urlscan.io logo urlscan.io
SecurityTrails logo

blog.hacktivesecurity.com Open in urlscan Pro
51.254.48.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lnkd.in/dv9ADve
Effective URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-...
Submission: On July 12 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 40 HTTP transactions. The main IP is 51.254.48.155, located in France and belongs to OVH, FR. The main domain is blog.hacktivesecurity.com.
TLS certificate: Issued by R3 on June 27th 2021. Valid for: 3 months.
This is the only time blog.hacktivesecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.174.10.10 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
37 51.254.48.155 16276 (OVH)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
40 4
1    108.174.10.10 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-10.fwd.linkedin.com
lnkd.in
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
37    51.254.48.155 (France)

ASN16276 (OVH, FR)
blog.hacktivesecurity.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
Apex Domain
Subdomains		 Transfer
37 hacktivesecurity.com
blog.hacktivesecurity.com
4 MB
2 youtube.com
www.youtube.com
42 KB
1 gravatar.com
secure.gravatar.com
13 KB
1 linkedin.com
www.linkedin.com
2 KB
1 lnkd.in
lnkd.in
328 B
40 5
Domain Requested by
37 blog.hacktivesecurity.com blog.hacktivesecurity.com
2 www.youtube.com blog.hacktivesecurity.com
www.youtube.com
1 secure.gravatar.com blog.hacktivesecurity.com
1 www.linkedin.com 1 redirects
1 lnkd.in 1 redirects
40 5

This site contains links to these domains. Also see Links.

Domain
www.drupal.org
hub.docker.com
wordpress.org
www.themeinwp.com
Subject Issuer Validity Valid
blog.hacktivesecurity.com
R3		 2021-06-27 -
2021-09-25		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Frame ID: 37BC0F42EB7607B14935E34F76856F41
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://lnkd.in/dv9ADve HTTP 301
    https://www.linkedin.com/slink?code=dv9ADve HTTP 301
    https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrappi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

40
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

4629 kB
Transfer

5170 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lnkd.in/dv9ADve HTTP 301
    https://www.linkedin.com/slink?code=dv9ADve HTTP 301
    https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Redirect Chain
  • https://lnkd.in/dv9ADve
  • https://www.linkedin.com/slink?code=dv9ADve
  • https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
89 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
cb08369a63d7a4d80aa95d9a0555f878fe320090b349dd8a5bc3b158dfaa53c4

Request headers

Host
blog.hacktivesecurity.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:18 GMT
Server
Apache/2.4.41 (Ubuntu)
Link
<https://blog.hacktivesecurity.com/index.php/wp-json/>; rel="https://api.w.org/" <https://blog.hacktivesecurity.com/index.php/wp-json/wp/v2/posts/210>; rel="alternate"; type="application/json" <https://blog.hacktivesecurity.com/?p=210>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17581
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

cache-control
no-cache, no-store
pragma
no-cache
content-encoding
gzip
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
vary
Accept-Encoding
set-cookie
bcookie="v=2&5fedc47a-b011-4814-8211-62b178b20b06"; Domain=.linkedin.com; Expires=Thu, 13-Jul-2023 00:00:50 GMT; Path=/; Secure; SameSite=None bscookie="v=1&20210712122318bc982a3f-a681-4269-8648-77da83b04e66AQEuNz-kj1dV_0zgRmm_7gSbOJej_qcU"; Domain=.www.linkedin.com; Expires=Thu, 13-Jul-2023 00:00:50 GMT; Path=/; HttpOnly; Secure; SameSite=None li_gc=MTswOzE2MjYwOTI1OTg7MjswMjESAgQANtVbRppZ+EyhcnSi9L9zORDFejhyGakAcEiV2w==; Domain=.linkedin.com; Expires=Thu, 29 Jun 2023 21:36:45 GMT; Path=/; Secure; SameSite=None lidc="b=TGST00:s=T:r=T:a=T:p=T:g=2627:u=1:i=1626092598:t=1626178998:v=2:sig=AQEZKQFkzujX9Kg8SjVUKUcKSwNK6EYp"; Expires=Tue, 13 Jul 2021 12:23:18 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options
sameorigin
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric
prod-ltx1
x-li-pop
afd-prod-ltx1
x-li-proto
http/2
x-li-uuid
5DuiYZoKkRYAEpO7kSsAAA==
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: A907A518E8FD4AFABC04C20D6B6A3681 Ref B: FRAEDGE1418 Ref C: 2021-07-12T12:23:18Z
date
Mon, 12 Jul 2021 12:23:18 GMT
style.min.css
blog.hacktivesecurity.com/wp-includes/css/dist/block-library/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Apr 2021 23:50:28 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"e33b-5bf567a917900-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
8685
blocks.style.css
blog.hacktivesecurity.com/wp-content/plugins/code-syntax-block/assets/ 		182 B
493 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/plugins/code-syntax-block/assets/blocks.style.css?ver=1624006213
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fdf2148ed0a6e077fb8f60a36af7d9275fb7ac9b698390f5ac8bee4b12e74ab0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 08:50:13 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"b6-5c5066979ef1b-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
159
prism-nord.css
blog.hacktivesecurity.com/wp-content/plugins/code-syntax-block/assets/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/plugins/code-syntax-block/assets/prism-nord.css?ver=1624006213
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6d6989575793f516b1481b6022cc881b09e344fe5c1961c3a683e94442929b22

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 08:50:13 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"bac-5c506697981bc-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1208
88efc558a550610e37961eecde79368e.css
blog.hacktivesecurity.com/wp-content/fonts/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4adec8a69926ae0cafe461e10c270904d5d6747304ff59a9bf90764f2d8016d1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:18 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Jun 2021 12:47:38 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"8417-5c5bec7165dc3-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1301
slick.min.css
blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/slick/css/ 		1 KB
815 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/slick/css/slick.min.css?ver=5.7.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
21b589bbc25d38fbf4c8168b0801ce4cf9d0aa1d372ae1ac773574aaeb10c08d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 07:32:05 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"511-5c5055210051b-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
479
style.css
blog.hacktivesecurity.com/wp-content/themes/masonry-grid/ 		106 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/themes/masonry-grid/style.css?ver=1.0.1
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c3b7b5476983f8c0b8e0b7b17047701c07a1e51a4d094ec28d79e95ba101f0e6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 07:32:05 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1a786-5c5055210245b-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17511
magnific-popup.css
blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/magnific-popup/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/magnific-popup/magnific-popup.css?ver=5.7.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
47be7c9dceef0435bf2c71d278531497e98ca6126d8e87d603bf80ae9bc7a39c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 07:32:05 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1c8a-5c505520ff57b-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1835
jquery.min.js
blog.hacktivesecurity.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Oct 2020 16:33:25 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"15d98-5b11746475f40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
30916
jquery-migrate.min.js
blog.hacktivesecurity.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Nov 2020 09:06:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2bd8-5b45debe27b80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4169
Screenshot-2021-07-12-at-10.01.58.png
blog.hacktivesecurity.com/wp-content/uploads/2021/07/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.hacktivesecurity.com/wp-content/uploads/2021/07/Screenshot-2021-07-12-at-10.01.58.png
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e6c5b356bb46e89b498aa4855c727de72179dd24b6b8aa091f3cb23a13b1caf2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Mon, 12 Jul 2021 08:02:17 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"153f4-5c6e88a3d46fa"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
87028
wp-emoji-release.min.js
blog.hacktivesecurity.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jan 2021 15:29:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3795-5b83cfce57d00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
4662
prism.js
blog.hacktivesecurity.com/wp-content/plugins/code-syntax-block/assets/prism/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/plugins/code-syntax-block/assets/prism/prism.js?ver=1624006213
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ddd5de6c9127c4601f7b420d241769ab528939b984c8118dd9833d43b2a9053f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 08:50:13 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"6830-5c5066979ef1b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
9745
imagesloaded.min.js
blog.hacktivesecurity.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Jun 2020 18:53:27 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"15fd-5a7fbb57c37c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1834
masonry.min.js
blog.hacktivesecurity.com/wp-includes/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Jun 2020 18:53:27 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5e4a-5a7fbb57c37c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
7382
slick.min.js
blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/slick/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/slick/js/slick.min.js?ver=5.7.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 07:32:05 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"a770-5c5055210051b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
10445
theia-sticky-sidebar.min.js
blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/theiaStickySidebar/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/theiaStickySidebar/theia-sticky-sidebar.min.js?ver=5.7.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1086f15a6e8498d6d48575e8dc78a04d8ef78c03986aabed5d0150747bda0a58

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 07:32:05 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"14fc-5c505520ff57b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1743
isotope.pkgd.min.js
blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/isotope/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/isotope/isotope.pkgd.min.js?ver=5.7.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 07:32:05 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"8a80-5c5055210051b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
9855
jquery.magnific-popup.min.js
blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/magnific-popup/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/magnific-popup/jquery.magnific-popup.min.js?ver=5.7.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 07:32:05 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4efb-5c505520ff57b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
7348
pagination.js
blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/custom/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/custom/js/pagination.js?ver=5.7.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a032c88305d5d668d7384cb55108e95bba4c2225b2e4420a136058a48a7d6e09

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 07:32:05 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"331a-5c5055210051b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2597
custom.js
blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/custom/js/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/custom/js/custom.js?ver=5.7.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
212eb46f9831d550e56d4bc5bcd62ff223300a0ebd9d9d3ffac85df85b1a5596

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Jun 2021 07:32:05 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"8e36-5c5055210051b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
7415
wp-embed.min.js
blog.hacktivesecurity.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jan 2021 15:29:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"592-5b83cfce57d00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
765
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuOKfAZ9hiA.woff2
blog.hacktivesecurity.com/wp-content/fonts/inter/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/fonts/inter/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuOKfAZ9hiA.woff2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fd2ec9dbb1aaf2cf70393ea14ebda6f45309fed582aadb44edec9581959fe44c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://blog.hacktivesecurity.com
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
Connection
keep-alive
Origin
https://blog.hacktivesecurity.com
Referer
https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Fri, 18 Jun 2021 07:32:15 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"44f4-5c50552aa7f48"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
17652
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
blog.hacktivesecurity.com/wp-content/fonts/poppins/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://blog.hacktivesecurity.com
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
Connection
keep-alive
Origin
https://blog.hacktivesecurity.com
Referer
https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Fri, 18 Jun 2021 07:32:18 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1e98-5c50552d3c198"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
7832
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2
blog.hacktivesecurity.com/wp-content/fonts/inter/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/fonts/inter/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
87d718a282da60f8ef79c2c85e2999bd0fe7a6ef3fc77ccb3ad8a5ff8474b1ef

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://blog.hacktivesecurity.com
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
Connection
keep-alive
Origin
https://blog.hacktivesecurity.com
Referer
https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Fri, 18 Jun 2021 07:32:16 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"46b0-5c50552b6661a"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
18096
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
blog.hacktivesecurity.com/wp-content/fonts/inter/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/fonts/inter/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
27ae72daf88c7431896929273087c99910d019ae82dc0af7d86505c0f5ef5dbf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://blog.hacktivesecurity.com
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
Connection
keep-alive
Origin
https://blog.hacktivesecurity.com
Referer
https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Fri, 18 Jun 2021 07:32:16 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4304-5c50552ae8683"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
17156
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYAZ9hiA.woff2
blog.hacktivesecurity.com/wp-content/fonts/inter/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.hacktivesecurity.com/wp-content/fonts/inter/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYAZ9hiA.woff2
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
687fc99e322c6c306a4e4c92099c3df35735687f72a40ef6239e5ee4f5bd8f13

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://blog.hacktivesecurity.com
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
Connection
keep-alive
Origin
https://blog.hacktivesecurity.com
Referer
https://blog.hacktivesecurity.com/wp-content/fonts/88efc558a550610e37961eecde79368e.css?ver=1.0.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Fri, 18 Jun 2021 07:32:16 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4664-5c50552ba3e76"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
18020
22e1299f1b534fcc2f833a9cc4e17f37
secure.gravatar.com/avatar/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/22e1299f1b534fcc2f833a9cc4e17f37?s=96&d=mm&r=g
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
017fcf7ed3cef8b696b67ed89647ea0226b2b281e24a697c8517c7652d9fe6d2

Request headers

Referer
https://blog.hacktivesecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 12 Jul 2021 12:23:19 GMT
last-modified
Fri, 18 Jun 2021 15:36:10 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="22e1299f1b534fcc2f833a9cc4e17f37.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/22e1299f1b534fcc2f833a9cc4e17f37?s=96&d=mm&r=g>; rel="canonical"
content-length
13023
expires
Mon, 12 Jul 2021 12:28:19 GMT
SAML_schema.png
blog.hacktivesecurity.com/wp-content/uploads/2021/07/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.hacktivesecurity.com/wp-content/uploads/2021/07/SAML_schema.png
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1457c68915183b537cacb762e131b913431b916f71a19c0ffff352b55588dc38

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Fri, 09 Jul 2021 08:30:05 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"9376-5c6ac941af5a8"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
37750
signature_xml_element-1.png
blog.hacktivesecurity.com/wp-content/uploads/2021/07/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.hacktivesecurity.com/wp-content/uploads/2021/07/signature_xml_element-1.png
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
39b158fa382866ee38c6db84789aa301be55766c12edf361bb2e3272714bc3be

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Fri, 09 Jul 2021 08:43:55 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3e0b-5c6acc593d1f0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
15883
13_auth0.png
blog.hacktivesecurity.com/wp-content/uploads/2021/07/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.hacktivesecurity.com/wp-content/uploads/2021/07/13_auth0.png
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3940825556b276200f7e7b4e3ed574db13c0deb8f3d55e8c300a3f239ea1d2c6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Fri, 09 Jul 2021 08:44:56 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"c169-5c6acc943776e"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
49513
14_auth0.png
blog.hacktivesecurity.com/wp-content/uploads/2021/07/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.hacktivesecurity.com/wp-content/uploads/2021/07/14_auth0.png
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c90a3ffca804d5e849c32de401c3e327c9d7daae74adc347dfe194802ece13e1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Fri, 09 Jul 2021 08:45:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"11bca-5c6accae35a22"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
72650
Schermata-2020-11-24-alle-11.21.18.png
blog.hacktivesecurity.com/wp-content/uploads/2021/01/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.hacktivesecurity.com/wp-content/uploads/2021/01/Schermata-2020-11-24-alle-11.21.18.png
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5944b9df1de0a3c4906be9c55d77e9015a9b6d31fab823f829ae22975498127d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Mon, 21 Jun 2021 10:16:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2d9a4-5c543f5e084d4"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
186788
player_api
www.youtube.com/ 		980 B
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/wp-content/themes/masonry-grid/assets/lib/custom/js/custom.js?ver=5.7.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
38557bb8483434b6ad5e1d1a5e3b24ef800f7c63845322e8d67c8f7d041dde25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.hacktivesecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 12:23:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 12 Jul 2021 12:23:19 GMT
Screenshot-2021-06-17-at-23.26.32.png
blog.hacktivesecurity.com/wp-content/uploads/2021/06/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.hacktivesecurity.com/wp-content/uploads/2021/06/Screenshot-2021-06-17-at-23.26.32.png
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
34f3809cf641980705f854280b87768a89c97ac5f6ed936879cf685fa14a03e6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Thu, 17 Jun 2021 21:26:43 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"176cdb-5c4fcdd16e1fe"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
1535195
Screenshot-2021-06-17-at-23.31.51.png
blog.hacktivesecurity.com/wp-content/uploads/2021/06/ 		416 KB
417 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.hacktivesecurity.com/wp-content/uploads/2021/06/Screenshot-2021-06-17-at-23.31.51.png
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
80df90af0459a81059a617de4458ed622838662668a2e028fdf1a997813367a1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Thu, 17 Jun 2021 21:32:13 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"6811f-5c4fcf0c0cc07"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
426271
Screenshot-2021-06-17-at-23.38.25.png
blog.hacktivesecurity.com/wp-content/uploads/2021/06/ 		531 KB
532 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.hacktivesecurity.com/wp-content/uploads/2021/06/Screenshot-2021-06-17-at-23.38.25.png
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
13e4226e84f0bfb80f6b40bf461ac235fbf841855c0a3bda3c56d5fa3f343190

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Thu, 17 Jun 2021 21:38:40 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"84dc3-5c4fd07d43d2a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
544195
Screenshot-2021-06-17-at-23.46.10.png
blog.hacktivesecurity.com/wp-content/uploads/2021/06/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.hacktivesecurity.com/wp-content/uploads/2021/06/Screenshot-2021-06-17-at-23.46.10.png
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e2d9c9c5d7194f2be4e487c26b655aa42272801122730d81c2920eaf4eff6e64

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Thu, 17 Jun 2021 21:46:21 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"106383-5c4fd2351db33"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1074051
Screenshot-2021-06-17-at-23.47.14.jpg
blog.hacktivesecurity.com/wp-content/uploads/2021/06/ 		406 KB
406 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.hacktivesecurity.com/wp-content/uploads/2021/06/Screenshot-2021-06-17-at-23.47.14.jpg
Requested by
Host: blog.hacktivesecurity.com
URL: https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.48.155 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b7d189a258207adcf0133f8787614c3612e6d34bf4b27d41abf093f85f603539

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
blog.hacktivesecurity.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
Connection
keep-alive
Referer
https://blog.hacktivesecurity.com/index.php/2021/07/09/notsosaml-privilege-escalation-via-xml-signature-wrapping-on-minorangesaml-drupal-plugin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 12:23:19 GMT
Last-Modified
Thu, 17 Jun 2021 21:48:14 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"6564d-5c4fd2a0d76e1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
415309
www-widgetapi.js
www.youtube.com/s/player/51ff6aac/www-widgetapi.vflset/ 		125 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/51ff6aac/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2699cc909bdef9af6474579102a1114f4f81ad3b7319b0e89f09be85a57664f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.hacktivesecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 07:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Jul 2021 00:18:29 GMT
server
sffe
age
16262
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42629
x-xss-protection
0
expires
Tue, 12 Jul 2022 07:52:17 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings function| $ function| jQuery object| prism_settings object| _self object| Prism function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| Isotope object| masonry_grid_pagination object| masonry_grid_custom function| Masonry_Grid_Vimeo object| action object| iframe undefined| src undefined| ratio_class function| Masonry_Grid_Video function| onYouTubePlayerAPIReady function| Masonry_GridYoutubeVideo object| tag object| firstScriptTag function| Masonry_Grid_SetCookie function| Masonry_Grid_GetCookie object| MasonryGrid object| $masonry_grid_doc object| $masonry_grid_win object| viewport object| wp object| twemoji object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://blog.hacktivesecurity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.hacktivesecurity.com
lnkd.in
secure.gravatar.com
www.linkedin.com
www.youtube.com
108.174.10.10
2620:1ec:21::14
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a04:fa87:fffe::c000:4902
51.254.48.155
017fcf7ed3cef8b696b67ed89647ea0226b2b281e24a697c8517c7652d9fe6d2
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
1086f15a6e8498d6d48575e8dc78a04d8ef78c03986aabed5d0150747bda0a58
13e4226e84f0bfb80f6b40bf461ac235fbf841855c0a3bda3c56d5fa3f343190
1457c68915183b537cacb762e131b913431b916f71a19c0ffff352b55588dc38
212eb46f9831d550e56d4bc5bcd62ff223300a0ebd9d9d3ffac85df85b1a5596
21b589bbc25d38fbf4c8168b0801ce4cf9d0aa1d372ae1ac773574aaeb10c08d
27ae72daf88c7431896929273087c99910d019ae82dc0af7d86505c0f5ef5dbf
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
34f3809cf641980705f854280b87768a89c97ac5f6ed936879cf685fa14a03e6
38557bb8483434b6ad5e1d1a5e3b24ef800f7c63845322e8d67c8f7d041dde25
3940825556b276200f7e7b4e3ed574db13c0deb8f3d55e8c300a3f239ea1d2c6
39b158fa382866ee38c6db84789aa301be55766c12edf361bb2e3272714bc3be
47be7c9dceef0435bf2c71d278531497e98ca6126d8e87d603bf80ae9bc7a39c
4adec8a69926ae0cafe461e10c270904d5d6747304ff59a9bf90764f2d8016d1
5944b9df1de0a3c4906be9c55d77e9015a9b6d31fab823f829ae22975498127d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
687fc99e322c6c306a4e4c92099c3df35735687f72a40ef6239e5ee4f5bd8f13
6d6989575793f516b1481b6022cc881b09e344fe5c1961c3a683e94442929b22
80df90af0459a81059a617de4458ed622838662668a2e028fdf1a997813367a1
87d718a282da60f8ef79c2c85e2999bd0fe7a6ef3fc77ccb3ad8a5ff8474b1ef
a032c88305d5d668d7384cb55108e95bba4c2225b2e4420a136058a48a7d6e09
a2699cc909bdef9af6474579102a1114f4f81ad3b7319b0e89f09be85a57664f
a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b7d189a258207adcf0133f8787614c3612e6d34bf4b27d41abf093f85f603539
c3b7b5476983f8c0b8e0b7b17047701c07a1e51a4d094ec28d79e95ba101f0e6
c90a3ffca804d5e849c32de401c3e327c9d7daae74adc347dfe194802ece13e1
cb08369a63d7a4d80aa95d9a0555f878fe320090b349dd8a5bc3b158dfaa53c4
ddd5de6c9127c4601f7b420d241769ab528939b984c8118dd9833d43b2a9053f
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e2d9c9c5d7194f2be4e487c26b655aa42272801122730d81c2920eaf4eff6e64
e6c5b356bb46e89b498aa4855c727de72179dd24b6b8aa091f3cb23a13b1caf2
fd2ec9dbb1aaf2cf70393ea14ebda6f45309fed582aadb44edec9581959fe44c
fdf2148ed0a6e077fb8f60a36af7d9275fb7ac9b698390f5ac8bee4b12e74ab0
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869