offsec.almond.consulting Open in urlscan Pro
2606:4700:10::ac43:484  Public Scan

32 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request UAC-bypass-dotnet.html Show response offsec.almond.consulting/	89 KB 18 KB	160ms 111ms	Document text/html	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8361143bc1c2bbaa2e4b53f345772b623d81eac8eaced1ce26aa6ff45c4f058 Request headers :method GET :authority offsec.almond.consulting :scheme https :path /UAC-bypass-dotnet.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 18 Sep 2020 15:18:14 GMT content-type text/html content-length 18404 set-cookie __cfduid=d40dcbf82730982fc2f5f0f42fb084ad51600442294; expires=Sun, 18-Oct-20 15:18:14 GMT; path=/; domain=.almond.consulting; HttpOnly; SameSite=Lax accept-ranges bytes vary Accept-Encoding content-encoding gzip cf-cache-status DYNAMIC cf-request-id 05436478700000c2e56c1c5200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5d4c09d3ee0fc2e5-FRA
GET H2	200	style.css offsec.almond.consulting/theme/themes/betheme/	350 B 315 B	69ms 66ms	Stylesheet text/css	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/style.css?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bac123fdbc8d79bc866b302f8f217a25b2d9ddc6d860003ff30f44c0a086afce Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d4af5ec2e5-FRA content-length 229 cf-request-id 05436478e60000c2e56c1c9200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	base.css offsec.almond.consulting/theme/themes/betheme/css/	55 KB 12 KB	70ms 68ms	Stylesheet text/css	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/css/base.css?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18433b35d426a2c89125da82bd52b3db442798c3ec4c01a972f9cd2cabcbc237 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d4af61c2e5-FRA content-length 12284 cf-request-id 05436478e60000c2e56c1ca200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	layout.css offsec.almond.consulting/theme/themes/betheme/css/	115 KB 20 KB	83ms 81ms	Stylesheet text/css	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/css/layout.css?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12171110937515802d6cad82a5ccd5533cdc768140465ffc8b674b7f6625ac87 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d4af63c2e5-FRA content-length 19915 cf-request-id 05436478e60000c2e56c1cb200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	shortcodes.css offsec.almond.consulting/theme/themes/betheme/css/	134 KB 22 KB	67ms 65ms	Stylesheet text/css	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/css/shortcodes.css?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a35e34d7ec8cfd9fb1acc84fe91341809d276bcd1533f60cb369e86c129553cf Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d4af65c2e5-FRA content-length 22367 cf-request-id 05436478e70000c2e56c1cc200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	animations.min.css offsec.almond.consulting/theme/themes/betheme/assets/animations/	57 KB 5 KB	65ms 63ms	Stylesheet text/css	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/assets/animations/animations.min.css?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e803d4290c5baec790ecde06d9308c6bf17f967c8232e3651844bfd60dd2a9f5 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d4af66c2e5-FRA content-length 5418 cf-request-id 05436478e70000c2e56c1cd200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	jplayer.blue.monday.css offsec.almond.consulting/theme/themes/betheme/assets/jplayer/css/	10 KB 2 KB	66ms 64ms	Stylesheet text/css	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 593998021e5710fcc6797244da4006389ea8a5c15dc3ce7a661685cb36638844 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d4af68c2e5-FRA content-length 2087 cf-request-id 05436478e70000c2e56c1ce200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	responsive.css offsec.almond.consulting/theme/themes/betheme/css/	55 KB 10 KB	73ms 72ms	Stylesheet text/css	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/css/responsive.css?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46a9b5d2ada3e977bf001f2df44e39da0eadd55d116a72d4c9329f0dad62e7aa Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d4af69c2e5-FRA content-length 10076 cf-request-id 05436478e70000c2e56c1cf200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	35ms 15ms	Stylesheet text/css	2a00:1450:4001:818::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&ver=5.2.3 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bb162740e3b55387d7b41d3667b3489e5b28918a2e0e02882995c2ebbd49c068 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 18 Sep 2020 15:18:14 GMT server ESF date Fri, 18 Sep 2020 15:18:14 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 18 Sep 2020 15:18:14 GMT
GET H2	200	pygments.css offsec.almond.consulting/theme/css/	3 KB 488 B	76ms 74ms	Stylesheet text/css	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/css/pygments.css Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5127e3a9305391b65d9c17cba01a9f7cfb58a571bf7b0c7714b27b74ce2badb9 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d4af6ac2e5-FRA content-length 402 cf-request-id 05436478e70000c2e56c1d0200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	jquery.js Show response almond.consulting/wp-includes/js/jquery/	95 KB 33 KB	51ms 42ms	Script application/javascript	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://almond.consulting/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status HIT age 83102 cf-polished origSize=96873 status 200 cf-request-id 05436478f30000c2e56c1d1200000001 last-modified Fri, 17 May 2019 04:25:54 GMT server cloudflare etag W/"5cde37d2-17a69" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 5d4c09d4bf95c2e5-FRA cf-bgj minify
GET H2	200	jquery-migrate.min.js Show response almond.consulting/wp-includes/js/jquery/	10 KB 4 KB	27ms 18ms	Script application/javascript	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://almond.consulting/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 20 May 2016 06:11:28 GMT server cloudflare age 83102 status 200 etag W/"573eaa90-2748" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 5d4c09d4bf96c2e5-FRA cf-request-id 05436478f30000c2e56c1d2200000001
GET H2	200	Almond-logo-noir.png offsec.almond.consulting/theme/	6 KB 6 KB	71ms 68ms	Image image/png	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://offsec.almond.consulting/theme/Almond-logo-noir.png Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d2309b81c3747a0e254469949da9945ef766e0dd85a55df72089d382efdec09 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548ebc2e5-FRA content-length 5940 cf-request-id 05436479500000c2e56c1e0200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	UAC-bypass-dotnet-01.png offsec.almond.consulting/images/UAC-bypass-dotnet/	122 KB 122 KB	143ms 140ms	Image image/png	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://offsec.almond.consulting/images/UAC-bypass-dotnet/UAC-bypass-dotnet-01.png Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5907fdc184c85731a8010d2a98619d1c8c7a40585a12f6bcc2bf03b95c4294cf Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT cf-cache-status MISS last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548ecc2e5-FRA content-length 124590 cf-request-id 05436479500000c2e56c1e1200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	UAC-bypass-dotnet-02.png offsec.almond.consulting/images/UAC-bypass-dotnet/	88 KB 88 KB	140ms 136ms	Image image/png	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://offsec.almond.consulting/images/UAC-bypass-dotnet/UAC-bypass-dotnet-02.png Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76ecab113025d0f02cf406f0c081ff00b04143fd4a57a290536e666569c5dac8 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT cf-cache-status MISS last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548edc2e5-FRA content-length 90265 cf-request-id 05436479500000c2e56c1e2200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	UAC-bypass-dotnet-03.png offsec.almond.consulting/images/UAC-bypass-dotnet/	154 KB 155 KB	146ms 143ms	Image image/png	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://offsec.almond.consulting/images/UAC-bypass-dotnet/UAC-bypass-dotnet-03.png Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbf5979ea763eb93ca0ccf053444b2ca813618354048727e8952e3d894830a33 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT cf-cache-status MISS last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548efc2e5-FRA content-length 158052 cf-request-id 05436479500000c2e56c1e3200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	UAC-bypass-dotnet-04.png offsec.almond.consulting/images/UAC-bypass-dotnet/	31 KB 31 KB	128ms 125ms	Image image/png	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://offsec.almond.consulting/images/UAC-bypass-dotnet/UAC-bypass-dotnet-04.png Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8731f42d334f033b7742ca1a692741a9841d1cb929311cd3add8c11133aa9899 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT cf-cache-status MISS last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548f0c2e5-FRA content-length 32014 cf-request-id 05436479500000c2e56c1e4200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	UAC-bypass-dotnet-05.png offsec.almond.consulting/images/UAC-bypass-dotnet/	50 KB 50 KB	151ms 148ms	Image image/png	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://offsec.almond.consulting/images/UAC-bypass-dotnet/UAC-bypass-dotnet-05.png Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36dfa35cb6fad6790a77a18e1cb4a6a92aef12380be2b5e55ce5e7576960c0ba Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT cf-cache-status MISS last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548f2c2e5-FRA content-length 51074 cf-request-id 05436479500000c2e56c1e5200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	UAC-bypass-dotnet-06.png offsec.almond.consulting/images/UAC-bypass-dotnet/	156 KB 156 KB	152ms 149ms	Image image/png	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://offsec.almond.consulting/images/UAC-bypass-dotnet/UAC-bypass-dotnet-06.png Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 177956654dd261354dc903a072d3fd887b26e5a84c3cac6ce20fde97df009afa Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT cf-cache-status MISS last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548f5c2e5-FRA content-length 159470 cf-request-id 05436479500000c2e56c1e6200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	UAC-bypass-dotnet-07.png offsec.almond.consulting/images/UAC-bypass-dotnet/	13 KB 13 KB	124ms 122ms	Image image/png	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://offsec.almond.consulting/images/UAC-bypass-dotnet/UAC-bypass-dotnet-07.png Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0533038fb8d1924efbcf9ded30df7aa500b79ce5542d401fb098aacb74e99785 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT cf-cache-status MISS last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548fcc2e5-FRA content-length 12845 cf-request-id 05436479500000c2e56c1e7200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	UAC-bypass-dotnet-08.png offsec.almond.consulting/images/UAC-bypass-dotnet/	29 KB 30 KB	128ms 126ms	Image image/png	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://offsec.almond.consulting/images/UAC-bypass-dotnet/UAC-bypass-dotnet-08.png Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40778e66c19b99484bf187727e854059730a96961f6a93fe61234cab945f678d Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT cf-cache-status MISS last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d54900c2e5-FRA content-length 30140 cf-request-id 05436479500000c2e56c1e8200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	UAC-bypass-dotnet-09.png offsec.almond.consulting/images/UAC-bypass-dotnet/	19 KB 19 KB	123ms 121ms	Image image/png	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://offsec.almond.consulting/images/UAC-bypass-dotnet/UAC-bypass-dotnet-09.png Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fad9806a28a3dc43a2b38390cd45b8374e8e19a2f3275a0ab8ccfb066a2c5a1 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT cf-cache-status MISS last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d54903c2e5-FRA content-length 19366 cf-request-id 05436479500000c2e56c1e9200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	jquery-ui.min.js Show response code.jquery.com/ui/1.12.1/	248 KB 66 KB	33ms 8ms	Script application/javascript	2001:4de0:ac19::1:b:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.12.1/jquery-ui.min.js Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip last-modified Wed, 14 Sep 2016 16:34:16 GMT server nginx status 200 etag W/"57d97c08-3dee4" vary Accept-Encoding x-hw 1600442294.dop165.fr8.t,1600442294.cds203.fr8.hn,1600442294.cds151.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 67751
GET H2	200	plugins.js Show response offsec.almond.consulting/theme/themes/betheme/js/	190 KB 52 KB	72ms 72ms	Script application/javascript	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/js/plugins.js?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fa6485c9703675e0ec1675558e3b9a02bb7b9d862f2680cf546f5656eee2203 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d528a0c2e5-FRA content-length 53201 cf-request-id 054364793b0000c2e56c1da200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	menu.js Show response offsec.almond.consulting/theme/themes/betheme/js/	2 KB 1014 B	79ms 74ms	Script application/javascript	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/js/menu.js?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c22005bbdf738de61a4c2ee99c2b3c4fe52f336dfc8aa274860c58c845027d50 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548e2c2e5-FRA content-length 826 cf-request-id 054364794f0000c2e56c1db200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	animations.min.js Show response offsec.almond.consulting/theme/themes/betheme/assets/animations/	2 KB 708 B	73ms 68ms	Script application/javascript	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/assets/animations/animations.min.js?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 602797e80613c3623325594e96463093c626554dff563622e8fbc3e795d283e0 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548e5c2e5-FRA content-length 622 cf-request-id 054364794f0000c2e56c1dc200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	jplayer.min.js Show response offsec.almond.consulting/theme/themes/betheme/assets/jplayer/	51 KB 13 KB	77ms 72ms	Script application/javascript	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c36a1d5b71cce2b22a63e9593f75c0170f2620ed7bbad0bc12739accd84d38ce Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548e7c2e5-FRA content-length 12713 cf-request-id 054364794f0000c2e56c1dd200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	translate3d.js Show response offsec.almond.consulting/theme/themes/betheme/js/parallax/	5 KB 2 KB	79ms 74ms	Script application/javascript	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/js/parallax/translate3d.js?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f25f13e58a8709b8aa0bd7ebaa2d8f17fdfe165c55ccb8b96d862fe8f8caa90f Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548e9c2e5-FRA content-length 1499 cf-request-id 054364794f0000c2e56c1de200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	scripts.js Show response offsec.almond.consulting/theme/themes/betheme/js/	68 KB 14 KB	87ms 83ms	Script application/javascript	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/js/scripts.js?ver=21.2.5 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/UAC-bypass-dotnet.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a10293a258541292c522058388a56eb1911d12b4fc66fd11de39d360d6755757 Request headers Referer https://offsec.almond.consulting/UAC-bypass-dotnet.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d548eac2e5-FRA content-length 14180 cf-request-id 054364794f0000c2e56c1df200000001 expires Fri, 18 Sep 2020 15:33:14 GMT
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2 fonts.gstatic.com/s/poppins/v13/	8 KB 8 KB	30ms 9ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&ver=5.2.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://offsec.almond.consulting Referer https://fonts.googleapis.com/css?family=Poppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&ver=5.2.3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Sep 2020 18:28:46 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:00 GMT server sffe age 247768 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7988 x-xss-protection 0 expires Wed, 15 Sep 2021 18:28:46 GMT
GET H2	200	pxiGyp8kv8JHgFVrJJLucHtAOvWDSA.woff2 fonts.gstatic.com/s/poppins/v13/	8 KB 9 KB	27ms 7ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v13/pxiGyp8kv8JHgFVrJJLucHtAOvWDSA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&ver=5.2.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://offsec.almond.consulting Referer https://fonts.googleapis.com/css?family=Poppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&ver=5.2.3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Sep 2020 18:40:09 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:21 GMT server sffe age 247085 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8656 x-xss-protection 0 expires Wed, 15 Sep 2021 18:40:09 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2 fonts.gstatic.com/s/poppins/v13/	8 KB 8 KB	26ms 6ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&ver=5.2.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://offsec.almond.consulting Referer https://fonts.googleapis.com/css?family=Poppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&ver=5.2.3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Sep 2020 18:24:56 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:13 GMT server sffe age 247998 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7832 x-xss-protection 0 expires Wed, 15 Sep 2021 18:24:56 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2 fonts.gstatic.com/s/poppins/v13/	8 KB 8 KB	31ms 12ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v13/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&ver=5.2.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://offsec.almond.consulting Referer https://fonts.googleapis.com/css?family=Poppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&ver=5.2.3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Sep 2020 18:28:52 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:01 GMT server sffe age 247762 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7900 x-xss-protection 0 expires Wed, 15 Sep 2021 18:28:52 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2 fonts.gstatic.com/s/poppins/v13/	8 KB 8 KB	28ms 11ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v13/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&ver=5.2.3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://offsec.almond.consulting Referer https://fonts.googleapis.com/css?family=Poppins%3A1%2C300%2C400%2C400italic%2C500%2C600%2C700%2C700italic&ver=5.2.3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Sep 2020 18:26:58 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:08:52 GMT server sffe age 247876 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7776 x-xss-protection 0 expires Wed, 15 Sep 2021 18:26:58 GMT
GET H2	200	mfn-icons.woff offsec.almond.consulting/theme/themes/betheme/fonts/	79 KB 79 KB	82ms 82ms	Font application/x-font-woff	2606:4700:10::ac43:484 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://offsec.almond.consulting/theme/themes/betheme/fonts/mfn-icons.woff?23791288 Requested by Host: offsec.almond.consulting URL: https://offsec.almond.consulting/theme/themes/betheme/css/base.css?ver=21.2.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:484 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a84501edf89d90c0baa41cd95dcc0528f6d63cc996929dabeb3f54a5d6b06e4 Request headers Origin https://offsec.almond.consulting Referer https://offsec.almond.consulting/theme/themes/betheme/css/base.css?ver=21.2.5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Sep 2020 15:18:14 GMT cf-cache-status EXPIRED last-modified Mon, 16 Mar 2020 15:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-font-woff status 200 cache-control max-age=1800 accept-ranges bytes cf-ray 5d4c09d5691ec2e5-FRA content-length 81192 cf-request-id 054364795c0000c2e56c1ee200000001

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes undefined| $ function| jQuery object| mfn function| EvEmitter function| imagesLoaded object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Isotope function| Masonry object| NiceScroll function| Waypoint function| animateElement function| randomClass function| animateOnce function| animateInfinite function| animateEnd string| triggerClasses object| classesArray number| classAmount object| jQuery1124020645088603694695 object| mfnSetup

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.almond.consulting/	1970-01-19 13:17:14	Name: __cfduid Value: d40dcbf82730982fc2f5f0f42fb084ad51600442294

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://almond.consulting/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

almond.consulting
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
offsec.almond.consulting
2001:4de0:ac19::1:b:1a
2606:4700:10::ac43:484
2a00:1450:4001:818::200a
2a00:1450:4001:825::2003
0533038fb8d1924efbcf9ded30df7aa500b79ce5542d401fb098aacb74e99785
12171110937515802d6cad82a5ccd5533cdc768140465ffc8b674b7f6625ac87
177956654dd261354dc903a072d3fd887b26e5a84c3cac6ce20fde97df009afa
18433b35d426a2c89125da82bd52b3db442798c3ec4c01a972f9cd2cabcbc237
2a84501edf89d90c0baa41cd95dcc0528f6d63cc996929dabeb3f54a5d6b06e4
2d2309b81c3747a0e254469949da9945ef766e0dd85a55df72089d382efdec09
36dfa35cb6fad6790a77a18e1cb4a6a92aef12380be2b5e55ce5e7576960c0ba
40778e66c19b99484bf187727e854059730a96961f6a93fe61234cab945f678d
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
46a9b5d2ada3e977bf001f2df44e39da0eadd55d116a72d4c9329f0dad62e7aa
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5127e3a9305391b65d9c17cba01a9f7cfb58a571bf7b0c7714b27b74ce2badb9
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5907fdc184c85731a8010d2a98619d1c8c7a40585a12f6bcc2bf03b95c4294cf
593998021e5710fcc6797244da4006389ea8a5c15dc3ce7a661685cb36638844
602797e80613c3623325594e96463093c626554dff563622e8fbc3e795d283e0
76ecab113025d0f02cf406f0c081ff00b04143fd4a57a290536e666569c5dac8
8731f42d334f033b7742ca1a692741a9841d1cb929311cd3add8c11133aa9899
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8fad9806a28a3dc43a2b38390cd45b8374e8e19a2f3275a0ab8ccfb066a2c5a1
9fa6485c9703675e0ec1675558e3b9a02bb7b9d862f2680cf546f5656eee2203
a10293a258541292c522058388a56eb1911d12b4fc66fd11de39d360d6755757
a35e34d7ec8cfd9fb1acc84fe91341809d276bcd1533f60cb369e86c129553cf
a8361143bc1c2bbaa2e4b53f345772b623d81eac8eaced1ce26aa6ff45c4f058
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bac123fdbc8d79bc866b302f8f217a25b2d9ddc6d860003ff30f44c0a086afce
bb162740e3b55387d7b41d3667b3489e5b28918a2e0e02882995c2ebbd49c068
c22005bbdf738de61a4c2ee99c2b3c4fe52f336dfc8aa274860c58c845027d50
c36a1d5b71cce2b22a63e9593f75c0170f2620ed7bbad0bc12739accd84d38ce
cbf5979ea763eb93ca0ccf053444b2ca813618354048727e8952e3d894830a33
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
e803d4290c5baec790ecde06d9308c6bf17f967c8232e3651844bfd60dd2a9f5
f25f13e58a8709b8aa0bd7ebaa2d8f17fdfe165c55ccb8b96d862fe8f8caa90f
f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5