTIDwzE51I0h%2FkRf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f295c6e-FRA
5810-30abd17002efe9e2.js
www.ired.team/_next/static/chunks/ 		139 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/5810-30abd17002efe9e2.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc85beb0bcf60b05d3ab44f8de402b014c7af9430f49db17eaaf959f3476d5a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885332
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"fad6a2d798bf3cc16b520b72a82fe8f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZepAPFIs4hUxWfkpZQ%2FTo%2F6inpEbY58QVfPty%2BUXT0%2FBrR2Kl2r3vDC27PfOV5svrrdyL8%2BSnsRESs412KTAqNU3%2FQUf7L8zVdZTmSR7VNTVJvabk4pzuD2P6CFKOZBtiRP4Vwx9jBdNEUIxgDju"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f2b5c6e-FRA
8390-95889667ae2a0528.js
www.ired.team/_next/static/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/8390-95889667ae2a0528.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6714e670578b87c0dd665674661c66c0b7cabe4331da23ec1bd5d992bc38ac00
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
624726
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"3a6762c81927b51d53c55c4b84638d8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHH6j5OrSsfOEUSIAhgp42%2FJEhZ0xfrWmo1HT4W9mkHGeOqP4wi9p8CDV8jHLp7XPrrVGJfql3oA36S%2FNzkjeQpYvLgCBz6%2FlW21Id3NEvAHSt8vwU3zkDeaBA9EJpXcgpA5Hiz0VbIWJ9raWOce"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f2c5c6e-FRA
132-510ddc716fcc679e.js
www.ired.team/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/132-510ddc716fcc679e.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00ab55e6a2788467e93c9b821d05d91120fe88cf33ffa9609d0ce5a385c8d844
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885332
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"33b1b158c390723f6a532aa6adc10d3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8poz4MMosR96iiVdM4CET7dxpuD7ckm3Vvi6twugkSqB%2BFXDkL82DOzbIuspIS3n40htkkEs57JJ6U7Bvk5ZHu2Qax7r%2F91JtewsRRMK1LOOHGtMa2Fuv%2Fx%2FAjF89hT5lJD%2B6qW1mW25e8UTRkq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f2f5c6e-FRA
layout-59931ad6b9362f39.js
www.ired.team/_next/static/chunks/app/(space)/(content)/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/app/(space)/(content)/layout-59931ad6b9362f39.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53ea9f6375a845061b9dd17c0c993669097dc44b7b932c4f5df949f9009980bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46430
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e78011e581c3512fb004884335c21513"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oWlrw8ceHMWTJb1PbSVMcIJTR%2Fas8IExCHv3Mqvh4lzxtH50iCw0yJWjvQfhEOoUsIKvAHqQYiznnpEoTarVT6mFHe8lmb6MfQ4OrgyuyUhlnsz5zVC4UZaDDaX3U%2FTdu4taDoEgxN2h7fNeW%2Fa1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f305c6e-FRA
loading-dce89470a41df777.js
www.ired.team/_next/static/chunks/app/(space)/(content)/%5B%5B...pathname%5D%5D/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/app/(space)/(content)/%5B%5B...pathname%5D%5D/loading-dce89470a41df777.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e942a40ecb51b28f18a197ad6cad72b75ed228eca2f37b3acd9320738b176b9c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
641234
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"569e9a28a7208f87d9bf4b0129151a1e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qgG5JB1ODpyZSAFuBhbHk2fHW5uI1kG0RQ9wL1tKKPDUNDi3oZ7lFWMPAjz97vEaTZ2cP%2B%2BziX3llNlcTN9fSd95oZxU8FxyMNflF9bXyBacHjHuKjyrpkSzItyWNrL1rU%2Fk%2FR5DASW%2Bo1ujBo5Z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f315c6e-FRA
script.js
integrations.gitbook.com/v1/integrations/googleanalytics/installations/91ab123619a8c25b8ddcb773e172ebd6fb8b9cbb4d90be791ae93d971c59503c/sites/site_gkbDu/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://integrations.gitbook.com/v1/integrations/googleanalytics/installations/91ab123619a8c25b8ddcb773e172ebd6fb8b9cbb4d90be791ae93d971c59503c/sites/site_gkbDu/script.js?version=145.0
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8492b879d895b5d8d66b754a5c5f4c9bab5597fcc6ad653bdcb5288450261545

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
via
magic cache
cf-cache-status
HIT
age
109222
x-magic-hash
b146fd114dc79d7e52cab62fe7301eb269e72b07b6dd831d828b333e8b45e0fc
x-cache
HIT
x-release
gitbook-x-prod-10.9.822-20737e897462910039b4752c0d2494f08d42a928-10179991071
alt-svc
h3=":443"; ma=86400
content-length
1017
server
cloudflare
etag
W/"92f-zg1A2DfeAF08JEhDmYcxq3GinuM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
34ed35f7824179b58df25e24e7b81d09
cache-control
max-age=604800
access-control-allow-credentials
true
function-execution-id
pcwaoaxt2pqn
accept-ranges
bytes
cf-ray
8ac81296aed39b1f-FRA
7235-f53aca4aaa75d87a.js
www.ired.team/_next/static/chunks/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/7235-f53aca4aaa75d87a.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28161812df9c51064f930b9854306b025000df8441cfb838e1a03ff4d7bad723
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
641234
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"b3fd792c769001de6eacf772831045e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ht71d8cj%2FtOA5yhGxs8cpGVsAv2PJC2A5IH4u%2FzhIuU9M%2BDuRDpOkMwbnrJwI9GV3co9d6NdUTWYAzP1uuDoVpwFn7pfqb%2Blch2WDIaomLw4ArRo6RYxfsA8vTMcq9kQfHnBaKCRGXBvx9NCezw%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f355c6e-FRA
3692-21fb69fe908f900d.js
www.ired.team/_next/static/chunks/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/3692-21fb69fe908f900d.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c43850c3e88539e35c8211e66da4eed93fddb5286cda9ef1ea6448aeefb8f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
641234
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"6268a4c1a75622ebc04ed562b536fbe0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fONCWwKj%2BXnxJ8yulKg%2FXQGUXTebz2puU9i5EBC4j%2B8yXFv0QDW9EKiB9TiIKFyi0ftortZ%2FNOft%2FGHV4DgeahzO6tiiDd7LRGnbNOtNjv6HcNpz3YYmYUcT0auW%2FG4rArrirCDFciwHfu0Kgy%2FV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f365c6e-FRA
2304-758810516004d068.js
www.ired.team/_next/static/chunks/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/2304-758810516004d068.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e60c9ae11c0f6c6014661d611473551f727b5df4edd8e520a50845a7a54e3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
547925
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"51b8e07a02b1b962395ff552326be3a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pqXNTYBF4VZgu3PpvWmm0FmR8rzjqxW1Fppf9iqdY7wf9WEvu8LX%2F7j1Ieopz5ex6ennFzz00xlecK9z86ivgT6LwTBo8csC9vk%2BZ6PNd56aFRs8il1Al8y0nwFNIcsA9ChHR38t6o18XukLWoVg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f375c6e-FRA
64-3b527308c4d47fe5.js
www.ired.team/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/64-3b527308c4d47fe5.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56bfca12641be0d54db65dc82d1c005bcd52008c3a3c39ac484961826ec18d42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642680
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"dc5b4790785e5fabc660466b069d4fd2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ezzB9kyvD4qSKJmkdSpNlTP0zUPrMAPGDDXAWA3FGyJwmbzsMNf3pb%2F5S7b%2FPR8OgYkbdFY5MkTRG2fsGiefnPVmzQMJLGuWxbMS%2Bi8z2JXqWGZLmTGNNOvm2dT9tAmDbmTHOKoZTtX3v0W4gU6c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f395c6e-FRA
page-c7428df66868c6ff.js
www.ired.team/_next/static/chunks/app/(space)/(content)/%5B%5B...pathname%5D%5D/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/chunks/app/(space)/(content)/%5B%5B...pathname%5D%5D/page-c7428df66868c6ff.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab92b2943ccf9319b7c46f76a542eebb8578a621160f1e23732ae918b427bf4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
547925
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"92b69b602c81973063bb7c7ed4ea50c3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hsVK9hMLTUp%2FW2t1m8Q6Z7YqRug%2BN1SGFBglbnSMfpFsOP7ypZiGhDwMfIvEVaZitmbY4MIyWWV%2FpjWMASfvaCZVKFEm4Dwd7wf6aSot2g5zCiWtkt0HDkiC85xobOGQ6aLDH%2BrvY3IAiS%2F07m8M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8ac812964f3b5c6e-FRA
image
www.ired.team/~gitbook/ 		504 KB
505 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-LbdtHN2SuDKgSnn9ehL%252F-LbduVJDrfRCCGKEcWuV%252FScreenshot%2520from%25202019-04-04%252020-53-21.png%3Falt%3Dmedia%26token%3D10c925be-fc41-4233-a2b9-697968046f86&width=768&dpr=1&quality=100&sign=47255409&sv=1
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
984a458087a34d4f3230007a2c1020b32700fe54f1d344281513339ba12dd8b8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-gitbook-cache
miss
alt-svc
h3=":443"; ma=86400
content-length
516058
cf-placement
local-FRA
cf-resized
internal=ok/h q=0 n=53+336 c=0+0 v=2024.6.0 l=516058
last-modified
Fri, 11 Mar 2022 14:22:56 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
x-matched-path
/~gitbook/image
etag
"cflX8cb7M-2PAKHVqIVQhDI5zVK-ChRTP4It8jXA90DQ:b77c81ed17edcfeba5c0c41d95c7248c"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ghbjYpafeTbrVrzZl53w2KPnA%2FU%2BHdc87rDDYnnP0sS6AFCYsuE8Rqka5f97QSo5DtnvUKjcpjDjEJJpi0AsWKefvRRPXzoMnNOMsyvHL5keT8a3ZAFfjn42UCAlQzL4vPNTvPfYcQM%2BsEyrIIuH"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ac8129708005c6e-FRA
image
www.ired.team/~gitbook/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-LbdtHN2SuDKgSnn9ehL%252F-LbdufQ1oTcTIYAkZKAv%252FScreenshot%2520from%25202019-04-04%252020-54-14.png%3Falt%3Dmedia%26token%3D85fe682f-c893-41e8-b86f-1fce2e54fe31&width=768&dpr=1&quality=100&sign=fce3ace7&sv=1
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21282cb8ab54747b427db0c930a8e23318504394a2a004bd5bcf46af1523b66f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
age
100949
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
content-length
50707
cf-placement
local-FRA
cf-resized
internal=ok/h q=0 n=72+269 c=0+0 v=2024.6.0 l=50707
last-modified
Fri, 11 Mar 2022 14:20:18 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
x-matched-path
/~gitbook/image
etag
"cfy01W-G3j5rdPdOIsDD8JohkcK-ChRTP4It8jXA90DQ:eb7390136845a59fe08ce6db2bce7158"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qWMZhlcmvBJ5HcyuGg2sVXKnUjRxVwWaLclw%2BRI9ZYgh7OxJ%2B75HJ8yXeoOOL4OjnKcXugJ7rdPctekxEvj0bfHz4SAShLBkH5GvlXvyY%2B94Ii0fM%2FMZQmcMP00fjmXGoKASWL2zjZhjyzi4hAGK"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ac8129708035c6e-FRA
assets%2F-LFEMnER3fywgFHoroYn%2F-LbdtHN2SuDKgSnn9ehL%2F-LbdvOdWap7ZLXXIH0ZJ%2FPeek%202019-04-04%2020-57.gif
386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/
Redirect Chain
  • https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-LbdtHN2SuDKgSnn9ehL%252F-L...
  • https://386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LbdtHN2SuDKgSnn9ehL%2F-LbdvOdWap7ZLXXIH0ZJ%2FPeek%202019-04-04%2020-57.gif?alt=media&token=40...
553 KB
554 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LbdtHN2SuDKgSnn9ehL%2F-LbdvOdWap7ZLXXIH0ZJ%2FPeek%202019-04-04%2020-57.gif?alt=media&token=40330c47-89cf-48ac-8b1f-99dec494b085
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Server
104.18.0.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
dbd5656c1c9e123989fe36f2661bfb438d34ffb188bf2fa482b1fd675d13ce9b
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.822;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.822;
age
437172
x-guploader-uploadid
AHxI1nN_jPnS2J6M39W2QE9o3iCOPMDSVGA5x0uszCvByjazJkdygI5VKxBTboFOYU7XtOoZHrs
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''Peek%202019-04-04%2020-57.gif
x-goog-meta-height
1364
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
etag
"d69a56bb0a0b092cbbb264c87456be4c"
vary
Accept-Encoding
x-goog-generation
1647008269811744
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-meta-firebasestoragedownloadtokens
40330c47-89cf-48ac-8b1f-99dec494b085
expires
Sun, 27 Jul 2025 17:34:31 GMT
date
Thu, 01 Aug 2024 19:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=584067, status=cannot_optimize
x-powered-by
GitBook
x-goog-storage-class
STANDARD
x-goog-metageneration
2535
x-goog-meta-x-goog-reserved-source-generation
1554412770492384
alt-svc
h3=":443"; ma=86400
content-length
566502
last-modified
Fri, 11 Mar 2022 14:17:49 GMT
server
cloudflare
x-goog-hash
crc32c=Xlu2Iw==, md5=1ppWuwoLCSy7smTIdFa+TA==
x-goog-meta-width
2507
x-goog-stored-content-length
584067
accept-ranges
bytes
cf-ray
8ac8129bdd3f2c25-FRA

Redirect headers

date
Thu, 01 Aug 2024 19:00:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/~gitbook/image
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L3kUQfahoVgtNrLc%2F5Al3pxE3%2FakCqyENOb9w6tze1N40SGsYnnrvR%2B3N0cANY83%2FpGI1ln1Q%2FNg426Rei%2FgtTsISHxYx%2BR6tHprTRqnZYVIRpLdKtEFaUn4Vk2N9g2XNQiop7wbLeXpBorCMC1g"}],"group":"cf-nel","max_age":604800}
location
https://386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LbdtHN2SuDKgSnn9ehL%2F-LbdvOdWap7ZLXXIH0ZJ%2FPeek%202019-04-04%2020-57.gif?alt=media&token=40330c47-89cf-48ac-8b1f-99dec494b085
x-gitbook-cache
skip
cf-ray
8ac8129738375c6e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
cf-placement
local-FRA
js
www.googletagmanager.com/gtag/ 		302 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M18PXXHRCQ
Requested by
Host: integrations.gitbook.com
URL: https://integrations.gitbook.com/v1/integrations/googleanalytics/installations/91ab123619a8c25b8ddcb773e172ebd6fb8b9cbb4d90be791ae93d971c59503c/sites/site_gkbDu/script.js?version=145.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7c716d0e2dc7da7ccf1e893b980b3bb49ac3e7d80acaf91f4469c7d118263d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102919
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Aug 2024 19:00:43 GMT
6ebb97b5c9fa4e03-s.woff2
www.ired.team/_next/static/media/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/media/6ebb97b5c9fa4e03-s.woff2
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/css/ed75bc153c499642.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/_next/static/css/ed75bc153c499642.css
Origin
https://www.ired.team
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45987
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
content-length
13408
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"ee7b9b9c47166e05c79c8cbafadecf85"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OUIuC5IHiuq0uGV3uV103n1fxJA6N8bAQ261glhFTZ0FC4MhPNykmtk3qUvaXXrPf4EWQ4RdPaQrMhS%2BcrBIFLW%2FQMpxAwQl0AVCAuG3TB7oppdfO%2F%2BEHBpnRsupm5ZjCm%2Bhe4yKdjFz2bbQRCUL"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8ac81298fa095c6e-FRA
120a5a1920781bd0-s.woff2
www.ired.team/_next/static/media/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/media/120a5a1920781bd0-s.woff2
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/css/ed75bc153c499642.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/_next/static/css/ed75bc153c499642.css
Origin
https://www.ired.team
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45987
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
content-length
13388
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"afa13337fcac5295198bac158ca5d0bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uagURIgh9JP%2BGSJgaLlayKB7pOqFYyyUFuqAO1Au0uC%2BRanvNGo05Bt9p18mkEudWlzUf4pvRJCtAZnP7xkn1xB773LbKT4ZSB4ZmiNi4go4NqyMpLeCT4QudZFJsHUteT3Hc%2B6j0gEjNkwffqbT"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8ac81298fa0b5c6e-FRA
3478b6abef19b3b3-s.woff2
www.ired.team/_next/static/media/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/_next/static/media/3478b6abef19b3b3-s.woff2
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/css/ed75bc153c499642.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64bc2a00d28ef824b977ed1c523138d821eaa4576447153e02de70aacb071147
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/_next/static/css/ed75bc153c499642.css
Origin
https://www.ired.team
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885333
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
content-length
10088
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"4f52c61f8f0cad0e31eb3b44c3bf3d4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FfQDYR%2FHiHsw8XPvklz0Y3UCdx12Hvw0aDFgLpljBKruC3spDofyBOy3HyVlTss9RZbfVWVVhI%2Bp5647aNjauEThrqEzRyuZ3d8mSg7eEcL3j0u1jO8VJZlZ6h%2FImR8DtIYCMwA1yZW0SKXMyiy"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8ac81298fa0c5c6e-FRA
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M18PXXHRCQ&gtm=45je47v0v896754288za200&_p=1722538842896&gcs=G111&gcd=13t3tPl2l5&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=2039688048.1722538843&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722538843&sct=1&seg=0&dl=https%3A%2F%2Fwww.ired.team%2Foffensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c&dt=Using%20MSBuild%20to%20Execute%20Shellcode%20in%20C%23%20%7C%20Red%20Team%20Notes&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1993
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M18PXXHRCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 19:00:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ired.team
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
image
www.ired.team/~gitbook/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-LbdtHN2SuDKgSnn9ehL%252F-LbduVJDrfRCCGKEcWuV%252FScreenshot%2520from%25202019-04-04%252020-53-21.png%3Falt%3Dmedia%26token%3D10c925be-fc41-4233-a2b9-697968046f86&width=768&dpr=4&quality=100&sign=47255409&sv=1
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/1dd3208c-be983e9332503385.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12a4d9d5c22f6031142b0d40ea1a9d81196266c37c292a33b08bdd7f86ac1cfe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
age
100950
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
content-length
108002
cf-placement
local-FRA
cf-resized
internal=ram/h q=0 n=0+439 c=0+0 v=2024.6.0 l=108002
last-modified
Fri, 11 Mar 2022 14:22:56 GMT
cf-bgj
imgq:0,h2pri
server
cloudflare
x-matched-path
/~gitbook/image
etag
"cflX8cb7M-2PAKHVqIVQhDI5zVdVzuGkxbo9totcBpDQ:b77c81ed17edcfeba5c0c41d95c7248c"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqqeOw5lF77xOOJb3txo%2FLYSo7bVktNLDi2rMeP8oUip9m6kA9ot4kQ%2BSL%2FhZJ51nrCqP%2Bi4EydxRvTLysZrqXl0oeaSWnGCCRWREIOlQVNJv3t7NJemwkd8Xbhr4sTyYToM3mHlAsXlik%2ByIevx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
warning
cf-images 299 "dpr > 3 should never be used", cf-images 299 "original is 554368B smaller"
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ac8129aec005c6e-FRA
priority
u=4;i=?0,cf-chb=(45;u=5;i)
image
www.ired.team/~gitbook/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-LbdtHN2SuDKgSnn9ehL%252F-LbdufQ1oTcTIYAkZKAv%252FScreenshot%2520from%25202019-04-04%252020-54-14.png%3Falt%3Dmedia%26token%3D85fe682f-c893-41e8-b86f-1fce2e54fe31&width=768&dpr=4&quality=100&sign=fce3ace7&sv=1
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/1dd3208c-be983e9332503385.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da64a322d35b59755d0c9c44fa80d6c4a5cf5e3cb358aab97d0a07e2f810ee1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
age
282664
x-gitbook-cache
hit
alt-svc
h3=":443"; ma=86400
content-length
29445
cf-placement
local-FRA
cf-resized
internal=ok/m q=0 n=251+154 c=0+0 v=2024.6.0 l=29445
last-modified
Fri, 11 Mar 2022 14:20:18 GMT
cf-bgj
imgq:0,h2pri
server
cloudflare
x-matched-path
/~gitbook/image
etag
"cfm67Cl_04j6rgrHQOKe36VbUQdVzuGkxbo9totcBpDQ:eb7390136845a59fe08ce6db2bce7158"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=liIeKlgqAizTxEX0r%2BRq8OhCc9S7ezv4pjC1Hd1Dwbr2Y%2BtgFBU2eKW4cu3cdk9Cg9meUf05734hs4rnNpzWVrNRrHn1W8FA%2F2rAVkUu9QKZ6CbMdQmIHxvIlfrYi0hc%2BVi%2B9RV7Bcpz0eAzJK%2B5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
warning
cf-images 299 "dpr > 3 should never be used", cf-images 299 "original is 40373B smaller"
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ac8129b0c155c6e-FRA
priority
u=4;i=?0,cf-chb=(98;u=5;i=?0)
assets%2F-LFEMnER3fywgFHoroYn%2F-LbdtHN2SuDKgSnn9ehL%2F-LbdvOdWap7ZLXXIH0ZJ%2FPeek%202019-04-04%2020-57.gif
386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/
Redirect Chain
  • https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-LbdtHN2SuDKgSnn9ehL%252F-L...
  • https://386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LbdtHN2SuDKgSnn9ehL%2F-LbdvOdWap7ZLXXIH0ZJ%2FPeek%202019-04-04%2020-57.gif?alt=media&token=40...
553 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LbdtHN2SuDKgSnn9ehL%2F-LbdvOdWap7ZLXXIH0ZJ%2FPeek%202019-04-04%2020-57.gif?alt=media&token=40330c47-89cf-48ac-8b1f-99dec494b085
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Protocol
H3
Server
104.18.0.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
dbd5656c1c9e123989fe36f2661bfb438d34ffb188bf2fa482b1fd675d13ce9b
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.822;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.822;
age
437172
x-guploader-uploadid
AHxI1nN_jPnS2J6M39W2QE9o3iCOPMDSVGA5x0uszCvByjazJkdygI5VKxBTboFOYU7XtOoZHrs
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''Peek%202019-04-04%2020-57.gif
x-goog-meta-height
1364
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
etag
"d69a56bb0a0b092cbbb264c87456be4c"
vary
Accept-Encoding
x-goog-generation
1647008269811744
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-meta-firebasestoragedownloadtokens
40330c47-89cf-48ac-8b1f-99dec494b085
expires
Sun, 27 Jul 2025 17:34:31 GMT
date
Thu, 01 Aug 2024 19:00:43 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=584067, status=cannot_optimize
x-powered-by
GitBook
x-goog-storage-class
STANDARD
x-goog-metageneration
2535
x-goog-meta-x-goog-reserved-source-generation
1554412770492384
alt-svc
h3=":443"; ma=86400
content-length
566502
last-modified
Fri, 11 Mar 2022 14:17:49 GMT
server
cloudflare
x-goog-hash
crc32c=Xlu2Iw==, md5=1ppWuwoLCSy7smTIdFa+TA==
x-goog-meta-width
2507
x-goog-stored-content-length
584067
accept-ranges
bytes
cf-ray
8ac8129bdd3f2c25-FRA

Redirect headers

date
Thu, 01 Aug 2024 19:00:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/~gitbook/image
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2waiibmu9bkXCbWC4uX88OyNFx2GE4MZBcewcxUSdSm9cEOMAN1SrT9Lk0A8LslKiOOcc8Jph%2BlGOa3xSAG4oK1P2Nrs3DCUBXB5Se%2BiFOtWZnv0Wsyc25UkNppdTwo0j8Xfn7IVxxx5PcdWG3DV"}],"group":"cf-nel","max_age":604800}
location
https://386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LbdtHN2SuDKgSnn9ehL%2F-LbdvOdWap7ZLXXIH0ZJ%2FPeek%202019-04-04%2020-57.gif?alt=media&token=40330c47-89cf-48ac-8b1f-99dec494b085
x-gitbook-cache
skip
cf-ray
8ac8129b0c185c6e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
cf-placement
local-FRA
__session
app.gitbook.com/ 		52 B
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.gitbook.com/__session?proposed=33bea9e6-ed2f-48f1-86a5-bda03b9ba315R
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/app/(space)/(content)/layout-59931ad6b9362f39.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
152b7c0f265d09605a52346daa1ed26817bc9bada54d497cb51ed90b7e8edd75
Security Headers
Name Value
Content-Security-Policy default-src 'self' app.gitbook.com api.gitbook.com integrations.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com track-eu.customer.io track.customer.io customerioforms.com eu.customerioforms.com *.api.gist.build *.cloud.gist.build api.getripe.com us.api.getripe.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' integrations.gitbook.com app.gitbook.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://*.algolia.net https://*.algolianet.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.amplitude.com https://static.cloudflareinsights.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://assets.customer.io https://code.gist.build https://customerioforms.com https://eu.customerioforms.com https://*.adroll.com http://*.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net storage.getripe.com us.storage.getripe.com *.opentok.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net code.gist.build; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/ track-eu.customer.io track.customer.io https://*.adroll.com http://*.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net images.getripe.com storage.googleapis.com us.images.getripe.com us.storage.googleapis.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net assets.getripe.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network https://beacon-v2.helpscout.net renderer.gist.build code.gist.build; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net *.mux.com blob:; frame-ancestors app.gitbook.com; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.822;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
via
no cache
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-magic-hash
b146fd114dc79d7e52cab62fe7301eb269e72b07b6dd831d828b333e8b45e0fc
x-powered-by
GitBook
content-security-policy
default-src 'self' app.gitbook.com api.gitbook.com integrations.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com track-eu.customer.io track.customer.io customerioforms.com eu.customerioforms.com *.api.gist.build *.cloud.gist.build api.getripe.com us.api.getripe.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' integrations.gitbook.com app.gitbook.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://*.algolia.net https://*.algolianet.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.amplitude.com https://static.cloudflareinsights.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://assets.customer.io https://code.gist.build https://customerioforms.com https://eu.customerioforms.com https://*.adroll.com http://*.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net storage.getripe.com us.storage.getripe.com *.opentok.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net code.gist.build; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/ track-eu.customer.io track.customer.io https://*.adroll.com http://*.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net images.getripe.com storage.googleapis.com us.images.getripe.com us.storage.googleapis.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net assets.getripe.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network https://beacon-v2.helpscout.net renderer.gist.build code.gist.build; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net *.mux.com blob:; frame-ancestors app.gitbook.com; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.822;
x-cache
MISS
x-release
gitbook-x-prod-10.9.822-20737e897462910039b4752c0d2494f08d42a928-10179991071
alt-svc
h3=":443"; ma=86400
content-length
72
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"34-9QgMepy+RoeKFmluc8jMiFcEeyk"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ired.team
x-cloud-trace-context
4c9e20fbc0c0d678112f02f21e0593b4
cache-control
private
access-control-allow-credentials
true
function-execution-id
ywmzzgtd80rl
cf-ray
8ac8129b0d599b1f-FRA
expires
Thu, 01 Aug 2024 19:00:43 GMT
/
www.ired.team/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6bee8c12f068698afb2fd8edfaab230343bc970cde4f28aec72441212cfd42d

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVSD9luviCcoLjnDOvKnUEX86I%2FrTNaqP9JdZaD7LbrYdLi40Y466J2dsiXWYN%2F%2BBdTq5xBy4p5Fe%2BHopG5VKrsw252xFzUCKLBNLL1%2BHxX0o1453XDLrXs64MgubGnvwrJnYHFIy3OdmEGMc3AY"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129b1c235c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
offensive-security-cheetsheets
www.ired.team/offensive-security-experiments/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security-experiments/offensive-security-cheetsheets?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87a9ac65992655e350e977caad3c1acf9fac6dc883d8b53a0987fc101ab1b4c6

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXVDN0Wkxi%2BO6HQi%2Ba4MmCw%2BXwzGYuSar4zLqSRIX%2BggZH9u5IbmTsLBcsFZIo%2Buj0gCyYwk%2BQnFzrPiVyeEdIBkoslKp5d0N6VfM7I45GYl9TpEy5vav4lhcoee2%2Bmh%2FUbm2APij74inUP2ZOmo"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129b1c275c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
active-directory-kerberos-abuse
www.ired.team/offensive-security-experiments/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bc7d58f460782987cb6a35f4785741d81b7ffc621d6d969a118a9dd5946ad32

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AIv9tdfF0vBJh6bwDD%2B1o449knjrDn%2F%2BKaLYckbg6XxbSRnOcjAxzHJWKc7wkAi3d1vaalwIvmizUrUzwiTDQAbn9%2BbsdlPSD8gPDzB79VzXZHu04QDXu46nomoVksV7vXjuzKP63NpNdTYfNoIT"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129b1c2a5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
red-team-infrastructure
www.ired.team/offensive-security/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/red-team-infrastructure?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d81314f11a78d875980e210b7c89c394c19455cd208dfa3c192be37926b25096

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IuWKnEUYWihF33%2BI6TorqAvk8VQ93mBY6eIh46BlSmGb%2F2APQRlzZgSMnzPiWMCIVdbp1FhWVANhPCXPFdXuSwdOoWN%2FPRsbF9xtFaiEV6g9jJqnevftXC7y3RD6gfrYA6WCo%2FqDE9%2FzKdBEpbwu"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129b1c2d5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
initial-access
www.ired.team/offensive-security/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/initial-access?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a6c743851ad94e699ad8f10aba6117b0868575c67b60a6b03f0f67fa67a247a

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K6VoCQEZpF0uOAdA%2B2AK9%2FJQPA7Yu3yoCghYVZeKtylqasejIkdKIvjjnpBpNCX%2BODol%2F78zie2KFYP9zLdQaNCgd2WXVn8jsIJ1Q1b2pcl35XoGlzFZE9lfQ1R5CFMJ0D96lCc%2BWlkKMKwnFlQI"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129b1c2f5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
code-execution
www.ired.team/offensive-security/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f243edf35bb3b7b5205b24daade154243c9b7e1552a643b5ad53af15f832192f

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Jl16CC2X2QX7LOxdQpEEd%2BabnQw9FBeBcxf27xL7fyJdv7MqsdPgApXyaN2XstbRADel7i2rtIZ5uij346cx9iLWLs7zPExNnxaAJhs4AlbOW80SCNn844cYS11UUySDio2AtWMQ%2BvtCoIdPEKo"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129c2d455c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
t1117-regsvr32-aka-squiblydoo
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/t1117-regsvr32-aka-squiblydoo?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
475336fc36d6f19707ed7d3f776e782739dad525f476fb24c848bf07353b1df4

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HMM7TEDohy8WlEwbCKFIWdEECrQ99v6mjp82HIYwcHEPDnyjBCGbMk1OroKv0jadl%2FDG%2FkIZTXB3xmj6xJsZYqWASjwkg4GuHqiG19skWovVjvZF2L%2FH0KGx1c%2B3cSWxHF8lzucW%2FXG8KHDkehH4"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129c6d9c5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
t1170-mshta-code-execution
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/t1170-mshta-code-execution?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df87cb1a7c2dec167da7011e2ce23fc8ff42b1638ba557e70cd784b74f58195

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fcHCVc37uEyljLdKtMUcH294q3BeX33h0VpWK04X8vkm0OiyuGmth49%2FD4zaFMVBOw2%2BJTVwpTLUq8nDr3A%2BoWZwl6%2FAj%2FvrYL0s6gf1CqQcMU2NleBUZWD4K8cCExHEsbTE2zp%2FwE4Sxj%2B8l6eI"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129cbe4e5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
t1196-control-panel-item-code-execution
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/t1196-control-panel-item-code-execution?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5f506e4b72b5c09fce57488deb245885f1ef7129852df9c1d86cb7c65716ed

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q8zfoTjR70H0%2Bd9UqJMCFkZ7zqJhHUf%2Fzqg%2BInnGQRoNsO2sqW8ik7hOOut6Jy9F8RrsqDo7jf5%2Fyg2iEBzp%2FFIkGQ4psC6gyHlCpUhrysat70WIGDN4bSFqu%2BPzc2nr8DySJcH2GCbknwhS90Rr"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129cfe8e5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
track_view
api.gitbook.com/v1/orgs/-LFEMnEQwqZOY6DtfrzY/sites/site_gkbDu/insights/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.gitbook.com/v1/orgs/-LFEMnEQwqZOY6DtfrzY/sites/site_gkbDu/insights/track_view
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/app/(space)/(content)/%5B%5B...pathname%5D%5D/page-c7428df66868c6ff.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-gitbook-execution-id
1ad7e41a50964231
x-powered-by
GitBook
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
server
cloudflare
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
location,x-gitbook-execution-id,x-gitbook-mutations,x-gitbook-subscription-channels,x-gitbook-subscription-urls
x-cloud-trace-context
8243b02f69b2371ac03fc627556f1946
access-control-allow-credentials
true
cf-ray
8ac8129d98b492c5-FRA
track_view
api.gitbook.com/v1/orgs/-LFEMnEQwqZOY6DtfrzY/sites/site_gkbDu/insights/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.gitbook.com/v1/orgs/-LFEMnEQwqZOY6DtfrzY/sites/site_gkbDu/insights/track_view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ired.team
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-castle-request-token,if-unmodified-since,x-gitbook-trace-id,x-gitbook-span-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
location,x-gitbook-execution-id,x-gitbook-mutations,x-gitbook-subscription-channels,x-gitbook-subscription-urls
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
8ac8129d486692c5-FRA
date
Thu, 01 Aug 2024 19:00:43 GMT
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=3600
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
GitBook
executing-code-in-control-panel-item-through-an-exported-cplapplet-function
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/executing-code-in-control-panel-item-through-an-exported-cplapplet-function?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c75866fcf4503e72614da9a61d930a25ff9eb6164b689bfcab35f49c5a9a0bf

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pfEWDv6liRxXlzJQOaMoGaRWNudvWJZtlMsXDkL1nOaj94FvRmWJc%2FkOi%2F5gu5xocsjhZ4c%2FykmDY3x0fv8Z9aMS5vWsoWMmIAGqJNSDHvnH5tDj%2Fg6hCZxYFroSdFHTuAC8JGv0UGVrqu54hXBG"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129d1ead5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
code-execution-through-control-panel-add-ins
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/code-execution-through-control-panel-add-ins?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa0b9e40b91246897edf97b485778e4cc577c4b27781b2043b54d0f384d162e

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x1emaiTKWYjkkQmhtbmr6bIAxW6WFdkonNkMem20hokqHhsac1UY1%2Bnhdz6tGkZAiTT8Gy%2F%2FPci7Rpw9WvwV%2BRRxVvFLO4P9faPmbD8FtervMnNtWJH9FQYAvb8z5MK4gO7OJ4e5O6ERhojz8gSH"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129d9f415c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
t1191-cmstp-code-execution
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/t1191-cmstp-code-execution?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87120e4a8fea3ba4091f44fda1b5765a21f55467f165c462af096d74cd41a712

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7sqgGW4yErE%2Bu1KMAq6Vd4yuSEhS4JceGjnu%2FhwU9nK3AfCvd1niDevO6hF%2Bz4RDluGLVAvnCI1u3KDOECK9TQuEc5XVYYGUSGd9ZIOXPel14QmDho%2Fiw5AVCnyDlNkuqTlPmPe5kaX%2BeYpC7vuF"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129daf555c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
t1118-installutil
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/t1118-installutil?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cf7b8a45e339d402dd77be01c5a5209d2862e0fb2a5a69be38c448521b69d37

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hO3x1EZkN7wBXUF6HjyE0CahvOnKzfJW%2FdnVj7cKaFeZx8cvBVBnwfPycahgrCSu%2FpIVzTcB4CV%2F9jdyrKXLZ97%2F189sBd5pcCAIa%2BAZZ%2BU8yrqbRiyyhqLnckhgfivtVUpqJXAvMJqziXHjMF3o"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129daf575c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
spaces%2F-LFEMnER3fywgFHoroYn%2Favatar.png
386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/ 		12 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/spaces%2F-LFEMnER3fywgFHoroYn%2Favatar.png?generation=1536436814766237&alt=media
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.0.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
7834e63bad0b16e07695f5ad93d8484722989a1a8ea94c9ba91c4be105ca0a44
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.822;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 19:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.822;
age
1896246
cf-polished
origFmt=png, origSize=29066
x-powered-by
GitBook
x-guploader-uploadid
ACJd0NoHDgbF7HDNTpFAVQ2F3yvKOt2o2l808PN0JyEFattes5NxXAy_bnpAoAYUi_luTWOkfg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-meta-x-goog-reserved-source-generation
1536436814766237
content-disposition
inline; filename="spaces%2F-LFEMnER3fywgFHoroYn%2Favatar.webp"
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
12796
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 11 Mar 2022 05:32:10 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"2965c5f978755802debc0291c5574853"
vary
Accept, Accept-Encoding
x-goog-generation
1646976730059392
content-type
image/webp
x-goog-hash
crc32c=ALxBKw==, md5=KWXF+Xh1WALevAKRxVdIUw==
cache-control
public, max-age=31536000
x-goog-stored-content-length
29066
x-goog-meta-firebasestoragedownloadtokens
1910800b-eed5-42ea-b282-39d0660128fe
accept-ranges
bytes
cf-ray
8ac8129e3ff52c25-FRA
expires
Thu, 10 Jul 2025 20:16:37 GMT
using-msbuild-to-execute-shellcode-in-c
www.ired.team/offensive-security/code-execution/ 		435 B
767 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17f180f18f412b06924e350119222e6063c4bb9e7e2a840bd71d956547f4ff9

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V5kEHQ08Z7Oetu0unqASSzOCJiiKP7ZKC46mlzlST9IGHyvxMo9p95Iipe7x7HMkQ2Jiu9k727q9HQpx5vkYQmtWjG5SGYrZrMyi5Y080tkYHKP5rk%2B8NU9qJ0ZZ5PhY8IqlAZAPW79bp8Cs9N1N"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129e58195c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
t1202-forfiles-indirect-command-execution
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/t1202-forfiles-indirect-command-execution?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3c20176057f8c66b9740b0285963533e0eb0eaeeb23c1b4fe6896045c31594

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xmprs3vQgcbsewpbzQ8%2BCKD6mAZIqaR%2B1gFJzRQNelY8zCciTm9gdmiKBIEu%2BE41%2BpAG8VJ2Z4HKmHiHrWojnHS%2B%2FYehxhf2MRfrlQqzOmbl1t7IvieDcupyNEzbphuQR%2F223x2SwnvHG1jAB46v"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129e581e5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
application-whitelisting-bypass-with-wmic-and-xsl
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/application-whitelisting-bypass-with-wmic-and-xsl?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f72cebe93641139d43f426a9647d29a55ce4fedc6a6bbe955e76ec631fce6c68

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qlb4VoJK1W1tlDB5SWV0GL8NoDRWVrzDlr8pXtrujgB%2Bu3%2BO7sT1oLze%2BdJBYyGkLp4zPM5dOKdn%2Brl5Fe7F4mlyw%2BYaRnGYbiU8wAwlO4AOTXWpMTKTKShhqWCfaepxNlic6c1%2BNEwqSJRtlktR"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129e78525c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
powershell-without-powershell
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/powershell-without-powershell?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
278893d9713d2cd88e31492621276ef018ef7f30c44d044b7eccc5bcc4a7cd40

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGg2%2Ftq84JA3l0PtowKtc1Izf1NzKgJWimLpbJwMKS5Y8Y8Kb2jJSseHOWb98t3iHarg2npfGzpVl4UNeE9d4G8qcTUmR%2Bno4xIr3YA1dFePnmtgKwj5aLNcM6PW0%2BNNAmQvroHwwBzYgUC9iKTc"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129e986a5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
powershell-constrained-language-mode-bypass
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/powershell-constrained-language-mode-bypass?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f3b081428b9285f67fc0f2e482fa1b20aeb28a965c8b07545f1a1d51c3d27d3

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z7bhfxcTDJvgTT3o%2FmjzeJ139e%2BFDyn2yJaG8%2Bs6mlhaXoWiwemOR9RS%2BfdScT1kJp7sslWUbFLUcYNXcdRa6e2GRlOotDlMAoHqOy6R8SQ9wngLuQCADNXc5IYz7TQ%2F1lRB%2F498OKyzpv%2FVWoD1"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129ea87f5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
forcing-iexplore.exe-to-load-a-malicious-dll-via-com-abuse
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/forcing-iexplore.exe-to-load-a-malicious-dll-via-com-abuse?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2641fc3112dd24fbfd9822709b1ef77d1a2c711c056c22e946f949b4325bc67

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3i0WxrWjF2WhCPJPz%2FLinkKX5QbgiZ3c%2BgzmUtEHw3JtqG6WmPLSLx3OXAHEmr5pXL3jMy92WOlLCSxC1IC6gV0c%2FBr2mJPEkl33yjXOlBfcbLfYp7PNhF5PjhD47ljCdWPLESf%2FPEvQqXvrb%2FBz"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129f39395c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
t1216-signed-script-ce
www.ired.team/offensive-security/code-execution/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-execution/t1216-signed-script-ce?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b4a20affa40793800d569c5aa2732df8ea7589e36407afcc8ef2d7f84f6d6d

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilvs1AvvleBmhVWO4MLvBoEm16c1FA5Uf37hIsE4JwOMTdzjQyIZdGuTOjICE%2B0vzRfW%2FhbnMbwkCjb8YavMsaugu%2B4HyM7XbtmmQ%2FLGG4mQICkjIgwkB9ylLPJZzf865Nt7joJnDgqOG5BShGOT"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129f798f5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
code-injection-process-injection
www.ired.team/offensive-security/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/code-injection-process-injection?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1731630794ae17b8afa5c5f4454eef4a06b6c992c3d2534f39724bed6aca5266

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02OxvWA8T4iV1nugmA7AIPAZ5NBFGwhw%2BDc3k9M12j06N%2BPJZZn3n75BuwYoJA8qx7lszq6CT03HBhMgqFMnJX638bPJ88URiSALdImsMoetJifMNGIbuhdVWNbWrfoGvLhIc%2FU9L69SSr04scVY"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129f79925c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
defense-evasion
www.ired.team/offensive-security/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/defense-evasion?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e6b59f13e153424020f3772d02da0207e0f92ceed3212e0646a747777bb4d8

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2BdQE40NWYLDbaGjqykIOLS%2BGzAMZD3kcweU2DZnSU%2FnrD4Lr75aTiJltQ4AIkN8e7VbIvXOHkxnDBo%2B3r%2FHZ8HkPXdOnujXPxXE6vkRfuLMZK4ueJqze06quwY9ZTIgsBr4Ik1zBRtjePxKXY8T"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129f89a85c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
enumeration-and-discovery
www.ired.team/offensive-security/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/enumeration-and-discovery?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05cef54c9da50235ed61ee4b5802fafa857cc568f3f0594fc52023e4b81b58fb

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h16VG%2Bn8uQwj8w8neClrDpkrUp2XvhkfgAoM5Xigs4zpQs4Bf4ZYrSGe7FQoXetOIr3jiLoiyFlhyyAiMIl8DlHQsaOJHf8IMFEVRLGWZ%2FnVEMuJDCRXf6npFwo19AZhlBzpq0iavTje0MSxvN3H"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac8129fa9ce5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
privilege-escalation
www.ired.team/offensive-security/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/privilege-escalation?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0a4b4f6a1324572fda3bfa5e0bf18b1b1cd345d148dd77cac12c9926f953217

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NwRfXeYtoMgXmSUggjsoBwjpVKZ2RfWvVAO%2BM2z5lXSqQKtaIip3pttNuFWJUQhGFWQ6MpvJ4HQalFjjpkJkPdQ2xluxa6hE2cz5r5Bh58R3rxlJWBiS1X7X87bPJX6wGwnYfuc4jeSTRtOMpFv"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac812a05a9a5c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
credential-access-and-credential-dumping
www.ired.team/offensive-security/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/credential-access-and-credential-dumping?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c362c52d71db9dbcbe8aca404e4e0c16453b043e73ea81137efec220b82284cf

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R8NiZX%2FugzvcGQ9Z%2F7LVNmfj6GftNj00PXbFb7p3HxQh9hzDwHAYoy3L4yz5JRuHZ2iB43qth%2BXf0xEyiws1jbrmom8F2OV065TiIsg7zkMPVTxzodZ60zn4zxIXklx6qVMiBP%2BrcdJjVUf%2F3EvQ"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac812a05aa25c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA
lateral-movement
www.ired.team/offensive-security/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ired.team/offensive-security/lateral-movement?_rsc=y95uu
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9297-f3eccea4ea14abf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c419f7ce910a98130b2c1403d74fa62ee71d1341ea9d863c5b69caf149f6ae0

Request headers

Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(space)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fcode-execution%2Fusing-msbuild-to-execute-shellcode-in-c%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22code-execution%5C%22%2C%5C%22using-msbuild-to-execute-shellcode-in-c%5C%22%5D%7D%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D
Referer
https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Next-Router-Prefetch
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Next-Url
/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
RSC
1

Response headers

date
Thu, 01 Aug 2024 19:00:44 GMT
content-encoding
gzip
x-edge-runtime
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-matched-path
/[[...pathname]]
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mw0WU3T1jGSZB96KrJq73VFISs%2BWYjQdLznTnA8MXnoOsg%2BBCtCsXnA90XHiaoQuTMRNXAcqjpyodTuEJVJaWOoW8DI9IKtmCwK%2Bx0EWq%2FSdNE5hMjkvMdpKPjz4H1cIX7DLvG1C90Uh5xqcuw4n"}],"group":"cf-nel","max_age":604800}
content-type
text/x-component
x-gitbook-cache
skip
cf-ray
8ac812a09ae65c6e-FRA
alt-svc
h3=":443"; ma=86400
cf-placement
local-FRA

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk_N_E object| dataLayer function| gtag object| __next_f function| $RS function| $RC object| _N_E string| __sentryRewritesTunnelPath__ object| SENTRY_RELEASE object| next boolean| __VUE_OPTIONS_API__ boolean| __VUE_PROD_HYDRATION_MISMATCH_DETAILS__ object| GitBook object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

3 Cookies

Domain/Path Name / Value
.ired.team/ Name: _ga_M18PXXHRCQ
Value: GS1.1.1722538843.1.0.1722538843.0.0.0
.ired.team/ Name: _ga
Value: GA1.1.2039688048.1722538843
.gitbook.com/ Name: __session
Value: 33bea9e6-ed2f-48f1-86a5-bda03b9ba315R

3 Console Messages

Source Level URL
Text
javascript warning URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Message:
The resource https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-LbdtHN2SuDKgSnn9ehL%252F-LbdvOdWap7ZLXXIH0ZJ%252FPeek%25202019-04-04%252020-57.gif%3Falt%3Dmedia%26token%3D40330c47-89cf-48ac-8b1f-99dec494b085&width=768&dpr=4&quality=100&sign=f7976f99&sv=1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Message:
The resource https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-LbdtHN2SuDKgSnn9ehL%252F-LbduVJDrfRCCGKEcWuV%252FScreenshot%2520from%25202019-04-04%252020-53-21.png%3Falt%3Dmedia%26token%3D10c925be-fc41-4233-a2b9-697968046f86&width=768&dpr=4&quality=100&sign=47255409&sv=1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.ired.team/offensive-security/code-execution/using-msbuild-to-execute-shellcode-in-c
Message:
The resource https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-LbdtHN2SuDKgSnn9ehL%252F-LbdufQ1oTcTIYAkZKAv%252FScreenshot%2520from%25202019-04-04%252020-54-14.png%3Falt%3Dmedia%26token%3D85fe682f-c893-41e8-b86f-1fce2e54fe31&width=768&dpr=4&quality=100&sign=fce3ace7&sv=1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'nonce-ZDllMDg4OTQtMmQ0MS00YTRkLWIzOTktMDhmZDU0ZWEyZWVk' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

386337598-files.gitbook.io
api.gitbook.com
app.gitbook.com
integrations.gitbook.com
region1.google-analytics.com
www.googletagmanager.com
www.ired.team
104.18.0.81
104.18.1.81
104.18.24.61
104.18.25.61
2001:4860:4802:32::36
2a00:1450:4001:82f::2008
00ab55e6a2788467e93c9b821d05d91120fe88cf33ffa9609d0ce5a385c8d844
05cef54c9da50235ed61ee4b5802fafa857cc568f3f0594fc52023e4b81b58fb
08e6b59f13e153424020f3772d02da0207e0f92ceed3212e0646a747777bb4d8
0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a
0a98f235a4474bd00250e4d2c827496432d6e848fb722f62b3f6a31fa504f5a2
12a4d9d5c22f6031142b0d40ea1a9d81196266c37c292a33b08bdd7f86ac1cfe
152b7c0f265d09605a52346daa1ed26817bc9bada54d497cb51ed90b7e8edd75
1731630794ae17b8afa5c5f4454eef4a06b6c992c3d2534f39724bed6aca5266
18bbaf771380dee334f57f8f10f5e5742aa38eead5a05616fdfc6fb6bcdacc94
1fd9b31a8aa192ee4e9a4fb9a3533db3690e23ed3116ac24223c890fb4995d52
21282cb8ab54747b427db0c930a8e23318504394a2a004bd5bcf46af1523b66f
23378b7c548130c2781eb7fe837aaf87771057f4b07f1bcac213af2c2a0c2632
278893d9713d2cd88e31492621276ef018ef7f30c44d044b7eccc5bcc4a7cd40
28161812df9c51064f930b9854306b025000df8441cfb838e1a03ff4d7bad723
2cf7b8a45e339d402dd77be01c5a5209d2862e0fb2a5a69be38c448521b69d37
2d6b8eab4e14b589c126c9b2131d39ebcc5e59f6729cb8700fd692c56a029e12
3423f91835ed4a89b6e047010d3812ac2a94eb8c899502af715313d11a881aea
3a6c743851ad94e699ad8f10aba6117b0868575c67b60a6b03f0f67fa67a247a
3ac2f080bbb40f863c4131684fff62a14a94ec4fc5f8befeab9fb75d271102e9
3df87cb1a7c2dec167da7011e2ce23fc8ff42b1638ba557e70cd784b74f58195
4383f3ca7a4887be8d1ca7a83786d16bdf0dae69713d768487701525dba1f8fa
475336fc36d6f19707ed7d3f776e782739dad525f476fb24c848bf07353b1df4
5347ee59ae08cf34c7c71a064b788c03d9ec9e6e2c8be07a63f904156f68712f
53ea9f6375a845061b9dd17c0c993669097dc44b7b932c4f5df949f9009980bf
56bfca12641be0d54db65dc82d1c005bcd52008c3a3c39ac484961826ec18d42
5c419f7ce910a98130b2c1403d74fa62ee71d1341ea9d863c5b69caf149f6ae0
5c6ca28e3f7427eec2d1a09311b77d9c05d0ccb662f90bc6b1f0f5ed83e0045a
5da64a322d35b59755d0c9c44fa80d6c4a5cf5e3cb358aab97d0a07e2f810ee1
64bc2a00d28ef824b977ed1c523138d821eaa4576447153e02de70aacb071147
6714e670578b87c0dd665674661c66c0b7cabe4331da23ec1bd5d992bc38ac00
7834e63bad0b16e07695f5ad93d8484722989a1a8ea94c9ba91c4be105ca0a44
7b83621d3dfae776dda1c82033ba0db6a6fe48c273c46d66ff11e21e2c9d7516
815b4cc512e59e2aaeb6f509d075cca7eec4926e56ac02925059f72c9a7b2c31
8492b879d895b5d8d66b754a5c5f4c9bab5597fcc6ad653bdcb5288450261545
87120e4a8fea3ba4091f44fda1b5765a21f55467f165c462af096d74cd41a712
87a9ac65992655e350e977caad3c1acf9fac6dc883d8b53a0987fc101ab1b4c6
8c75866fcf4503e72614da9a61d930a25ff9eb6164b689bfcab35f49c5a9a0bf
984a458087a34d4f3230007a2c1020b32700fe54f1d344281513339ba12dd8b8
9854f2635a5be987cec46e99edd00b155801124ff89362e18c95e2b28f25f030
9bc7d58f460782987cb6a35f4785741d81b7ffc621d6d969a118a9dd5946ad32
9f3b081428b9285f67fc0f2e482fa1b20aeb28a965c8b07545f1a1d51c3d27d3
a0a4b4f6a1324572fda3bfa5e0bf18b1b1cd345d148dd77cac12c9926f953217
ab92b2943ccf9319b7c46f76a542eebb8578a621160f1e23732ae918b427bf4a
b9994c8681d06be53cdcd4d762e6ee3cc5186230b92526d08d08d1308961becc
bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0
c362c52d71db9dbcbe8aca404e4e0c16453b043e73ea81137efec220b82284cf
c3c43850c3e88539e35c8211e66da4eed93fddb5286cda9ef1ea6448aeefb8f5
cd5f506e4b72b5c09fce57488deb245885f1ef7129852df9c1d86cb7c65716ed
cfa0b9e40b91246897edf97b485778e4cc577c4b27781b2043b54d0f384d162e
d2641fc3112dd24fbfd9822709b1ef77d1a2c711c056c22e946f949b4325bc67
d81314f11a78d875980e210b7c89c394c19455cd208dfa3c192be37926b25096
d86216f11387785c097b321e492fda46668e30a3e14f3ecdf8152a4e713b4b5e
da8a159a110fd85f6169ed8e00deb31746090de2ee75829eb52e0669eb5b2833
dbd5656c1c9e123989fe36f2661bfb438d34ffb188bf2fa482b1fd675d13ce9b
dc85beb0bcf60b05d3ab44f8de402b014c7af9430f49db17eaaf959f3476d5a3
df3c20176057f8c66b9740b0285963533e0eb0eaeeb23c1b4fe6896045c31594
e60c9ae11c0f6c6014661d611473551f727b5df4edd8e520a50845a7a54e3db0
e6876de2c0705adab60d8623fcabb16b146f4dffdae739226f0bcc51e1ba5109
e6bee8c12f068698afb2fd8edfaab230343bc970cde4f28aec72441212cfd42d
e7169f589657644aecacdc6fbefcac6368d84eb538e9eed72caad26f06140d4f
e7c716d0e2dc7da7ccf1e893b980b3bb49ac3e7d80acaf91f4469c7d118263d6
e942a40ecb51b28f18a197ad6cad72b75ed228eca2f37b3acd9320738b176b9c
f17f180f18f412b06924e350119222e6063c4bb9e7e2a840bd71d956547f4ff9
f243edf35bb3b7b5205b24daade154243c9b7e1552a643b5ad53af15f832192f
f72cebe93641139d43f426a9647d29a55ce4fedc6a6bbe955e76ec631fce6c68
f8b4a20affa40793800d569c5aa2732df8ea7589e36407afcc8ef2d7f84f6d6d