URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_...
Submission: On May 21 via api from US

Summary

This website contacted 37 IPs in 5 countries across 31 domains to perform 221 HTTP transactions. The main IP is 2606:4700:3036::ac43:c75c, located in United States and belongs to CLOUDFLARENET, US. The main domain is mrhacker.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2020. Valid for: a year.
This is the only time mrhacker.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
41 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
30 2606:2800:234... 15133 (EDGECAST)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 199.232.196.134 54113 (FASTLY)
19 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
22 2600:9000:211... 16509 (AMAZON-02)
8 151.101.0.134 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
5 104.244.42.200 13414 (TWITTER)
12 85.10.201.130 24940 (HETZNER-AS)
5 151.101.112.64 54113 (FASTLY)
2 151.101.14.49 54113 (FASTLY)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2606:2800:134... 15133 (EDGECAST)
3 4 185.33.221.53 29990 (ASN-APPNEX)
3 104.244.43.131 54113 (FASTLY)
2 3 13.32.25.30 16509 (AMAZON-02)
4 7 35.244.174.68 15169 (GOOGLE)
2 2 172.217.18.98 15169 (GOOGLE)
1 2 54.170.163.171 16509 (AMAZON-02)
2 2 193.0.160.128 54312 (ROCKETFUEL)
2 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
221 37
Apex Domain
Subdomains
Transfer
41 mrhacker.co
mrhacker.co
575 KB
35 twitter.com
platform.twitter.com
syndication.twitter.com
689 KB
24 disquscdn.com
c.disquscdn.com
a.disquscdn.com
857 KB
19 adsxyz.com
adsxyz.com
18 KB
18 disqus.com
mrhackerco.disqus.com
disqus.com
tempest.services.disqus.com
referrer.disqus.com
links.services.disqus.com
glitter.services.disqus.com
108 KB
12 a-ads.com
ad.a-ads.com
static.a-ads.com
460 KB
11 twimg.com
cdn.syndication.twimg.com
abs-0.twimg.com
pbs.twimg.com
273 KB
8 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
158 KB
7 rlcdn.com
ejp.rlcdn.com
idsync.rlcdn.com
2 KB
7 null88.com
null88.com
4 KB
7 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
5 KB
5 google.com
adservice.google.com
apis.google.com
accounts.google.com
40 KB
5 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
105 KB
4 adnxs.com
ib.adnxs.com
4 KB
3 rezync.com
live.rezync.com
3 KB
3 google-analytics.com
www.google-analytics.com
38 KB
2 criteo.com
gum.criteo.com
743 B
2 rfihub.com
p.rfihub.com
2 KB
2 narrative.io
io.narrative.io
826 B
2 viglink.com
cdn.viglink.com
593 B
2 facebook.net
connect.facebook.net
66 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com
83 KB
2 googleapis.com
fonts.googleapis.com
2 KB
1 facebook.com
www.facebook.com
1 cloudflare.com
cdnjs.cloudflare.com
26 KB
1 googletagservices.com
www.googletagservices.com
27 KB
1 google.de
adservice.google.de
698 B
1 googleadservices.com
partner.googleadservices.com
640 B
1 gravatar.com
secure.gravatar.com
3 KB
1 googletagmanager.com
www.googletagmanager.com
35 KB
0 thehacker.co Failed
thehacker.co Failed
221 31
Domain Requested by
41 mrhacker.co mrhacker.co
adsxyz.com
30 platform.twitter.com mrhacker.co
platform.twitter.com
22 c.disquscdn.com mrhackerco.disqus.com
disqus.com
c.disquscdn.com
tempest.services.disqus.com
mrhacker.co
19 adsxyz.com mrhacker.co
adsxyz.com
8 disqus.com mrhackerco.disqus.com
c.disquscdn.com
7 ad.a-ads.com null88.com
7 null88.com adsxyz.com
6 pbs.twimg.com mrhacker.co
platform.twitter.com
6 pagead2.googlesyndication.com mrhacker.co
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 idsync.rlcdn.com 2 redirects c.disquscdn.com
live.rezync.com
5 static.a-ads.com ad.a-ads.com
5 syndication.twitter.com platform.twitter.com
mrhacker.co
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 ib.adnxs.com 3 redirects c.disquscdn.com
4 fonts.gstatic.com fonts.googleapis.com
3 live.rezync.com 2 redirects c.disquscdn.com
3 abs-0.twimg.com mrhacker.co
3 links.services.disqus.com c.disquscdn.com
mrhacker.co
3 referrer.disqus.com mrhacker.co
3 www.google-analytics.com www.googletagmanager.com
mrhacker.co
adsxyz.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 gum.criteo.com 2 redirects
2 p.rfihub.com 2 redirects
2 io.narrative.io 1 redirects mrhacker.co
2 cm.g.doubleclick.net 2 redirects
2 ejp.rlcdn.com 2 redirects
2 cdn.syndication.twimg.com platform.twitter.com
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 cdn.viglink.com mrhacker.co
2 apis.google.com c.disquscdn.com
apis.google.com
2 connect.facebook.net c.disquscdn.com
connect.facebook.net
2 a.disquscdn.com mrhacker.co
c.disquscdn.com
2 mrhackerco.disqus.com mrhacker.co
mrhackerco.disqus.com
2 netdna.bootstrapcdn.com mrhacker.co
netdna.bootstrapcdn.com
2 fonts.googleapis.com mrhacker.co
1 glitter.services.disqus.com c.disquscdn.com
1 ssl.gstatic.com accounts.google.com
1 www.facebook.com c.disquscdn.com
1 tempest.services.disqus.com c.disquscdn.com
1 cdnjs.cloudflare.com adsxyz.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 secure.gravatar.com mrhacker.co
1 www.googletagmanager.com mrhacker.co
0 thehacker.co Failed adsxyz.com
221 47
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-16 -
2021-08-16
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-14 -
2022-11-16
2 years crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
*.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA
2020-04-20 -
2022-05-09
2 years crt.sh
*.googleadservices.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
a.disquscdn.com
Amazon
2020-11-30 -
2021-12-29
a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2020-12-02 -
2022-01-02
a year crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-26 -
2022-05-28
a year crt.sh
*.disquscdn.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-04-06 -
2021-07-03
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
ssl418259.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2021-04-06 -
2021-10-13
6 months crt.sh
accounts.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.rezync.com
Amazon
2021-01-26 -
2022-02-23
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.narrative.io
Amazon
2021-04-07 -
2022-05-06
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh

This page contains 54 frames:

Primary Page: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Frame ID: DB22EE9D08DE6C0D08C3D6D156F437CF
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: 9E096BF93DEB8DA53839D621D2D5E0B6
Requests: 1 HTTP requests in this frame

Frame: https://adsxyz.com/sponsors/linklite/300x250.html
Frame ID: 46641D8CCA54893A0888DEC9AA1B7B31
Requests: 2 HTTP requests in this frame

Frame: https://adsxyz.com/sponsors/network/index.html
Frame ID: 97F22B945686816B6FC401E68E99D03D
Requests: 6 HTTP requests in this frame

Frame: https://adsxyz.com/sponsors/linklite/300x100.html
Frame ID: D1F71F1207F1E0023D986A34B7A700EC
Requests: 2 HTTP requests in this frame

Frame: https://adsxyz.com/sponsors/linklite/728x90.html
Frame ID: B365FD075496FE5F4697DD795C43D533
Requests: 2 HTTP requests in this frame

Frame: https://adsxyz.com/sponsors/linklite/300x250.html
Frame ID: DDBA7845AAF17741FF9C4A60E713F95A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7952463575870072&output=html&adk=1812271804&adf=3025194257&lmt=1621603198&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621603197862&bpp=4&bdt=257&idt=352&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=444747564525&frm=20&pv=2&ga_vid=71634171.1621603198&ga_sid=1621603198&ga_hid=534237799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=4309633950982047&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=385
Frame ID: 73DF012020DE93135AC704774684554B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=200&slotname=8044118461&adk=705472006&adf=3520915286&pi=t.ma~as.8044118461&w=1021&fwrn=4&lmt=1621603198&rafmt=11&psa=0&format=1021x200&url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621603197901&bpp=4&bdt=296&idt=394&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=444747564525&frm=20&pv=2&ga_vid=71634171.1621603198&ga_sid=1621603198&ga_hid=534237799&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=132&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=4309633950982047&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gLUxKtV8xB&p=https%3A//mrhacker.co&dtd=403
Frame ID: 85DE769553865FEB16B69010412FA82B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fmrhacker.co
Frame ID: 519B148536E37A63AEB84CF96D066D2D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=200&slotname=5536279749&adk=952393648&adf=4004256050&pi=t.ma~as.5536279749&w=1021&fwrn=4&lmt=1621603198&rafmt=11&psa=0&format=1021x200&url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621603197905&bpp=25&bdt=300&idt=501&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1021x200&nras=1&correlator=444747564525&frm=20&pv=1&ga_vid=71634171.1621603198&ga_sid=1621603198&ga_hid=534237799&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=132&ady=1851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=4309633950982047&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yUQu7KgmUz&p=https%3A//mrhacker.co&dtd=527
Frame ID: 4CCC4202FE9475696FC7E6FF88DCF68A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=200&slotname=5536279749&adk=3883167614&adf=466642414&pi=t.ma~as.5536279749&w=1021&fwrn=4&lmt=1621603198&rafmt=11&psa=0&format=1021x200&url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621603197976&bpp=2&bdt=371&idt=498&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1021x200%2C1021x200&nras=1&correlator=444747564525&frm=20&pv=1&ga_vid=71634171.1621603198&ga_sid=1621603198&ga_hid=534237799&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=132&ady=2667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=4309633950982047&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4TOH6Z8Pdc&p=https%3A//mrhacker.co&dtd=503
Frame ID: EB14A006C05A709B6E1670D5100BBE8C
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
Frame ID: 0604052A81EE8864E55EBDF9E5AA8FFC
Requests: 20 HTTP requests in this frame

Frame: https://mrhacker.co/banner/aads_300x250.html
Frame ID: 68DBD1A8D2F2D68BF3C80A82059489E3
Requests: 1 HTTP requests in this frame

Frame: https://null88.com/banner/aads_300x250.html
Frame ID: 7359382F4FDB6CB5E0627B6883ECF2E0
Requests: 1 HTTP requests in this frame

Frame: https://thehacker.co/banner/aads_300x250.html
Frame ID: F98DD73F15CC908574B643BB02E2D561
Requests: 1 HTTP requests in this frame

Frame: https://mrhacker.co/banner/aads_300x250.html
Frame ID: 17D3DE3CD6A79914635B938A797D8487
Requests: 1 HTTP requests in this frame

Frame: https://null88.com/banner/aads_300x250.html
Frame ID: 80F40D646CAE960344E6175A7D31329A
Requests: 1 HTTP requests in this frame

Frame: https://thehacker.co/banner/aads_300x250.html
Frame ID: 364BB70E36051CF608F8C235F90F9014
Requests: 1 HTTP requests in this frame

Frame: https://mrhacker.co/banner/aads_320x50.html
Frame ID: 3882C4D375DE26130646AB93D22E9614
Requests: 1 HTTP requests in this frame

Frame: https://null88.com/banner/aads_320x50.html
Frame ID: 4CA9461F5DE989ACEC8DE0A11330CA7C
Requests: 1 HTTP requests in this frame

Frame: https://thehacker.co/banner/aads_320x50.html
Frame ID: 58D020D18F6780AFEA8A3B9FF9B80541
Requests: 1 HTTP requests in this frame

Frame: https://mrhacker.co/banner/aads_728x90.html
Frame ID: F91E1AC436DBD95D53B3611F3054C39E
Requests: 1 HTTP requests in this frame

Frame: https://null88.com/banner/aads_728x90.html
Frame ID: F72F560B5BA44DA2340C780F1660DF46
Requests: 1 HTTP requests in this frame

Frame: https://thehacker.co/banner/aads_728x90.html
Frame ID: D4A88F68F9BA920866C4D2555AE49257
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS
Frame ID: 3B6F85A09A0DC31B51D51AEB99B6F446
Requests: 12 HTTP requests in this frame

Frame: https://ad.a-ads.com/1331410?size=300x250
Frame ID: DB42C37F3A5AB11DA8D06E634371AD45
Requests: 2 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=mrhackerco&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%231d6fb7&colorScheme=light&sourceUrl=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&disqus_version=f39a31f
Frame ID: 9D057545134DDC0D1640831F97E4FF5C
Requests: 3 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: D421D269FF7418FE5B58BE067667A4FD
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 7AF5918416D1F8C131E9FC945F3B7A25
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Frame ID: D96191EA535E481A5150BBD249D16314
Requests: 20 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Frame ID: C9F21DDD9CB9DBF3295B23FE3960BF91
Requests: 22 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: EA7A54E22A8C97554666468A1EB4110C
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1331413?size=728x90
Frame ID: 6586668B5F60805BC3C6DC5737616BBC
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1331410?size=300x250
Frame ID: 0C19ECE0CF81DD5CD894D6D866ACE880
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1331411?size=320x50
Frame ID: 33B69215C6C02E44045DCF87C2A2B6DD
Requests: 2 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1eb50di1ifa2tq&pctry=AT&referrer=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906
Frame ID: 56D5884337AB26ED4C078AF428BECC72
Requests: 3 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPzfMQGJgNGGenDZRcjw3h4&google_cver=1
Frame ID: E51340CA8FF203123C259DCC36DBAE0C
Requests: 1 HTTP requests in this frame

Frame: https://adsxyz.com/sponsors/linklite/300x100.html
Frame ID: F752649D903DD30FB81EBF04C9DBBA4D
Requests: 2 HTTP requests in this frame

Frame: https://adsxyz.com/sponsors/linklite/728x90.html
Frame ID: F9C8835166DE2861F26038EC2ACD2398
Requests: 2 HTTP requests in this frame

Frame: https://adsxyz.com/sponsors/linklite/300x250.html
Frame ID: 3B920624D5F055C89EA7AB97FDD11AD1
Requests: 2 HTTP requests in this frame

Frame: https://mrhacker.co/banner/aads_320x50.html
Frame ID: D12C014B273B1E3DB3DC6AD863870AEB
Requests: 1 HTTP requests in this frame

Frame: https://null88.com/banner/aads_320x50.html
Frame ID: 35C2D016D8A91E42118F70877CF954C0
Requests: 1 HTTP requests in this frame

Frame: https://thehacker.co/banner/aads_320x50.html
Frame ID: 2A7232FB1968080480A4151E60AE382F
Requests: 1 HTTP requests in this frame

Frame: https://mrhacker.co/banner/aads_728x90.html
Frame ID: C6F664003EA45F7ABB1808967FA89851
Requests: 1 HTTP requests in this frame

Frame: https://null88.com/banner/aads_728x90.html
Frame ID: 399B80262E8A134F85677294C9F2A0D7
Requests: 1 HTTP requests in this frame

Frame: https://thehacker.co/banner/aads_728x90.html
Frame ID: 639A0DF21A279258AD46B801492E60A7
Requests: 1 HTTP requests in this frame

Frame: https://mrhacker.co/banner/aads_300x250.html
Frame ID: 06E7D4B6B4D7B9F00C5B24B2E47C8B71
Requests: 1 HTTP requests in this frame

Frame: https://null88.com/banner/aads_300x250.html
Frame ID: 67D5DFA9B26868C0E548CDD624996CD9
Requests: 1 HTTP requests in this frame

Frame: https://thehacker.co/banner/aads_300x250.html
Frame ID: 387C4AE64B490D2CAF93D1CA1D268D13
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 3AA868DC208F31DB5B9A12F0823ECC6C
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1331411?size=320x50
Frame ID: F1DCA89297EF17217AD114CA966955B6
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1331413?size=728x90
Frame ID: E0A0B141AAEEDD98E0E65F90DABBFD57
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1331410?size=300x250
Frame ID: EAEF2F6C90FD17A7855726AD096002D2
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

221
Requests

97 %
HTTPS

64 %
IPv6

31
Domains

47
Subdomains

37
IPs

5
Countries

3578 kB
Transfer

7502 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 194
  • https://ejp.rlcdn.com/501709.html HTTP 307
  • https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCIDnnoUGEgUI6AcQAEIASgA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPzfMQGJgNGGenDZRcjw3h4&google_cver=1
Request Chain 195
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Ac1eb50di1ifa2tq&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=3efb3430-ba37-11eb-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac1eb50di1ifa2tq&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis
Request Chain 197
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=7203524076022560153 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=831265fb-859f-4cf6-82ff-a4f8d02e369e%3A1621603200.73&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc1eb50di1ifa2tq HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c1eb50di1ifa2tq HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7203524076022560153
Request Chain 198
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=831265fb-859f-4cf6-82ff-a4f8d02e369e%3A1621603200.73&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871597495260606863 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c1eb50di1ifa2tq HTTP 307
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=j6HUE7_z9ivdpMyD3ro4TJKO5hOxc8rZ

221 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis
mrhacker.co/vulnerabilities/
107 KB
19 KB
Document
General
Full URL
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e266ee79702331906d5cf3925aca935801736d96f27d5226b008f24ba87009e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mrhacker.co
:scheme
https
:path
/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-cf-powered-by
WP Rocket 3.3
link
<https://mrhacker.co/wp-json/>; rel="https://api.w.org/" <https://mrhacker.co/?p=49739>; rel=shortlink
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae368000001776bc228000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AOoEzMRcP4qZmuQsua22zPeRLxw%2BqEJIaBq60pP9epL59oJY5HHQaFS2WJxhei8wupxOGtOQQ0v23LUo0xPzO%2BxAf3WkiseD0PUF%2BZuZZyghgkNQtaltwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e196a6d501776-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
132 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47950
x-xss-protection
0
server
cafe
etag
4501822382306722350
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 21 May 2021 13:19:57 GMT
style.min.css
mrhacker.co/wp-includes/css/dist/block-library/
40 KB
6 KB
Stylesheet
General
Full URL
https://mrhacker.co/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
631253
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3aba00004e07cd087000000001
last-modified
Sun, 17 Nov 2019 06:06:56 GMT
server
cloudflare
etag
W/"5dd0e380-a1fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G2YdznkdJZvmM337OFdUOaY%2BaPUF5jnkzGpjK7SWmWRvjbYAIezGcJKemEVRTETpNR%2FbEChAe2KQcMbKYCasVu5mclP7NjTT1AdKCv5BVZBqI6q40ST5ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19712e6d4e07-FRA
expires
Sun, 13 Jun 2021 05:59:04 GMT
style.css
mrhacker.co/wp-content/plugins/monarch/css/
113 KB
12 KB
Stylesheet
General
Full URL
https://mrhacker.co/wp-content/plugins/monarch/css/style.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143

Request headers

:path
/wp-content/plugins/monarch/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
658
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3aba00004e074e977000000001
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
W/"5d70eaec-1c56d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cprfLh73swGMcgBobGqH6%2BYJJP%2BPqZ6oHdyHVuPGIzhWiTSFqBMLlo9BYLrzqT76toACEIJwx%2F7o9z%2Fi%2BjVdZ0LTPjUozCWXYr1vMvOsBoaKNinDsz1NQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19712e6f4e07-FRA
expires
Sun, 20 Jun 2021 13:08:59 GMT
css
fonts.googleapis.com/
4 KB
740 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 21 May 2021 11:20:19 GMT
server
ESF
date
Fri, 21 May 2021 13:19:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 May 2021 13:19:57 GMT
reset.css
mrhacker.co/wp-content/themes/flex-mag/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/css/reset.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758

Request headers

:path
/wp-content/themes/flex-mag/css/reset.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73609
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3aba00004e07f4129000000001
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-434"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=344Un4%2F24LSdtvCTMNya4nv50ulDx%2B6LE69O4Dsk6QbbIT5avBlvRkYVFPwM92qCXNGliY8P8WAnV2MwazgG7QEACEXBgKh6X7pZOH1g3LIzQdK6geRipg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19712e704e07-FRA
expires
Sat, 19 Jun 2021 16:53:08 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/
37 KB
7 KB
Stylesheet
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 718
age
5155226
cdn-cachedat
2021-03-11 11:58:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3ab30000176e05118000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5c0f97ed0897d2e0f6db61e10b8f57df
cf-ray
652e19711e3c176e-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
style.css
mrhacker.co/wp-content/themes/flex-mag/
92 KB
15 KB
Stylesheet
General
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/style.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51efcb98223b7a4f4e1553657b36fd2322014e2c60e3e015c8b8221f8622b31a

Request headers

:path
/wp-content/themes/flex-mag/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73609
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3abb00004e07de989000000001
last-modified
Sat, 10 Aug 2019 13:18:30 GMT
server
cloudflare
etag
W/"5d4ec426-170e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZIVrHmsl%2B3uo5PTkwSKmVtzvimXNmEbb%2FSn7bvyCwvBkWd44yKlCMAUdkkzkPrnZIkycti0pGr7RucXYPns6qnAfbfjqBbI1kMaIB6APgBJokyvn%2FwxaMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19712e744e07-FRA
expires
Sat, 19 Jun 2021 16:53:08 GMT
css
fonts.googleapis.com/
33 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
399f4c281a2defa4e1b77f494f9af7d72813dbd69376f480dde8a1ae6ecc6a67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 21 May 2021 13:19:57 GMT
server
ESF
date
Fri, 21 May 2021 13:19:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 May 2021 13:19:57 GMT
style-sports.css
mrhacker.co/wp-content/themes/flex-mag/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/css/style-sports.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1b8da1dada254a423ac3fb0b3bf4b0dd8ffd3b6aad429bdc5aef431d3de557

Request headers

:path
/wp-content/themes/flex-mag/css/style-sports.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73609
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3abb00004e0700afd000000001
last-modified
Sun, 18 Aug 2019 15:31:52 GMT
server
cloudflare
etag
W/"5d596f68-ed5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1x8M6C1VijyNMWDYo0rOacJktlUf6LF1AarlU1mmQw1Wq%2Fqih7iwi9w%2B7Nih4um1KaWg11He8%2F6PGEkDauohq2BqATJqtfOVHYd1U2zIHRpBrD%2FPaa%2Bzhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19712e764e07-FRA
expires
Sat, 19 Jun 2021 16:53:08 GMT
media-queries.css
mrhacker.co/wp-content/themes/flex-mag/css/
91 KB
9 KB
Stylesheet
General
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/css/media-queries.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d

Request headers

:path
/wp-content/themes/flex-mag/css/media-queries.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73609
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3abc00004e070f2b6000000001
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-16af9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t4XkI2VFNh6Wfhh0etR68fFd%2BoPee3pgCWXY5ocZ5Ixh6lWJJTRZbNE4cNBK1HmUYvRyOKARs7EX1SQzKdDO4PfAXUJbRQYR8TiEOKYugn3PEXnWuPjdDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19712e774e07-FRA
expires
Sat, 19 Jun 2021 16:53:08 GMT
jquery.fancybox.min.css
mrhacker.co/wp-content/plugins/easy-fancybox/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://mrhacker.co/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc

Request headers

:path
/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
631253
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3abc00004e0711a75000000001
last-modified
Thu, 19 Sep 2019 16:12:18 GMT
server
cloudflare
etag
W/"5d83a8e2-fda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tr78zVfDx55xiF8ca%2BYEJHbeEbEFpSHpguf4RzSVwyoEQYuOBdkZnln%2B%2B0sHPo%2F0I3%2BYCBXrm3%2BHnweuAUwm7bwc4hLYpDNlzthb2qUkhj6YmUX%2FfCeCPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19712e694e07-FRA
expires
Sun, 13 Jun 2021 05:59:04 GMT
jquery.js
mrhacker.co/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://mrhacker.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2695
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3aba00004e0714841000000001
last-modified
Fri, 17 May 2019 10:08:54 GMT
server
cloudflare
etag
W/"5cde8836-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1V7HdqIKU8j%2B2By7BU5%2FRqeCTZE%2F3TV3RY3wfxe0gCNCd2IKIdFAHHGsuNTg2T3TVl3h6pPlnf%2B1TVp1ix9yv9u3kswZ3Q0O4nLs60WbyhGyNwwVfk3P1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19712e724e07-FRA
expires
Sun, 20 Jun 2021 12:35:02 GMT
jquery-migrate.min.js
mrhacker.co/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://mrhacker.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73609
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3ab900004e07ee85c000000001
last-modified
Thu, 19 May 2016 23:11:28 GMT
server
cloudflare
etag
W/"573e4820-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pVHZo16voLPL3Dp3E3D1FUYY0yWvZh4HNmP58x4i5E%2FqUDCo4vUJcO3IFz1ImCWwr8IUZ0Q1ED4ig%2BRQsrVL1FitgZDaq%2BdfxE4P3B12BcS68D9%2FdYefGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19712e6b4e07-FRA
expires
Sat, 19 Jun 2021 16:53:08 GMT
js
www.googletagmanager.com/gtag/
88 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-146590598-1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af41dbc4e562110814632b039b6441559294bda49ba486114c264b9cdc2ac937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35700
x-xss-protection
0
last-modified
Fri, 21 May 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 May 2021 13:19:57 GMT
logo-7.png
mrhacker.co/wp-content/uploads/2019/08/
59 KB
60 KB
Image
General
Full URL
https://mrhacker.co/wp-content/uploads/2019/08/logo-7.png
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f493c9cdcc3bd4b86124a98a6da5f57a04d38a46fc748116bb744064b001532b

Request headers

:path
/wp-content/uploads/2019/08/logo-7.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
631253
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60307
cf-request-id
0a30ae3b0300004e073b1d9000000001
last-modified
Wed, 21 Aug 2019 17:52:56 GMT
server
cloudflare
etag
"5d5d84f8-eb93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b11ofSnhcd3fp%2F4dep7Bw8EGUn4ASuCoigWChxvQVC4TYjT7vcKOgkdVM9kCSTJZBZ9roqnbMz5A8SSLG6qyYmg151oXA%2Fq6at3oSZ9bkx09rvRYjzOEBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
652e19719f9d4e07-FRA
expires
Sun, 13 Jun 2021 05:59:04 GMT
3ce722f11a748f0a8912ddbf696f7c6f
secure.gravatar.com/avatar/
2 KB
3 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/3ce722f11a748f0a8912ddbf696f7c6f?s=50&d=mm&r=g
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a7733d7cdf5627664c2672c9101d56d3c6e7f5351fe10353a25dea90eb3fd2ca

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 21 May 2021 13:19:57 GMT
last-modified
Sun, 26 May 2019 07:53:07 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="3ce722f11a748f0a8912ddbf696f7c6f.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/3ce722f11a748f0a8912ddbf696f7c6f?s=50&d=mm&r=g>; rel="canonical"
content-length
2298
expires
Fri, 21 May 2021 13:24:57 GMT
microsoftsecurity.jpg
mrhacker.co/wp-content/uploads/2021/05/
44 KB
44 KB
Image
General
Full URL
https://mrhacker.co/wp-content/uploads/2021/05/microsoftsecurity.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e469f62fcee473e6b944a3c83d212c10e8cf481f42748587121061f561a8d00

Request headers

:path
/wp-content/uploads/2021/05/microsoftsecurity.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
657
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44843
cf-request-id
0a30ae3b0300004e07432d5000000001
last-modified
Thu, 20 May 2021 23:53:29 GMT
server
cloudflare
etag
"60a6f679-af2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hrB5PfkCTJ4%2BYEApSgkelg%2FA4XfOKaeCkFtOFQNOaf5iULVsKc%2Bldc11%2BfN%2FHRfRm0yggUaoEZ250E%2FdWOlRVTwy3vqVphkfHi8yqiJDV9ONP2LpaMEPzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
652e19719f9f4e07-FRA
expires
Sun, 20 Jun 2021 13:09:00 GMT
email-decode.min.js
mrhacker.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://mrhacker.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
0a30ae3ae600004e07e39d4000000001
last-modified
Wed, 19 May 2021 09:21:20 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60a4d890-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BfV%2FwSTqfkUttfjGnw1IJU9gqDFkGvGQ7Mta3zLZu2l0mJxV1V1yNAN4brsCM%2FcBKVc7t373cjY9Q04tuxlWfN4gOu%2FPwC4Ne5tZln90nLEuvXs9RvFWxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
652e19716f234e07-FRA
expires
Sun, 23 May 2021 13:19:57 GMT
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E2) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/67E2)
Age
691
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://mrhacker.co
Referer
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617
age
627769
cdn-cachedat
2021-05-14 06:15:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
cf-request-id
0a30ae3b130000d7112e873000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
067eb08a39f1dc8d2b0ba225105ade90
accept-ranges
bytes
cf-ray
652e1971bd45d711-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://mrhacker.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:31:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
229701
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 18 May 2022 21:31:36 GMT
mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://mrhacker.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:38:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:56 GMT
server
sffe
age
229285
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15188
x-xss-protection
0
expires
Wed, 18 May 2022 21:38:32 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://mrhacker.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
age
229671
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
expires
Wed, 18 May 2022 21:32:06 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/
231 KB
85 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87252
x-xss-protection
0
server
cafe
etag
5322897297824761394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 21 May 2021 13:19:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame 9E09
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210517/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 20 May 2021 22:33:52 GMT
expires
Thu, 03 Jun 2021 22:33:52 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
53165
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
uk-recruitment-firm-exposed-sensitive-applicant-data-2.jpg
mrhacker.co/wp-content/uploads/2021/05/
65 KB
65 KB
Image
General
Full URL
https://mrhacker.co/wp-content/uploads/2021/05/uk-recruitment-firm-exposed-sensitive-applicant-data-2.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d1cd847d14b321ef7202052128ad6491b05518a2830abc0f0927f9f81a0ee8

Request headers

:path
/wp-content/uploads/2021/05/uk-recruitment-firm-exposed-sensitive-applicant-data-2.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
24160
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66343
cf-request-id
0a30ae3c0000004e074687d000000001
last-modified
Thu, 20 May 2021 21:53:43 GMT
server
cloudflare
etag
"60a6da67-10327"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f6hGRUvq1EITTfCg9uPcmwx0JvIuJoWWFc%2BYMboFPXdOS3sYX4JSsBSFwjxZfH9%2F%2FytndQBvHRI8ejxc2mfWpuP1rLuYP5tL26aGZRmxfm7RLPcu0gU8Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
652e19732b154e07-FRA
expires
Sun, 20 Jun 2021 06:37:17 GMT
data-of-100-million-android-users-exposed-1.jpg
mrhacker.co/wp-content/uploads/2021/05/
41 KB
42 KB
Image
General
Full URL
https://mrhacker.co/wp-content/uploads/2021/05/data-of-100-million-android-users-exposed-1.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a89cc296752a1ce335a801d1bfdcea7c48247dc0e9045e14026939d6d649032

Request headers

:path
/wp-content/uploads/2021/05/data-of-100-million-android-users-exposed-1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
31347
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41915
cf-request-id
0a30ae3bff00004e073d93a000000001
last-modified
Thu, 20 May 2021 21:53:27 GMT
server
cloudflare
etag
"60a6da57-a3bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IdRglJV3PLrw5uI9xZMxfETurQevfhZMQOjWoQw%2F8XHRB6aDLVcL94T9WrvrxBIcvbqU89In%2FwWKd9HsGSLi3rJ2qKv5OJL2KgNz2rBJD6CFm8eijRSbhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
652e19733b1b4e07-FRA
expires
Sun, 20 Jun 2021 04:37:30 GMT
water-plant.jpg
mrhacker.co/wp-content/uploads/2021/05/
70 KB
71 KB
Image
General
Full URL
https://mrhacker.co/wp-content/uploads/2021/05/water-plant.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eff375bcaf5be11fa1dc1a790adf44eaebb863577195fc88707ae50ed9da26c3

Request headers

:path
/wp-content/uploads/2021/05/water-plant.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
59885
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
71945
cf-request-id
0a30ae3c0000004e0719b2f000000001
last-modified
Thu, 20 May 2021 19:53:28 GMT
server
cloudflare
etag
"60a6be38-11909"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p1rnX4nABXihuPJagWMQRS6Iix%2F02ABjlV3BakoYiikDvJ0JOtyHY%2BEcDdM6C1tLymR4tPvW2U3bBcbmmRfRwWok0MqdHp7oSGsog1kBvFqeaULSNz2CZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
652e19733b1e4e07-FRA
expires
Sat, 19 Jun 2021 20:41:52 GMT
android.jpg
mrhacker.co/wp-content/uploads/2021/05/
20 KB
21 KB
Image
General
Full URL
https://mrhacker.co/wp-content/uploads/2021/05/android.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ba2cea0dfdf4ca120822280b0a8c53179eb36cce15b9a17069bda2e3d82cdd3

Request headers

:path
/wp-content/uploads/2021/05/android.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
57101
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20485
cf-request-id
0a30ae3c0700004e07de9a4000000001
last-modified
Thu, 20 May 2021 19:54:12 GMT
server
cloudflare
etag
"60a6be64-5005"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yKz6YiUvGOrkaZLsOyDEVoYn4K84Mb%2BUWQIjky%2F3PdSjngffz6tb9WL7NImNWuBdE9ujw5WiMyqgvA5kWnpjZfyhiN40DQRF0VWu5ghJdkkYXmZ2Ayb9Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
652e19733b454e07-FRA
expires
Sat, 19 Jun 2021 21:28:16 GMT
why-web-application-security-is-important.jpg
mrhacker.co/wp-content/uploads/2021/05/
65 KB
65 KB
Image
General
Full URL
https://mrhacker.co/wp-content/uploads/2021/05/why-web-application-security-is-important.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23447fb0d238c3cd29ee8eae3e95bcf257f7206216902e063c38f9392729446f

Request headers

:path
/wp-content/uploads/2021/05/why-web-application-security-is-important.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
112602
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66414
cf-request-id
0a30ae3c0700004e073b1ed000000001
last-modified
Thu, 20 May 2021 03:55:07 GMT
server
cloudflare
etag
"60a5dd9b-1036e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MXFFCGGJwGEnPgdJffJLfg2bbekL2QyciU9ktNX1T9Cyv432NM3xH8%2BHqp0ZIflMz34xAazqS%2Fx9sYye8bpdidytuEyelP54S9%2FKS1I5PdqtRFmo2gARng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
652e19733b4b4e07-FRA
expires
Sat, 19 Jun 2021 06:03:15 GMT
logo.png
mrhacker.co/wp-content/uploads/2019/08/
11 KB
12 KB
Image
General
Full URL
https://mrhacker.co/wp-content/uploads/2019/08/logo.png
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
090b57d2ba8067994e94dadb6fea5c934c4bd4c38f516c9e7fc29dd8387d5d88

Request headers

:path
/wp-content/uploads/2019/08/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
631253
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11497
cf-request-id
0a30ae3c0800004e07ca9c7000000001
last-modified
Wed, 07 Aug 2019 10:33:00 GMT
server
cloudflare
etag
"5d4aa8dc-2ce9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kxKsn2zojyJgcPKfbE5CrK0OLJfUJqI7awSPlhm%2FSZQAI%2F2zq4FJqbaU6LfIWZJXozdCswbsH%2BFidfcOSsGw%2FnoW%2Bk1Ml4pzJrHySG3O6f9XmkiV5ItdXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
652e19733b504e07-FRA
expires
Sun, 13 Jun 2021 05:59:04 GMT
comment-reply.min.js
mrhacker.co/wp-includes/js/
2 KB
2 KB
Script
General
Full URL
https://mrhacker.co/wp-includes/js/comment-reply.min.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73608
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0000004e07d033f000000001
last-modified
Sun, 17 Nov 2019 06:06:56 GMT
server
cloudflare
etag
W/"5dd0e380-951"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dBwsJYB%2BqjmuTkSUCAqzG3ktBxN6tatFNBOSpbov6p8s4XzMS164A9%2FYSz%2FtQoAlyzcxOFlHFEXTUrd4A1gKfAKXTBYAA8NQz6fpggANjFdhj6Upg2mkyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b214e07-FRA
expires
Sat, 19 Jun 2021 16:53:09 GMT
ResizeSensor.js
mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/
6 KB
2 KB
Script
General
Full URL
https://mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d

Request headers

:path
/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73608
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0100004e0738bcf000000001
last-modified
Fri, 30 Aug 2019 18:28:51 GMT
server
cloudflare
etag
W/"5d696ae3-1743"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nCx8lMCwMCsA9S6AXMY8u3PRC8ulqePC8VtvXdDzvzDzo3J2ZjM7%2FvapUonb0GyTGYucQLGmJUfxI0ftqk%2FSPFryI%2FQTbYicAmr2OCyjj5RT%2F%2B9q79fsjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b224e07-FRA
expires
Sat, 19 Jun 2021 16:53:09 GMT
theia-sticky-sidebar.js
mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/
16 KB
4 KB
Script
General
Full URL
https://mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774

Request headers

:path
/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2695
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0100004e073b1ec000000001
last-modified
Fri, 30 Aug 2019 18:28:51 GMT
server
cloudflare
etag
W/"5d696ae3-3e36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oR3CfApAOZJ%2FZgpsZFOObxtrkWKhbMMiLy2WQ2D3qXSLznHL15DVFXDVErWSyXgc552Ad5eC7kdeC%2FUeEvlmsbds0w1Ce6hlJJzKIK%2Bw2Obzku1SOH6mUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b244e07-FRA
expires
Sun, 20 Jun 2021 12:35:02 GMT
main.js
mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/
435 B
780 B
Script
General
Full URL
https://mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa

Request headers

:path
/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73608
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0100004e07ca9c6000000001
last-modified
Fri, 30 Aug 2019 18:28:51 GMT
server
cloudflare
etag
W/"5d696ae3-1b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hwnLCRWQjP7Evl%2BAMZiX6JC1cgP%2BJpOZbwH4v5wmbMY2NB7GNLd2TcNx1gm9bCrvq1V6BC3s1BhOOxGJeSD83ij70G4%2BB%2BYtj9cg%2BZ6Np%2Bj1YfKog7cfGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b294e07-FRA
expires
Sat, 19 Jun 2021 16:53:09 GMT
idle-timer.min.js
mrhacker.co/wp-content/plugins/monarch/js/
2 KB
1 KB
Script
General
Full URL
https://mrhacker.co/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.4.12
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36

Request headers

:path
/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.4.12
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2695
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0200004e0721b09000000001
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
W/"5d70eaec-9d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iu6LHfDWPUB4gtSueQ9Zhf%2BCkim4W8y3xkn7cQ3RNJLk8HvK7BLSW%2Bc%2Bgj%2FYcg62tn1L9093C54tpbIJnzDz0t0Mb7O4kSklFQVrDHTXB%2BZjW00Z2vCq2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b2b4e07-FRA
expires
Sun, 20 Jun 2021 12:35:02 GMT
custom.js
mrhacker.co/wp-content/plugins/monarch/js/
26 KB
6 KB
Script
General
Full URL
https://mrhacker.co/wp-content/plugins/monarch/js/custom.js?ver=1.4.12
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112

Request headers

:path
/wp-content/plugins/monarch/js/custom.js?ver=1.4.12
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73608
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0200004e07f4149000000001
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
W/"5d70eaec-6703"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bCnzIGxBjN5agaf55b6RQnSi1HLtdqzUBbYBxdRi%2BLuJENv1790fzPHUPidPWP8nJapG9qgpSKLU36bn%2BZVFlLv30whdXiJd%2BwRICemTUfxMyGLclz0mqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b2d4e07-FRA
expires
Sat, 19 Jun 2021 16:53:09 GMT
scripts.js
mrhacker.co/wp-content/themes/flex-mag/js/
142 KB
32 KB
Script
General
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/js/scripts.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e

Request headers

:path
/wp-content/themes/flex-mag/js/scripts.js?ver=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2694
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0200004e07fa29a000000001
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-237aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sZ8Y51njKudIq3ROpl6PY1Yolfnikv8F7tXjXNxiRGYu1H2djD3Gux8lLuusO0wQ8W272H%2FIVdXmKyMWCX0%2BNbquExojDe8lCd2pvUdPmCiyiNIzbJy4zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b2e4e07-FRA
expires
Sun, 20 Jun 2021 12:35:03 GMT
jquery.infinitescroll.min.js
mrhacker.co/wp-content/themes/flex-mag/js/
21 KB
12 KB
Script
General
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/js/jquery.infinitescroll.min.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d

Request headers

:path
/wp-content/themes/flex-mag/js/jquery.infinitescroll.min.js?ver=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73608
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0300004e0709944000000001
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-54c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SUP1HUX8asL2uQm1b3qI36EYIqKqVzmSS1TZn42I7T8%2F7i%2FrxmjTCY3LJ4N1cwcIgZMl05TBWfgsRCIbPcd4bmgfMt99R9am0UjQqT2p5O4ik%2BOz2gKmHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b304e07-FRA
expires
Sat, 19 Jun 2021 16:53:09 GMT
retina.js
mrhacker.co/wp-content/themes/flex-mag/js/
3 KB
2 KB
Script
General
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/js/retina.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba

Request headers

:path
/wp-content/themes/flex-mag/js/retina.js?ver=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73608
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0400004e07ee87a000000001
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-c20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K9odTI%2FDjbiCV7l12Qqh599tmbjvD32v0kY7t1PXh%2FN3YGvKIcRXktMo4u%2FqqY%2BhdSwcW%2FqJPKQaiTbzsg3qWUMKqHg6hFNjLFU0ESUmbk%2B4X26AkU6jsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b334e07-FRA
expires
Sat, 19 Jun 2021 16:53:09 GMT
jquery.fancybox.min.js
mrhacker.co/wp-content/plugins/easy-fancybox/js/
19 KB
6 KB
Script
General
Full URL
https://mrhacker.co/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3

Request headers

:path
/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73608
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0400004e072c028000000001
last-modified
Thu, 19 Sep 2019 16:12:18 GMT
server
cloudflare
etag
W/"5d83a8e2-4d4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PpMQqw6mvNCows0%2FYQmhOEYTyDn%2FZbGODyycUgV%2BoDfEPQEV%2FanRG0Y432lCobywxwnJA1rtw5wqfmdx1HN8d0%2FLCvo8Zud2fLeN6kdCNO%2BfUHzVxbvf8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b354e07-FRA
expires
Sat, 19 Jun 2021 16:53:09 GMT
jquery.easing.min.js
mrhacker.co/wp-content/plugins/easy-fancybox/js/
2 KB
1 KB
Script
General
Full URL
https://mrhacker.co/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

:path
/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73608
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0500004e072934e000000001
last-modified
Thu, 19 Sep 2019 16:12:18 GMT
server
cloudflare
etag
W/"5d83a8e2-8fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=STzZ7k9iSe2Oq9pRhJqRIaHcVYb7GLr3YnynYtV4mPQvCDFlhq36Kf1WQIRNfAq3f3gZsQvcr5SeXHtG0fSiOtpdEU5wCKn7t6jeEylRqwUoW7ngG4wfQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b394e07-FRA
expires
Sat, 19 Jun 2021 16:53:09 GMT
jquery.mousewheel.min.js
mrhacker.co/wp-content/plugins/easy-fancybox/js/
3 KB
2 KB
Script
General
Full URL
https://mrhacker.co/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

:path
/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
417505
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0600004e074e993000000001
last-modified
Thu, 19 Sep 2019 16:12:18 GMT
server
cloudflare
etag
W/"5d83a8e2-a31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ANx2pBQuwpVxmXV7Ocix5BZ3Q5rvDh6Vawn9LO9mW47l4%2F%2Fh%2B06n0GTH1iirHQmiz3V1UQ1dkWd9LRXwkwLxP3Ic2BEO62jDaa72ctcnPkZ8K%2F9UjcAwAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b3e4e07-FRA
expires
Tue, 15 Jun 2021 17:21:32 GMT
common.js
mrhacker.co/wp-content/plugins/monarch/core/admin/js/
1 KB
1 KB
Script
General
Full URL
https://mrhacker.co/wp-content/plugins/monarch/core/admin/js/common.js?ver=3.20.2
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b

Request headers

:path
/wp-content/plugins/monarch/core/admin/js/common.js?ver=3.20.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
579982
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0600004e07432ec000000001
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
W/"5d70eaec-550"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BRaM4v%2FkN%2FlGjyWH2J0nc5syG0Xyn9u7nArV2iX3E0NIvmyudhDIJWeAv8UkFNGokw0VZjsSdikO%2BilJUyj6w8iQyJdbTVcQo7jXDIXDGyjQei1DPXZ4Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b404e07-FRA
expires
Sun, 13 Jun 2021 20:13:35 GMT
script.min.js
mrhacker.co/wp-content/plugins/boxzilla/assets/js/
18 KB
6 KB
Script
General
Full URL
https://mrhacker.co/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52415b65b808c23ba1578c46b4b397fdaa4f979c8ae04dc1bd2b9cd96d4230fb

Request headers

:path
/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73608
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c0600004e0711a9a000000001
last-modified
Tue, 03 Dec 2019 11:55:32 GMT
server
cloudflare
etag
W/"5de64d34-4677"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aeIUkiSZQX03bMhr0tOCTYcvIbgv0kOMVPc1ic98NXn6AHMS03gJVLwAp5yVbUfoQmMHVicscU1c9E9ABA9yfGCRXOrMAJLtKmvtqqIIlXIhkvYsgF8mdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19733b434e07-FRA
expires
Sat, 19 Jun 2021 16:53:09 GMT
embed.js
mrhackerco.disqus.com/
73 KB
24 KB
Script
General
Full URL
https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
9d511d7e2069be02e6fa21b47e92a0c0c903f9dc5acc2a8c6ff841f1cbd39715
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:58 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
24325
network.js
adsxyz.com/sponsors/network/
827 B
1001 B
Script
General
Full URL
https://adsxyz.com/sponsors/network/network.js
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5b8a61b7114f9131b2c26131527d5ea955e8fc57c3989b92f7ab781473db139

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
631253
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3c1400005364bcaa2000000001
last-modified
Fri, 24 Jan 2020 05:18:04 GMT
server
cloudflare
etag
W/"5e2a7e0c-33b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ziwdtCr8k59K%2BwJhXFwsi789vrL1BDEQne1Dbgu9HxCfwDlUvrkwD4iIA5lHdr7TZ0TYU%2BGZC3LNtYNgtmA9a4d0XLiA10wdIE77Wt5EoOw%2B1hVbktGQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19735e435364-FRA
expires
Sun, 13 Jun 2021 05:59:04 GMT
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
008486e16a9d59747c3d9fb4a395d3294ad33a0de83224207f6f743c6dfd54e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3e57f67a280ceb0579775cfca1f5e4575c008e2fa0975db6d3c55da1f86aaae

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
64 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
300x250.html
adsxyz.com/sponsors/linklite/ Frame 4664
1 KB
858 B
Document
General
Full URL
https://adsxyz.com/sponsors/linklite/300x250.html
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe5e6637bcd2b45a416c7ee538f31244be004fca119a5313c0853ece7ca9e5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adsxyz.com
:scheme
https
:path
/sponsors/linklite/300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-type
text/html
last-modified
Mon, 30 Nov 2020 12:35:18 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=14400
cf-cache-status
HIT
age
5271
cf-request-id
0a30ae3c8d0000d6cd93990000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2ucSsg0C3i%2F9%2BAjneKgZ8c5k66UKgS1sNOw05jX%2BnZL4jrjPlcKUATHHxwOB66Q8LWA0SaCl95Kwb7cIAZD6FACf3gtS8wVHUHuD%2BdVPNUESsg4%2B9Q04"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19741be8d6cd-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
index.html
adsxyz.com/sponsors/network/ Frame 97F2
14 KB
2 KB
Document
General
Full URL
https://adsxyz.com/sponsors/network/index.html
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3395d12bcb27e81ca17efb2159f55937492bceafea7713ca61534f340d6f202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adsxyz.com
:scheme
https
:path
/sponsors/network/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-type
text/html
last-modified
Wed, 02 Sep 2020 20:12:06 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=14400
cf-cache-status
HIT
age
182
cf-request-id
0a30ae3c910000d6cd83a13000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wzPlUamqLXAPbl52pLkHnVASHarmHDfKFllyAfQ4ptBV3g%2B%2BkeGH4aS3X%2FUGM0pxlA5Uc4zoRqZOA45xlHWev0R1mQqw15o%2FS%2FImDC3sqNVyOMqtHj7w"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19741bf0d6cd-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
300x100.html
adsxyz.com/sponsors/linklite/ Frame D1F7
1007 B
801 B
Document
General
Full URL
https://adsxyz.com/sponsors/linklite/300x100.html
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c092a55edafc4fc6e61f4160240336a168508c6002ed14f61572dda08f4ca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adsxyz.com
:scheme
https
:path
/sponsors/linklite/300x100.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-type
text/html
last-modified
Mon, 30 Nov 2020 12:35:10 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=14400
cf-cache-status
HIT
age
5271
cf-request-id
0a30ae3c920000d6cd872ac000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=On21y1i3RuDPATCyfaC2PkGQaSTgZJ5Nam9FJhskbyppqt5tiqGbB%2FAwYw0mJx9UoBHHTFAlCFOWvEtiZhWw0O6Of7hEuKdfHpwDfZH8JTG6gxMn2Dsr"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
652e19741bf6d6cd-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
728x90.html
adsxyz.com/sponsors/linklite/ Frame B365
1 KB
829 B
Document
General
Full URL
https://adsxyz.com/sponsors/linklite/728x90.html
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd0e00c83c57326a376b8037ffddc324a5fbaae13461d9260b96efa69265d42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adsxyz.com
:scheme
https
:path
/sponsors/linklite/728x90.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-type
text/html
last-modified
Mon, 30 Nov 2020 12:35:36 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=14400
cf-cache-status
HIT
age
5271
cf-request-id
0a30ae3c8f0000d6cd5b089000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fwGLjn5IYF11Azyh%2BE8r7fHSbhWRqq7bbsvfFI7rz0cTJ8dr%2BLDQJqwdRFbbwdrliug3%2Bf36Lm%2FdAfZ1bKEP%2Fwof3AgUgkeDSB%2FeJetiYLLlMg985ph9"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19741bf8d6cd-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
300x250.html
adsxyz.com/sponsors/linklite/ Frame DDBA
1 KB
818 B
Document
General
Full URL
https://adsxyz.com/sponsors/linklite/300x250.html
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe5e6637bcd2b45a416c7ee538f31244be004fca119a5313c0853ece7ca9e5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adsxyz.com
:scheme
https
:path
/sponsors/linklite/300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-type
text/html
last-modified
Mon, 30 Nov 2020 12:35:18 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=14400
cf-cache-status
HIT
age
5271
cf-request-id
0a30ae3c8e0000d6cd708df000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pBHlpC6dwEiYrEZcvRlvELXIc9sR2FZgbpKLyp4YqXAGxd6dTYwzzKbf3Z1NVhXl40wduAULGJMLogqFGDQywl2Wr7wYzvJ65vc1iLL%2FEZ5BHtAXz6BL"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19741becd6cd-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146590598-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6602
date
Fri, 21 May 2021 11:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 21 May 2021 13:29:56 GMT
monarch.ttf
mrhacker.co/wp-content/plugins/monarch/css/fonts/
15 KB
15 KB
Font
General
Full URL
https://mrhacker.co/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-content/plugins/monarch/css/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f

Request headers

:path
/wp-content/plugins/monarch/css/fonts/monarch.ttf
pragma
no-cache
origin
https://mrhacker.co
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
mrhacker.co
referer
https://mrhacker.co/wp-content/plugins/monarch/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://mrhacker.co
Referer
https://mrhacker.co/wp-content/plugins/monarch/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
626787
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15096
cf-request-id
0a30ae3c9a00004e07f1077000000001
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
"5d70eaec-3af8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3T8V283d48xCwWHh64apVN1YFllHU2wo5NFePt3Mjqc2keNYg1yTe%2BlDo8vymPlD6VXhNfBN%2B3KDJ903e2D1tfj3mAabM2gVYoZ2OVBfprq5yFReASTrgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
652e19742d794e07-FRA
expires
Sun, 13 Jun 2021 07:13:31 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://mrhacker.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
127016
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 20 May 2022 02:03:02 GMT
cookie.js
partner.googleadservices.com/gampad/
201 B
640 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=mrhacker.co&callback=_gfp_s_&client=ca-pub-7952463575870072
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
a81b39817e5ed4efd3571edbe7f33ff1d4e88fd958d7067c7be05d0c0d1e861f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
698 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mrhacker.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 21 May 2021 13:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mrhacker.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 21 May 2021 13:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 73DF
603 B
68 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7952463575870072&output=html&adk=1812271804&adf=3025194257&lmt=1621603198&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621603197862&bpp=4&bdt=257&idt=352&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=444747564525&frm=20&pv=2&ga_vid=71634171.1621603198&ga_sid=1621603198&ga_hid=534237799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=4309633950982047&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=385
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7952463575870072&output=html&adk=1812271804&adf=3025194257&lmt=1621603198&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621603197862&bpp=4&bdt=257&idt=352&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=444747564525&frm=20&pv=2&ga_vid=71634171.1621603198&ga_sid=1621603198&ga_hid=534237799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=4309633950982047&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=385
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 21 May 2021 13:19:58 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 21-May-2021 13:34:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 21 May 2021 13:19:58 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424113157718"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Fri, 21 May 2021 13:19:58 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 85DE
603 B
68 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=200&slotname=8044118461&adk=705472006&adf=3520915286&pi=t.ma~as.8044118461&w=1021&fwrn=4&lmt=1621603198&rafmt=11&psa=0&format=1021x200&url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621603197901&bpp=4&bdt=296&idt=394&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=444747564525&frm=20&pv=2&ga_vid=71634171.1621603198&ga_sid=1621603198&ga_hid=534237799&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=132&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=4309633950982047&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gLUxKtV8xB&p=https%3A//mrhacker.co&dtd=403
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5067788462868168&output=html&h=200&slotname=8044118461&adk=705472006&adf=3520915286&pi=t.ma~as.8044118461&w=1021&fwrn=4&lmt=1621603198&rafmt=11&psa=0&format=1021x200&url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621603197901&bpp=4&bdt=296&idt=394&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=444747564525&frm=20&pv=2&ga_vid=71634171.1621603198&ga_sid=1621603198&ga_hid=534237799&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=132&ady=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=4309633950982047&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gLUxKtV8xB&p=https%3A//mrhacker.co&dtd=403
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 21 May 2021 13:19:58 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
IDE=AHWqTUlot1WUP-ZoT-VbmBGXUKrcUild1kqWVGiRbnvmy8l8saWQL8T02jxFx2bZ3qA; expires=Wed, 15-Jun-2022 13:19:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lounge.305cef62f65d619287ed5bfd8a11158b.css
c.disquscdn.com/next/embed/styles/
0
23 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 08:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1831014
x-cache
Hit from cloudfront
content-length
23152
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-5a70"
content-type
text/css; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Sat, 30 Apr 2022 08:43:04 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
Er07JO48cOiJSdgAdM3spBhBIkpsFH-hIFxsKskKtUrhv4IFtS_0WQ==
x-cache-hits
0
common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
c.disquscdn.com/next/embed/
0
93 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 10:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1477405
x-cache
Hit from cloudfront
content-length
94786
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-17242"
content-type
application/javascript; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Wed, 04 May 2022 10:56:33 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
AMPLcVcSb4NPoxwYvj15uqmwoPvnzLnnGWoybdV12T7WHHkAnfqEAg==
x-cache-hits
0
lounge.bundle.bc826e2c6760336a4737669d17512963.js
c.disquscdn.com/next/embed/
0
116 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.bc826e2c6760336a4737669d17512963.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 20:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318861
x-cache
Hit from cloudfront
content-length
118035
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 17 May 2021 18:53:16 GMT
server
nginx
etag
"60a2bb9c-1cd13"
content-type
application/javascript; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Tue, 17 May 2022 20:45:37 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
X_Q1R6SltnCpy361uwMnD6A2rq4sSc4Qjw4a12-hzpYl2gVIkfm4bQ==
x-cache-hits
0
config.js
disqus.com/next/
0
12 KB
Other
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:58 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
55
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
11754
X-XSS-Protection
1; mode=block
recommendations.js
mrhackerco.disqus.com/
61 KB
21 KB
Script
General
Full URL
https://mrhackerco.disqus.com/recommendations.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
a964efeb641d284f29a57b510bffea162f63e301cd3914273f8623c0dcf48909
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:58 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
20374
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame 519B
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fmrhacker.co
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
632854
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 21 May 2021 13:19:58 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/674C)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
ads
googleads.g.doubleclick.net/pagead/ Frame 4CCC
603 B
66 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=200&slotname=5536279749&adk=952393648&adf=4004256050&pi=t.ma~as.5536279749&w=1021&fwrn=4&lmt=1621603198&rafmt=11&psa=0&format=1021x200&url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621603197905&bpp=25&bdt=300&idt=501&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1021x200&nras=1&correlator=444747564525&frm=20&pv=1&ga_vid=71634171.1621603198&ga_sid=1621603198&ga_hid=534237799&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=132&ady=1851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=4309633950982047&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yUQu7KgmUz&p=https%3A//mrhacker.co&dtd=527
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5067788462868168&output=html&h=200&slotname=5536279749&adk=952393648&adf=4004256050&pi=t.ma~as.5536279749&w=1021&fwrn=4&lmt=1621603198&rafmt=11&psa=0&format=1021x200&url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621603197905&bpp=25&bdt=300&idt=501&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1021x200&nras=1&correlator=444747564525&frm=20&pv=1&ga_vid=71634171.1621603198&ga_sid=1621603198&ga_hid=534237799&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=132&ady=1851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=4309633950982047&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yUQu7KgmUz&p=https%3A//mrhacker.co&dtd=527
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlot1WUP-ZoT-VbmBGXUKrcUild1kqWVGiRbnvmy8l8saWQL8T02jxFx2bZ3qA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 21 May 2021 13:19:58 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=534237799&t=pageview&_s=1&dl=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&ul=en-us&de=UTF-8&dt=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS%20%7C%20MrHacker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUAB~&cid=71634171.1621603198&tid=UA-146590598-1&_gid=488875860.1621603198&gtm=2ou5c1&z=1503966352
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 May 2021 07:15:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21871
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EB14
603 B
66 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=200&slotname=5536279749&adk=3883167614&adf=466642414&pi=t.ma~as.5536279749&w=1021&fwrn=4&lmt=1621603198&rafmt=11&psa=0&format=1021x200&url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621603197976&bpp=2&bdt=371&idt=498&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1021x200%2C1021x200&nras=1&correlator=444747564525&frm=20&pv=1&ga_vid=71634171.1621603198&ga_sid=1621603198&ga_hid=534237799&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=132&ady=2667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=4309633950982047&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4TOH6Z8Pdc&p=https%3A//mrhacker.co&dtd=503
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5067788462868168&output=html&h=200&slotname=5536279749&adk=3883167614&adf=466642414&pi=t.ma~as.5536279749&w=1021&fwrn=4&lmt=1621603198&rafmt=11&psa=0&format=1021x200&url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621603197976&bpp=2&bdt=371&idt=498&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1021x200%2C1021x200&nras=1&correlator=444747564525&frm=20&pv=1&ga_vid=71634171.1621603198&ga_sid=1621603198&ga_hid=534237799&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=132&ady=2667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=4309633950982047&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4TOH6Z8Pdc&p=https%3A//mrhacker.co&dtd=503
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlot1WUP-ZoT-VbmBGXUKrcUild1kqWVGiRbnvmy8l8saWQL8T02jxFx2bZ3qA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 21 May 2021 13:19:58 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
random3f.js
adsxyz.com/sponsors/linklite/ Frame 4664
920 B
861 B
Script
General
Full URL
https://adsxyz.com/sponsors/linklite/random3f.js
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x250.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926cb0eb3abf09a081ba1960a7e54f9f47da5561d50b17a967d95db2c8022e47

Request headers

Referer
https://adsxyz.com/sponsors/linklite/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2345635
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3e160000d6cd5e1de000000001
last-modified
Fri, 26 Jun 2020 11:54:08 GMT
server
cloudflare
etag
W/"5ef5e1e0-398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B0J5A8do5mIVPjOSvEaz3DvGnJnqpWEhMC3BrjSjii8XPFUL5Z7k%2BWXKooKTFAYbwc7XkKnKlqfRgSwLnnJB8IV3ohF5ACQ%2Bljd%2FemGYWEvidGkaUJoq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19768808d6cd-FRA
expires
Mon, 24 May 2021 09:46:02 GMT
random3f.js
adsxyz.com/sponsors/linklite/ Frame DDBA
920 B
869 B
Script
General
Full URL
https://adsxyz.com/sponsors/linklite/random3f.js
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x250.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926cb0eb3abf09a081ba1960a7e54f9f47da5561d50b17a967d95db2c8022e47

Request headers

Referer
https://adsxyz.com/sponsors/linklite/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2345635
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3e190000d6cd36b00000000001
last-modified
Fri, 26 Jun 2020 11:54:08 GMT
server
cloudflare
etag
W/"5ef5e1e0-398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ndwwso%2FXGzKbQTclE%2FFX7GZGlEYnV1%2FHfwQDOZEgJi%2By%2BZ69krmfm6XOpUNbqa1JyVzrejeBO9vI9cM5enJWkf42IDC%2B7x5CnI90RovU%2F8xFqEE%2BSl2r"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e1976880fd6cd-FRA
expires
Mon, 24 May 2021 09:46:02 GMT
/
disqus.com/embed/comments/ Frame 0604
7 KB
4 KB
Document
General
Full URL
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe806972ff7a354edfe5482663f51a336ed6d9fc28231c8ac84742f8ce036a53
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

Connection
keep-alive
Content-Length
2837
Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified
Fri, 21 May 2021 00:03:48 GMT
ETag
W/"lounge:view:8537414278.16af17e1a132bd3377ab1a902a050cfc.2"
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy
no-referrer-when-downgrade
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Date
Fri, 21 May 2021 13:19:58 GMT
Age
9
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
random.js
adsxyz.com/sponsors/network/ Frame 97F2
1 KB
873 B
Script
General
Full URL
https://adsxyz.com/sponsors/network/random.js
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/network/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a0dbaa875550446e24f258eb684cce8bb6a0ee8ed88d857c5d3aecadef479ca

Request headers

Referer
https://adsxyz.com/sponsors/network/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2399734
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3e230000d6cd632ab000000001
last-modified
Mon, 12 Nov 2018 07:19:16 GMT
server
cloudflare
etag
W/"5be92974-568"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gy%2Ft%2F9qlM6ut5au7%2B10A%2FhEGHsHsn7Lck%2F3fNh4JcYlGLVZiHDs9sIbr9wlXJXGd7rIPG%2BwEeTCjMxp6kfR07Bkc0YHpa3mNpz7n3hPh4NyA1WSPg0XY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19769825d6cd-FRA
expires
Sun, 23 May 2021 18:44:24 GMT
style.css
adsxyz.com/sponsors/network/css/ Frame 97F2
1 KB
917 B
Stylesheet
General
Full URL
https://adsxyz.com/sponsors/network/css/style.css
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/network/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3da7289c7060c9c0d7fc2b4417c039e7afa7121fa13db83a87f38b1a29dd10

Request headers

Referer
https://adsxyz.com/sponsors/network/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2399734
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3e200000d6cd39054000000001
last-modified
Sun, 11 Nov 2018 06:20:34 GMT
server
cloudflare
etag
W/"5be7ca32-4e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a9wSimtsKHOxb1hy4Uexx7st%2BMqby8IziAR264ns8%2BQoB5dyKlvHRqmmVl5dEavrPTdxOk0kV619ck2uGVlVtysMmrChImrqySrpDt3FJaPTlZR%2BiQtk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19769828d6cd-FRA
expires
Sun, 23 May 2021 18:44:24 GMT
logo.png
adsxyz.com/sponsors/network/css/ Frame 97F2
2 KB
2 KB
Image
General
Full URL
https://adsxyz.com/sponsors/network/css/logo.png
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/network/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d02459457d4bd5904269232670f101bbe71b002ab7ff705fdc3b81628376c53

Request headers

Referer
https://adsxyz.com/sponsors/network/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1229301
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1714
cf-request-id
0a30ae3e820000d6cd5bb64000000001
last-modified
Sun, 03 Nov 2019 06:16:22 GMT
server
cloudflare
etag
"5dbe70b6-6b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AlD0gmDXkUiRjR9YwoydDfREBTedKeeo6kSlRsn%2BnBpGghqBicgtvViccvdiv3ZatWEuywsv0khlSzwQmF9aXyeGV7E206%2FQSDTprSx%2BchojW5E0k4n1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
652e19773978d6cd-FRA
expires
Sun, 06 Jun 2021 07:51:37 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ Frame 97F2
82 KB
26 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/network/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://adsxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1958936
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26660
cf-request-id
0a30ae3e5100004e13ee233000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14983"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oizzeGVZVvYY7IfAJrYNFsYOJmsb3Y4eXZtIiO7sm7NFB1KP4ybOcZ7yT3REVRkR9XIq1asypFShD2jFk9GNhQa5Tju7hCi%2BaxjauRIV1tD0a2F234Wz0r6e3X90X%2FcJ5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
652e1976eb9a4e13-FRA
expires
Wed, 11 May 2022 13:19:58 GMT
random3f.js
adsxyz.com/sponsors/linklite/ Frame D1F7
920 B
860 B
Script
General
Full URL
https://adsxyz.com/sponsors/linklite/random3f.js
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x100.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926cb0eb3abf09a081ba1960a7e54f9f47da5561d50b17a967d95db2c8022e47

Request headers

Referer
https://adsxyz.com/sponsors/linklite/300x100.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2345635
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3e210000d6cd6d0fa000000001
last-modified
Fri, 26 Jun 2020 11:54:08 GMT
server
cloudflare
etag
W/"5ef5e1e0-398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a7u9qLNxoZwHehi2jUVH7OsHvhZwCbkej8N3I7TUkuK2JAd93S9vSgYn1qQ280q%2F0HgSF9KIUi5zm%2Fg5UZcNJeDbSVzr%2FZ8nCOPshpcXRVXZ6YObw6pn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19769829d6cd-FRA
expires
Mon, 24 May 2021 09:46:02 GMT
random3f.js
adsxyz.com/sponsors/linklite/ Frame B365
920 B
865 B
Script
General
Full URL
https://adsxyz.com/sponsors/linklite/random3f.js
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/728x90.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926cb0eb3abf09a081ba1960a7e54f9f47da5561d50b17a967d95db2c8022e47

Request headers

Referer
https://adsxyz.com/sponsors/linklite/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2345635
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae3e210000d6cda4343000000001
last-modified
Fri, 26 Jun 2020 11:54:08 GMT
server
cloudflare
etag
W/"5ef5e1e0-398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2WUM1OUQjbfY5ttT4ckyAx0v%2BpFd4FUEZe5SB7T6DDdSbfVHqqh1whZJ2o3Zm3mYOvH0K%2BKVUUWYWWdYCtqM3WQnVw8XR5%2BR3u%2FgRVmUpx%2BiASFUEKbo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e1976982ad6cd-FRA
expires
Mon, 24 May 2021 09:46:02 GMT
aads_300x250.html
mrhacker.co/banner/ Frame 68DB
0
0
Document
General
Full URL
https://mrhacker.co/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x250.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mrhacker.co
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:19:59 GMT
content-type
text/html
last-modified
Sun, 19 Jan 2020 08:10:22 GMT
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae3e6600004e07f109c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CHI%2BwuTzKPUWWaZw7o2JlMKzpm%2BEEIxm4fJ%2FfIt3%2FAH4l8R41nOEtGKGifLofmrBpyYreDjQihO0sUyFu6uWAtfi8gRDF7ziHp61HIqZ58ASZMcGbtSOKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19770bee4e07-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_300x250.html
null88.com/banner/ Frame 7359
558 B
850 B
Document
General
Full URL
https://null88.com/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x250.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff3c131212b8c54e4fef81437dd815acba30e979a4e811a5a1174250e548bcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
null88.com
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-type
text/html
last-modified
Sat, 22 Feb 2020 06:34:19 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae3e9600004e7fe0a2f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b%2B9slfxlY5%2Bi7FuxBiwkL624Leu6Jk9zxeEDNbZjsh2fiPlWCMUvqQFQ0XcSyWh%2Fe5D7luE9HrjUQB%2FDMOknJ1TDquCMJ2b7HIqxy6ixH3%2F1wQ8KM60Y"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19775e664e7f-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_300x250.html
thehacker.co/banner/ Frame F98D
0
0

aads_300x250.html
mrhacker.co/banner/ Frame 17D3
0
0
Document
General
Full URL
https://mrhacker.co/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x250.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mrhacker.co
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:19:59 GMT
content-type
text/html
last-modified
Sun, 19 Jan 2020 08:10:22 GMT
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae3e7000004e0711ad9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g%2BxYk0lPN3vC9eqpv6BWwQl4zb9Ie35mKgxaO22nOiPQk102fNzExMiqoTaVqJYk4uRAdeY%2BUQBO2t8tQZjl62L%2FEKoGzBZeAvik9z80tjjbZuoobTvZGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19771c134e07-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_300x250.html
null88.com/banner/ Frame 80F4
558 B
486 B
Document
General
Full URL
https://null88.com/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x250.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff3c131212b8c54e4fef81437dd815acba30e979a4e811a5a1174250e548bcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
null88.com
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:19:59 GMT
content-type
text/html
last-modified
Sat, 22 Feb 2020 06:34:19 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae3e9300004e7fcebf6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AN2vKN2Z4iwG3Xf2FnOjYOp%2BSVm4%2FVjsfBcykCz8tkmOY9goQaaX%2Fi5cV0khEcDRvsz9YC7CycD0VILqHgZ2Y1t4t0i%2BW%2F0sA4kr4Vulo3m5edsuqkYw"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19775e694e7f-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_300x250.html
thehacker.co/banner/ Frame 364B
0
0

aads_320x50.html
mrhacker.co/banner/ Frame 3882
0
0
Document
General
Full URL
https://mrhacker.co/banner/aads_320x50.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x100.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mrhacker.co
:scheme
https
:path
/banner/aads_320x50.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:19:59 GMT
content-type
text/html
last-modified
Sun, 19 Jan 2020 08:10:55 GMT
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae3e7600004e07e83aa000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0aQQqOZAVaqNKFXohSm9qE1tqb7I7Du0pTElrkGnQB66aKcTYa2sPINLNrcL1h1tDOUL7p2kdHdTYmRLHTG9pMiyyAaqyjgO7gUVfjF3vCICgo0f6bqd3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19772c294e07-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_320x50.html
null88.com/banner/ Frame 4CA9
555 B
508 B
Document
General
Full URL
https://null88.com/banner/aads_320x50.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x100.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc28c1cae7fbe099cd302bbd11f2a3d569f6bde24d976bce9ed9d4ce08c203bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
null88.com
:scheme
https
:path
/banner/aads_320x50.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:19:59 GMT
content-type
text/html
last-modified
Sat, 22 Feb 2020 06:35:06 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae3e9400004e7f2123e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BLELa9ugJyLJvLeeCm5QMekh%2FgCIwGyOPRQD7MQIuypde0UCjqFb73F9RbtgdousFpzAbwBpRxpJKVQBOTnlztKseDZJEMtnqW67dIuf9EmLXzq2C%2FU4"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19775e6c4e7f-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_320x50.html
thehacker.co/banner/ Frame 58D0
0
0

aads_728x90.html
mrhacker.co/banner/ Frame F91E
0
0
Document
General
Full URL
https://mrhacker.co/banner/aads_728x90.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/728x90.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mrhacker.co
:scheme
https
:path
/banner/aads_728x90.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:19:59 GMT
content-type
text/html
last-modified
Sun, 19 Jan 2020 08:12:10 GMT
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae3e8200004e07de9d8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2iitSo%2BFxxABJ1Fxcl7fCe68nBVMz0ArrUwT5TLMtv9iX3tVkiQ4%2BtuUqCQLs7m8TKnbQQtB6JlO6UBOmyYvYzMfR6n4sefer5l6pPHLTV03eYI9btVk%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19773c4b4e07-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_728x90.html
null88.com/banner/ Frame F72F
555 B
537 B
Document
General
Full URL
https://null88.com/banner/aads_728x90.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/728x90.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1063c4327c4d67eed0961d9dfc41d607c90321cb696e505cddcd9d717253811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
null88.com
:scheme
https
:path
/banner/aads_728x90.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:19:59 GMT
content-type
text/html
last-modified
Sat, 22 Feb 2020 06:36:18 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae3e9300004e7f4ea5e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B%2FakYEECI%2FXOI0ZvZnxR9Gy6qtjKyeYHfv6GImHq1vAfSH2CxlNM4E4hWw8DaAuS9BbJokX2rQWOX2VPbe0QkM8BfmCIxqrGC3Q%2BrzX330ar1XpMpnsP"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19775e6b4e7f-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_728x90.html
thehacker.co/banner/ Frame D4A8
0
0

recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/
0
4 KB
Other
General
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 10:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1307323
x-cache
Hit from cloudfront
content-length
3748
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-ea4"
content-type
text/css; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 10:11:15 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
GvYn0RqF_TjYDSd8mrdR37F8-GDHxNJp3M4O1OsFEi1EAo-LhlwIDw==
x-cache-hits
0
common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
c.disquscdn.com/next/recommendations/
0
87 KB
Other
General
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1340242
x-cache
Hit from cloudfront
content-length
88873
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-15b29"
content-type
application/javascript; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 01:02:35 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
DjDA8LGRQanfzt-EmzqeI1wQ7BZbxok-bntOkj_dZtTZl8ogh1gEvQ==
x-cache-hits
0
recommendations.bundle.2a97c3b82ed8723e66ce9cd79c0589b3.js
c.disquscdn.com/next/recommendations/
0
20 KB
Other
General
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.2a97c3b82ed8723e66ce9cd79c0589b3.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 20:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318853
x-cache
Hit from cloudfront
content-length
20078
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 17 May 2021 18:53:16 GMT
server
nginx
etag
"60a2bb9c-4e6e"
content-type
application/javascript; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Tue, 17 May 2022 20:45:45 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
JgVPbDmYGqYRB4YctegZZ9iPE3AfLIMqM2o0p_7iIa_DI-ZxNGUHng==
x-cache-hits
0
analytics.js
www.google-analytics.com/ Frame 97F2
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/network/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adsxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6602
date
Fri, 21 May 2021 11:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 21 May 2021 13:29:56 GMT
settings
syndication.twitter.com/ Frame 519B
256 B
441 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=5131b58f1eab87761a5f1e73ad754b2da6bfee80
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fmrhacker.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:58 GMT
content-encoding
gzip
last-modified
Fri, 21 May 2021 13:19:58 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
e1244f08c3c89dd69c06b0e0fe29d9982876bc340e228e5eedb9f60e6b093295
content-length
176
lounge.load.3413adea966d34cbf861a9e4eda8ee02.js
c.disquscdn.com/next/embed/ Frame 0604
1 KB
1 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/lounge.load.3413adea966d34cbf861a9e4eda8ee02.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0eea965a55fc297d75f2fdef62dd870c90e0e7446cb21d90c95c8f38869a07bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://disqus.com
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 20:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318851
x-cache
Hit from cloudfront
content-length
534
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 17 May 2021 18:53:16 GMT
server
nginx
etag
"60a2bb9c-216"
content-type
application/javascript; charset=utf-8
via
1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
expires
Tue, 17 May 2022 20:45:47 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
OUubi-GL8NGc6EMW5u6Zh4QawPc18k3bLpKQQnLpB1mbkmSWrP17iA==
x-cache-hits
0
/
disqus.com/recommendations/ Frame 3B6F
6 KB
3 KB
Document
General
Full URL
https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fbd48e204da7cd0b22bde95b2df2b86c87f0f7cfc2e669e6a3567f2abb7d2ace
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

Connection
keep-alive
Content-Length
2382
Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified
Mon, 13 Jul 2020 23:47:40 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Date
Fri, 21 May 2021 13:19:58 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
c.disquscdn.com/next/embed/ Frame 0604
282 KB
93 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.3413adea966d34cbf861a9e4eda8ee02.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
33d9c56f2b1408711b9b963963790177ac4e7c38a5ecf0e3c12f558c676e294b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 10:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1477405
x-cache
Hit from cloudfront
content-length
94786
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-17242"
content-type
application/javascript; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Wed, 04 May 2022 10:56:33 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
R7RmN5xkgbbXUdM2lGUuG9-PZW4488mSNxyJsnj2jnD5G48L3llD2w==
x-cache-hits
0
lounge.305cef62f65d619287ed5bfd8a11158b.css
c.disquscdn.com/next/embed/styles/ Frame 0604
129 KB
23 KB
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.305cef62f65d619287ed5bfd8a11158b.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a7d14b983e535139708c6526fcd9c46fb986f2a9e77fba33da4b811bab6dac9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 08:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1831014
x-cache
Hit from cloudfront
content-length
23152
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-5a70"
content-type
text/css; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Sat, 30 Apr 2022 08:43:04 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
bE7XnM2NLlIIpFPIa6L-q_ytSsjaeCQUojFkArAwj7KUUoA4JNJ4aw==
x-cache-hits
0
lounge.bundle.bc826e2c6760336a4737669d17512963.js
c.disquscdn.com/next/embed/ Frame 0604
456 KB
116 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.bc826e2c6760336a4737669d17512963.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4b06f137b58e9c4a6c99203d89bdd07b5f038a5c4e3111ef37aca9737a73e87c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 20:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318861
x-cache
Hit from cloudfront
content-length
118035
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 17 May 2021 18:53:16 GMT
server
nginx
etag
"60a2bb9c-1cd13"
content-type
application/javascript; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Tue, 17 May 2022 20:45:37 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
U8_zL-XtVgnab90PtNXHY7x9wQxCVhfJqHJRaqjwNZRVp5Nk4asymA==
x-cache-hits
0
config.js
disqus.com/next/ Frame 0604
11 KB
12 KB
Script
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
978c66cb935cca183ddebe17950e90ed219c6f1b30f90de271fa40a722bc62b6
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:58 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
56
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
11754
X-XSS-Protection
1; mode=block
1331410
ad.a-ads.com/ Frame DB42
6 KB
3 KB
Document
General
Full URL
https://ad.a-ads.com/1331410?size=300x250
Requested by
Host: null88.com
URL: https://null88.com/banner/aads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
69a6db247b1ef20d66a372d955df476bdf1942d6731e4edd5fc4a51663b276d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://null88.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://null88.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 21 May 2021 13:19:58 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://null88.com/
Content-Encoding
gzip
details
disqus.com/api/3.0/forums/ Frame 0604
3 KB
4 KB
XHR
General
Full URL
https://disqus.com/api/3.0/forums/details?forum=mrhackerco&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a94135d4a9ed7fa3af64af87091a356f4f629d359a7e0ee08ad0aa379d5ed1c2
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3261
X-XSS-Protection
1; mode=block
recommendations.load.eafad3abab3ceec363e008aba690d9e3.js
c.disquscdn.com/next/recommendations/ Frame 3B6F
923 B
1019 B
Script
General
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.eafad3abab3ceec363e008aba690d9e3.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
80c55181d1ba4131913f39eef192443f4b069f85fb92a0e0d20115f9306911c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://disqus.com
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 20:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318852
x-cache
Hit from cloudfront
content-length
447
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 17 May 2021 18:53:16 GMT
server
nginx
etag
"60a2bb9c-1bf"
content-type
application/javascript; charset=utf-8
via
1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
expires
Tue, 17 May 2022 20:45:46 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
yrLU8-xTVFYiECbw_RbXsiM1RLgkTb86bht9-wEj0r6Cbay2hfSXJQ==
x-cache-hits
0
horizon_tweet.2bd42981e3af03ce9186a5655508da28.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/horizon_tweet.2bd42981e3af03ce9186a5655508da28.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
263627ec362c25037d69022de008fad33cf85ec7267604a5ae5c8e6fe4ad9e38

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/669E)
Age
659542
Etag
"43544c32afe87494042045e40e7b3213+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2436
/
tempest.services.disqus.com/ads-iframe/survey/ Frame 9D05
14 KB
6 KB
Document
General
Full URL
https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=mrhackerco&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%231d6fb7&colorScheme=light&sourceUrl=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&disqus_version=f39a31f
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
f86b01a41a36b02b05e17d936f4d3aedb0752211d5fbfe1f9c054f0f1965fa71

Request headers

Host
tempest.services.disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
disqus_unique=1eb50di1ifa2tq
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default

Response headers

Connection
keep-alive
Content-Length
5384
Server
openresty
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-Service
router
Content-Encoding
gzip
Date
Fri, 21 May 2021 13:19:59 GMT
Age
0
Vary
Accept-Encoding,
noavatar92.png
a.disquscdn.com/1621371204/images/ Frame 0604
2 KB
2 KB
Image
General
Full URL
https://a.disquscdn.com/1621371204/images/noavatar92.png
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:59 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
148954
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
content-type
image/png
content-length
1644
x-amz-cf-id
WTA2nvLwXbWe-jgLaRXaiU0DegQpD5D5gfyDJBXwuWjjdjty7nLwLQ==
expires
Fri, 18 Jun 2021 19:57:25 GMT
truncated
/ Frame 0604
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
event.gif
referrer.disqus.com/juggler/ Frame 0604
43 B
295 B
Image
General
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=1ed038125sup5b&experiment=network_default&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=mrhackerco&zone=thread&page_url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&page_referrer=https%3A%2F%2Fmrhacker.co%2F&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=5865020
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
truncated
/ Frame DB42
305 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/
78 KB
27 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1374869
x-cache
Hit from cloudfront
content-length
26578
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-67d2"
content-type
application/javascript; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Thu, 05 May 2022 15:25:30 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
L8xEJpCjQO_NpyF3MF7Qt2jhf4M-Sw7KCgvPK6KKuUjtkuAYsYZkRg==
x-cache-hits
0
common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
c.disquscdn.com/next/recommendations/ Frame 3B6F
262 KB
87 KB
Script
General
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.eafad3abab3ceec363e008aba690d9e3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ffa907d826f82968612e5a325704a5cc38330a791049b23da9725a6609e22538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1340243
x-cache
Hit from cloudfront
content-length
88873
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-15b29"
content-type
application/javascript; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 01:02:35 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
g_nU4UFl2zGPWOdf27h8isYSkFCyXZmS3znOnJ65ctyOl_rtaow9jw==
x-cache-hits
0
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame D421
337 B
807 B
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 03:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1418785
x-cache
Hit from cloudfront
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-f4"
content-type
text/css; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Thu, 05 May 2022 03:13:34 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
VXiYBuvr7ZJ1kFrfL4__3s2pEgSyJ4mJ01zvzI8Q0PagzUUoeRhHzQ==
x-cache-hits
0
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 7AF5
337 B
808 B
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 03:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1418785
x-cache
Hit from cloudfront
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-f4"
content-type
text/css; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Thu, 05 May 2022 03:13:34 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
SIuRXmboCf5l7bI6R2EHdXMECkDshQQvMHQUBJ3ns-jBhcxrH9cuLQ==
x-cache-hits
0
sdk.js
connect.facebook.net/en_US/ Frame 0604
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e2377067504553946e798b718389582701636c22404c882d363c4d1468cd662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
clQfbaTznALVN0RrfHWiRA==
cross-origin-resource-policy
cross-origin
expires
Fri, 21 May 2021 13:35:19 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1778
x-fb-rlafr
0
x-fb-debug
IeQzbUyGq/CRjrer0B65UsHaj1qfu3CvANueqM20Q7Ik3wcQitvvwKxsGHuOdygl/iHnacFpdNv+2d8mPSkLxA==
x-fb-trip-id
917726464
x-fb-content-md5
b3369272a9713422c685b820826c5328
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 21 May 2021 13:19:59 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"789afd9cb7bba6446aa4ddadedd6a9af"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
api.js
apis.google.com/js/ Frame 0604
12 KB
5 KB
Script
General
Full URL
https://apis.google.com/js/api.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b264ca556a09a341d7d8c2ee64e63e0003b32c24ff4ce2b64c202e5b6ab140f7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LL6fndnZ6vdz5oAKJ0TLJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"79224003c2b5597899d15c3a85e46734"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-LL6fndnZ6vdz5oAKJ0TLJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Fri, 21 May 2021 13:19:59 GMT
Tweet.html
platform.twitter.com/embed/ Frame D961
487 B
1001 B
Document
General
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
6a76f4bba8f5f4895c3aa44d243a16e8b3ae0d9b53a2cefa06b10480c5df6575

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
173
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Fri, 21 May 2021 13:19:59 GMT
Etag
"269cf10e2a7312e6a00f34db0a9547f0"
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
Tweet.html
platform.twitter.com/embed/ Frame C9F2
487 B
971 B
Document
General
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
6a76f4bba8f5f4895c3aa44d243a16e8b3ae0d9b53a2cefa06b10480c5df6575

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
388
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Fri, 21 May 2021 13:19:59 GMT
Etag
"269cf10e2a7312e6a00f34db0a9547f0"
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668C)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
pixel.gif
cdn.viglink.com/images/
43 B
128 B
Image
General
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=2.976932341380404
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:59 GMT
cf-cache-status
HIT
age
14
cf-ray
652e197aaa8996f2-FRA
content-length
43
x-amz-id-2
HZt5TVgQAq45JR1EYO5+vLByFMtnRD08KtfskBpAxyM4ezIEhe8YPIfl3SW66SEIG9bi7l7CuRc=
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
MQDRM63QZQ5N3ES6
cache-control
max-age=15, must-revalidate
cf-request-id
0a30ae40a6000096f26734a000000001
accept-ranges
bytes
content-type
image/gif
pixel.gif
cdn.viglink.com/images/
43 B
465 B
Image
General
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=2.976932341380404
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:19:59 GMT
cf-cache-status
HIT
age
14
cf-ray
652e197aaa8b96f2-FRA
content-length
43
x-amz-id-2
HZt5TVgQAq45JR1EYO5+vLByFMtnRD08KtfskBpAxyM4ezIEhe8YPIfl3SW66SEIG9bi7l7CuRc=
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
MQDRM63QZQ5N3ES6
cache-control
max-age=15, must-revalidate
cf-request-id
0a30ae40a6000096f2830fa000000001
accept-ranges
bytes
content-type
image/gif
sdk.js
connect.facebook.net/en_US/ Frame 0604
216 KB
64 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8bfdbc5eb093c0ba95c5102594fd9ba6&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a12ca33d8d830307063bfa9ac879b3c785ab08c34aae754a6c900de2337b241c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://disqus.com
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
cZgOXHqRoXB2V1dixTWnXw==
cross-origin-resource-policy
cross-origin
expires
Sat, 21 May 2022 12:32:03 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65184
x-fb-rlafr
0
x-fb-debug
NXjIwN8fDZpns+WuCJC9KGIn/SX5ELAYAX2cVWCF5b9mgc0wusYyaLkiYEQNuLAx4HUX5nldY1JvaZFEI1wo7Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
debec0e81ae5e36bc532e3d670ad89a5
date
Fri, 21 May 2021 13:19:59 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"f8c9eca19ea810758c717731c1fb6340"
timing-allow-origin
*
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ Frame 3B6F
17 KB
4 KB
Stylesheet
General
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 10:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1307324
x-cache
Hit from cloudfront
content-length
3748
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-ea4"
content-type
text/css; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 10:11:15 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
gXJOibkcbmFEd0l5tnear9Ri6LUJG3bPRMd4BCeW9eSePZCH8_HlCg==
x-cache-hits
0
embed.runtime.e903d38956688915ba03.js
platform.twitter.com/embed/ Frame D961
8 KB
4 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6713) /
Resource Hash
7b5a69f728a7160605b396d9e4411856db9e4d9bbcd4b830cd946da9aee455af

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/6713)
Age
659543
Etag
"327f4c83fe34cb71a7f1d17e1ecff998+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3500
embed.modules.ff962fc355c6a950595b.js
platform.twitter.com/embed/ Frame D961
501 KB
160 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.modules.ff962fc355c6a950595b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
7519e61aea4f2c775a819496a69370040c9fdbf229fd19e5be139e79be481a23

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/6772)
Age
659542
Etag
"a66126f3a79b85f4c0c4507611cea855+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
163501
embed.i18n.7474183ca0815ae94d99.js
platform.twitter.com/embed/ Frame D961
146 B
651 B
Script
General
Full URL
https://platform.twitter.com/embed/embed.i18n.7474183ca0815ae94d99.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
db75b790206a2694094f8cae3da3176a7086f929e4f41c3fafe6e07490dc4a87

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/67DF)
Age
659543
Etag
"e6c6cbe873374a156f56ded129f56d5f"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.1f1e232812574df49967.js
platform.twitter.com/embed/ Frame D961
15 KB
6 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.Tweet.1f1e232812574df49967.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) /
Resource Hash
ce609a18ff66b8f8d0318be227f176f99e3de7ee383253b1b4e9a1caa230afac

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/669F)
Age
659543
Etag
"fbf967b3f220fece471a4e4129f0cc4f+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5558
embed.runtime.e903d38956688915ba03.js
platform.twitter.com/embed/ Frame C9F2
8 KB
4 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6713) /
Resource Hash
7b5a69f728a7160605b396d9e4411856db9e4d9bbcd4b830cd946da9aee455af

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/6713)
Age
659543
Etag
"327f4c83fe34cb71a7f1d17e1ecff998+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3500
embed.modules.ff962fc355c6a950595b.js
platform.twitter.com/embed/ Frame C9F2
501 KB
160 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.modules.ff962fc355c6a950595b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
7519e61aea4f2c775a819496a69370040c9fdbf229fd19e5be139e79be481a23

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/6772)
Age
659542
Etag
"a66126f3a79b85f4c0c4507611cea855+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
163501
embed.i18n.7474183ca0815ae94d99.js
platform.twitter.com/embed/ Frame C9F2
146 B
651 B
Script
General
Full URL
https://platform.twitter.com/embed/embed.i18n.7474183ca0815ae94d99.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
db75b790206a2694094f8cae3da3176a7086f929e4f41c3fafe6e07490dc4a87

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/67DF)
Age
659543
Etag
"e6c6cbe873374a156f56ded129f56d5f"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.1f1e232812574df49967.js
platform.twitter.com/embed/ Frame C9F2
15 KB
6 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.Tweet.1f1e232812574df49967.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) /
Resource Hash
ce609a18ff66b8f8d0318be227f176f99e3de7ee383253b1b4e9a1caa230afac

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/669F)
Age
659543
Etag
"fbf967b3f220fece471a4e4129f0cc4f+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5558
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame 0604
103 KB
34 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fa4708138b3bf07311428cc3e0fd918d3db13e4e1c923927f25f1260b98024c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 18:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 20:19:21 GMT
server
sffe
age
67873
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35022
x-xss-protection
0
expires
Fri, 20 May 2022 18:28:46 GMT
recommendations.bundle.2a97c3b82ed8723e66ce9cd79c0589b3.js
c.disquscdn.com/next/recommendations/ Frame 3B6F
65 KB
20 KB
Script
General
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.2a97c3b82ed8723e66ce9cd79c0589b3.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
aaa36800c0f3ebbd7c4a5a3900810e695d613220dcf5e4673acc3e82161e44c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 20:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318854
x-cache
Hit from cloudfront
content-length
20078
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 17 May 2021 18:53:16 GMT
server
nginx
etag
"60a2bb9c-4e6e"
content-type
application/javascript; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Tue, 17 May 2022 20:45:45 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA56-C2
timing-allow-origin
*
x-amz-cf-id
RbkDFBDmZSInkPJok0Go5nEOM3LcxHlSyGoA8QwfD1y8-_AuKTRuFw==
x-cache-hits
0
config.js
disqus.com/next/ Frame 3B6F
11 KB
12 KB
Script
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
978c66cb935cca183ddebe17950e90ed219c6f1b30f90de271fa40a722bc62b6
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
56
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
11754
X-XSS-Protection
1; mode=block
status
www.facebook.com/x/oauth/ Frame 0604
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fmrhacker.co&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dmrhackerco%26t_i%3Dmrhackerco-49739%26t_u%3Dhttps%253A%252F%252Fmrhacker.co%252Fvulnerabilities%252Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%26t_e%3DResearcher%2520publishes%2520PoC%2520for%2520CVE-2021-31166%2520vulnerability%2520in%2520Microsoft%2520IIS%26t_d%3DResearcher%2520publishes%2520PoC%2520for%2520CVE-2021-31166%2520vulnerability%2520in%2520Microsoft%2520IIS%26t_t%3DResearcher%2520publishes%2520PoC%2520for%2520CVE-2021-31166%2520vulnerability%2520in%2520Microsoft%2520IIS%26s_o%3Ddefault%23version%3D3413adea966d34cbf861a9e4eda8ee02&sdk=joey&wants_cookie_data=false
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
4abwIGqY41sPKgO0+5WDjp1K9egRsJHCpuDtJchYLbWAJJOezJpqqrcAEJ+RzEdA9AyDmhNZN5hlFQOl0vfObg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 21 May 2021 13:19:59 GMT
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://disqus.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
embed.vendors~ondemand.horizon-web.en-js.1b1ac18d747389819c25.js
platform.twitter.com/embed/ Frame D961
21 KB
7 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.1b1ac18d747389819c25.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
d309618347368b498f6cd50c4110fbaaafafed5ba9fd992ff1bbcf45df8a0b2d

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/6763)
Age
659543
Etag
"38647a0ff28c7b912391b716ba0f8c16+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
7047
embed.ondemand.i18n.en-js.cb63759befa0dfd78a30.js
platform.twitter.com/embed/ Frame D961
4 KB
2 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.cb63759befa0dfd78a30.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
e0cdcd18df62db5dab7fc26e2f03e5835191e4015f30c7b27783c49c9023273e

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/674C)
Age
659543
Etag
"616b7fcc3d03d63c086daa26449f6e1c+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1631
embed.vendors~ondemand.horizon-web.en-js.1b1ac18d747389819c25.js
platform.twitter.com/embed/ Frame C9F2
21 KB
7 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.1b1ac18d747389819c25.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
d309618347368b498f6cd50c4110fbaaafafed5ba9fd992ff1bbcf45df8a0b2d

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/6763)
Age
659543
Etag
"38647a0ff28c7b912391b716ba0f8c16+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
7047
embed.ondemand.i18n.en-js.cb63759befa0dfd78a30.js
platform.twitter.com/embed/ Frame C9F2
4 KB
2 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.cb63759befa0dfd78a30.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
e0cdcd18df62db5dab7fc26e2f03e5835191e4015f30c7b27783c49c9023273e

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/674C)
Age
659543
Etag
"616b7fcc3d03d63c086daa26449f6e1c+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1631
iframe
accounts.google.com/o/oauth2/ Frame EA7A
513 B
637 B
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be2f847a9ed9057023a6d05f276f8074b76c95064a7220bacd8195eb7df7896f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dj5J6lgt14kcwWma08E2+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=216=MLXrbzATHWAT1Acv8nsxbbyYvlZfb4QDoFjOUkoCdqXxx5_UjpGwThGMjmL1qoXSJCFWiARxMNFgi9titNZVoIIPDbEMjT4N7II52GAOomJErJRL_z03wfVBGq6Q4hrBrnwt4yIMLnHQnl2gANnd3Nl3bIJ9nyLaXwygU0cXg88
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 21 May 2021 13:19:59 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-dj5J6lgt14kcwWma08E2+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
details
disqus.com/api/3.0/forums/ Frame 3B6F
3 KB
4 KB
XHR
General
Full URL
https://disqus.com/api/3.0/forums/details?forum=mrhackerco&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a94135d4a9ed7fa3af64af87091a356f4f629d359a7e0ee08ad0aa379d5ed1c2
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3261
X-XSS-Protection
1; mode=block
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.a5abf0628fba95cb8815.js
platform.twitter.com/embed/ Frame D961
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.a5abf0628fba95cb8815.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
2e84aaf06139c7610a7c716bb9fd310dea3e427aa77c678719f34b8d14d569ef

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/67A7)
Age
659543
Etag
"d35adddaf762aff633594466ee574ed5+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2872
embed.vendors~ondemand.TimelineList~ondemand.Tweet.bc5c84d1d066f0f68a3e.js
platform.twitter.com/embed/ Frame D961
50 KB
15 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.Tweet.bc5c84d1d066f0f68a3e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
8a533b2f001d4d30d190e2cbf285dc6ca675eb533976ac5f22f165ba24fce6bc

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/674C)
Age
659543
Etag
"ad23ef62af2a45b4d83cc9a361ec2bfb+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
14567
embed.vendors~loader.UserAvatar~ondemand.Tweet.a1f0e159954fc47fc771.js
platform.twitter.com/embed/ Frame D961
25 KB
9 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~loader.UserAvatar~ondemand.Tweet.a1f0e159954fc47fc771.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) /
Resource Hash
f061c6836f4de43ab0b492cce4b4a22af4ea18b03c195343cbb447ebb2b167f7

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/67C1)
Age
659543
Etag
"bd7d724b5ac47ef77222a8eb6b034c62+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
8215
embed.vendors~ondemand.Tweet.aa2683674807aadbdc67.js
platform.twitter.com/embed/ Frame D961
52 KB
15 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.aa2683674807aadbdc67.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
23da523a0ffff334fe2ed33b683579bc44b55c457ab79e4934a1873c7e5e0541

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/673A)
Age
659543
Etag
"75f6870caaa381ebd7edd1fc5b3e57b9+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
14477
embed.ondemand.Tweet.8cdfb8847ece18c4acd4.js
platform.twitter.com/embed/ Frame D961
58 KB
14 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.8cdfb8847ece18c4acd4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
acc146648ca4f22a5e4083944c3eb3962982ac57cb5043ee75b78edaa987d1ff

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393330628708417538&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/669E)
Age
659542
Etag
"286fa669ad82b8498fb87084901ca093+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
13932
1331413
ad.a-ads.com/ Frame 6586
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1331413?size=728x90
Requested by
Host: null88.com
URL: https://null88.com/banner/aads_728x90.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
2d15415d269f3fd6995b8b17d82c24bb2697d506ab170e5cb703a3ade43b189c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://null88.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://null88.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 21 May 2021 13:19:59 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://null88.com/
Content-Encoding
gzip
1331410
ad.a-ads.com/ Frame 0C19
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1331410?size=300x250
Requested by
Host: null88.com
URL: https://null88.com/banner/aads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
c9786046b4ef00eb2e915fe8504b786887370bcb0eb7540d1ac16b059fdef531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://null88.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://null88.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 21 May 2021 13:19:59 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://null88.com/
Content-Encoding
gzip
1331411
ad.a-ads.com/ Frame 33B6
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1331411?size=320x50
Requested by
Host: null88.com
URL: https://null88.com/banner/aads_320x50.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
70dfcd6c13453caef5a19f4e202e078bd898ad5207201c635962873a749f1d31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://null88.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://null88.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 21 May 2021 13:19:59 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://null88.com/
Content-Encoding
gzip
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.a5abf0628fba95cb8815.js
platform.twitter.com/embed/ Frame C9F2
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.a5abf0628fba95cb8815.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
2e84aaf06139c7610a7c716bb9fd310dea3e427aa77c678719f34b8d14d569ef

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/67A7)
Age
659543
Etag
"d35adddaf762aff633594466ee574ed5+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2872
embed.vendors~ondemand.TimelineList~ondemand.Tweet.bc5c84d1d066f0f68a3e.js
platform.twitter.com/embed/ Frame C9F2
50 KB
15 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.Tweet.bc5c84d1d066f0f68a3e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
8a533b2f001d4d30d190e2cbf285dc6ca675eb533976ac5f22f165ba24fce6bc

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/674C)
Age
659543
Etag
"ad23ef62af2a45b4d83cc9a361ec2bfb+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
14567
embed.vendors~loader.UserAvatar~ondemand.Tweet.a1f0e159954fc47fc771.js
platform.twitter.com/embed/ Frame C9F2
25 KB
9 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~loader.UserAvatar~ondemand.Tweet.a1f0e159954fc47fc771.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) /
Resource Hash
f061c6836f4de43ab0b492cce4b4a22af4ea18b03c195343cbb447ebb2b167f7

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/67C1)
Age
659543
Etag
"bd7d724b5ac47ef77222a8eb6b034c62+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
8215
embed.vendors~ondemand.Tweet.aa2683674807aadbdc67.js
platform.twitter.com/embed/ Frame C9F2
52 KB
15 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.aa2683674807aadbdc67.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
23da523a0ffff334fe2ed33b683579bc44b55c457ab79e4934a1873c7e5e0541

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/673A)
Age
659543
Etag
"75f6870caaa381ebd7edd1fc5b3e57b9+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
14477
embed.ondemand.Tweet.8cdfb8847ece18c4acd4.js
platform.twitter.com/embed/ Frame C9F2
58 KB
14 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.8cdfb8847ece18c4acd4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
acc146648ca4f22a5e4083944c3eb3962982ac57cb5043ee75b78edaa987d1ff

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/669E)
Age
659542
Etag
"286fa669ad82b8498fb87084901ca093+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
13932
prebid.4.39.0.js
c.disquscdn.com/js/dist/ Frame 9D05
320 KB
98 KB
Script
General
Full URL
https://c.disquscdn.com/js/dist/prebid.4.39.0.js
Requested by
Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=mrhackerco&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%231d6fb7&colorScheme=light&sourceUrl=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&disqus_version=f39a31f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6f7eca3f99ce39f0220940a4eeae70037446bd11337e6f2bf3ec0e108a92e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tempest.services.disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 19:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236326
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
content-length
99562
x-xss-protection
1; mode=block
x-served-by
static-web-2
last-modified
Tue, 18 May 2021 17:17:50 GMT
server
nginx
etag
"60a3f6be-184ea"
content-type
application/javascript; charset=utf-8
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
expires
Thu, 17 Jun 2021 19:41:13 GMT
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
rmMwmtBMACaYO9pQJrI2uJx20F66dJJTkycsYX2OdZp4Zf3Nh-XGyA==
x-cache-hits
0
listRecommendations.json
disqus.com/api/3.0/discovery/ Frame 3B6F
4 KB
4 KB
XHR
General
Full URL
https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=mrhackerco&thread=ident%3Amrhackerco-49739&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f039f992afd10a0f6f68802b13f82ce6d453d50b9295e8c63ea3d4f60b4da35
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
658
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control
stale-while-revalidate=450, public, max-age=1800
Connection
keep-alive
Content-Type
application/json
Vary
Origin
Content-Length
3961
X-XSS-Protection
1; mode=block
get
c.disquscdn.com/ Frame 3B6F
20 KB
21 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F08%2Fzameen-com-hacked.jpg&key=eE1u6TVhx6ZRYzTOq33RaQ&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d14249854f89bfc3d438d887833ac7ec8f86f7070a683454e325d3b54810ce11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 05:59:08 GMT
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
age
631251
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
20678
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AetRA%2Fgf0CRBsHpxTtgAd3Bmos0GLxjQrUu%2Fyfa4aSU%2BYqhsvKeHpCoTUhpbAi0Sjt%2FlVeWIfQ4LBdLXjhsXhZJYQ8iTm8w7Pij2WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
mlFcfqhCEYLKtODRjGr-JDQka_dSior0Z6KZJ6I6l5IIAD23ihBTgg==
expires
Sun, 13 Jun 2021 05:59:08 GMT
get
c.disquscdn.com/ Frame 3B6F
3 KB
4 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F10%2Fnordvpn-server-was-hacked.jpg&key=d49R8v6RMTrdU6oMr2_OJg&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fb81d4108d1a485047b260bd9736c2c8ef105b1f56ead03c7d7f2a8811b3a6bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 05:59:07 GMT
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
age
631252
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
3532
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0p%2F6tjNrE%2B5cHhwWDlFZjGqeWdO82n8l8iQs3hZkHzXFuKVDbul4ZLKtfSy2Ti7zKaKhBS0knbx0MZt8SgV8B0uns3NT771hmOtWDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
Kgnthf_caPXYAYe02u3Rfqo_0c77Wr5HEWMOkFz2isB4APtpRceFkA==
expires
Sun, 13 Jun 2021 05:59:07 GMT
get
c.disquscdn.com/ Frame 3B6F
0
0
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2020%2F04%2Fhow-to-get-windows-10-2004-release-preview.jpg&key=VkcfeckCrYChI1IL-3gBzQ&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

get
c.disquscdn.com/ Frame 3B6F
11 KB
12 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F10%2Fnginx-php-fpm-hacking-exploit.jpg&key=FmmPpxDtKf3-7Od2A_FxeQ&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ae00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a68091c3a89ef3d42bdf172776721fade92cbc1bf09821205f1a2370a3f7c3a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 05:59:07 GMT
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
age
631251
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
11150
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OOX15UzdY3etbAAER4h%2FRxI6yBv6q1O4Ty2zfzqkk4WjjXencKbp2ZYtEhP0gYusfpn76dfUYlZvYKxvUrFffi5fwnsEqnGBIeuEjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
AJoErJ4jKzV3lbp7UG8FaLVf3ryiIA4NB8k709UiA4GGV21vaz7Eaw==
expires
Sun, 13 Jun 2021 05:59:07 GMT
3855939171-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame EA7A
112 KB
38 KB
Script
General
Full URL
https://ssl.gstatic.com/accounts/o/3855939171-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6737086b7d5121d9b73988c310046850799d3a354fe2d78fd64d797a417d011
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 22:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 04:35:02 GMT
server
sffe
age
53915
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39153
x-xss-protection
0
expires
Fri, 20 May 2022 22:21:24 GMT
ping
links.services.disqus.com/api/
315 B
744 B
XHR
General
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
90758ffccd0b37b56cb20b2edc437a57ffccb585ff72800febcf00bb4d498c6a

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 21 May 2021 13:19:59 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://mrhacker.co
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
315
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tweet
cdn.syndication.twimg.com/ Frame D961
2 KB
1 KB
XHR
General
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_tweet_embed_clickability_12102%3Acontrol&id=1393330628708417538&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.ff962fc355c6a950595b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
7205183b49f075b10dae46f88fb41a28670fe4c0a746ed2ca60c0c3b7819cde9
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"6a1-sRIGdG07ayuP8+Wpk6FS0vw0VKc"
x-powered-by
Express
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
x-xss-protection
0
x-response-time
144
server
tsa_f
x-frame-options
SAMEORIGIN
date
Fri, 21 May 2021 13:19:59 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
5e7d6d0c8a9884e9efebf890172d7e4d
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
prebid
ib.adnxs.com/ut/v3/ Frame 9D05
137 B
849 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/js/dist/prebid.4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6d69c9489b46e8d8ef12d84e296f9cf210782ddcfcd81d48834b7e847c5ca8de
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tempest.services.disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 21 May 2021 13:19:59 GMT
X-Proxy-Origin
89.187.168.226; 89.187.168.226; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.176:80
AN-X-Request-Uuid
523ee438-efd3-4377-bdee-9a5a8a8a6cbe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tempest.services.disqus.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tweet
cdn.syndication.twimg.com/ Frame C9F2
1 KB
839 B
XHR
General
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_tweet_embed_clickability_12102%3Acontrol&id=1393970836302811138&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.ff962fc355c6a950595b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
99459a8b9fe5d6be694668cbda2837bf588d4d5ca6b4c066b68bbf5ba85a3814
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"533-FfDbAderqjSwrbYd50oKuG0zdFE"
x-powered-by
Express
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
x-xss-protection
0
server
tsa_f
x-frame-options
SAMEORIGIN
date
Fri, 21 May 2021 13:19:59 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
350a9eb992b3f10d5bc657e748171ef570d5e1fbdd2059519bc6517b25aadd93
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
event.gif
referrer.disqus.com/juggler/ Frame 0604
43 B
295 B
Image
General
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=1ed038125sup5b&experiment=network_default&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=mrhackerco&zone=thread&page_url=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906&page_referrer=https%3A%2F%2Fmrhacker.co%2F&object_type=advertisement&provider=survey&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=&section=default&verb=load&extra_data=%7B%22time_to_load%22%3A334%7D&forum_id=5865020
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
728x90
static.a-ads.com/a-ads-banners/116326/ Frame 6586
46 KB
46 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/116326/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1331413?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1056ffa10b231310cc322a456a9be9de5d0d52c2fb0982c71f8aabdb9242bf89

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Last-Modified
Wed, 08 Apr 2020 19:37:58 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
27CDC9B937884B1B
ETag
"4a8bdf5e9cb0308423c0d0f055b7064d"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
46934
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
1MZp97rkQ00bzlhE9Db9XhB7EHlthNJ5
x-amz-id-2
peVT+//O7hZUdc/9udfvNN09QyhjhyFoZgQsYVVxwLSyS6iTH8sx0RCINzS2LxOjgjQegq4b6Uw=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
300x250
static.a-ads.com/a-ads-banners/117610/ Frame 0C19
174 KB
174 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/117610/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1331410?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
59e054acacbce0cfc6b7329639eb4ad898676b507b93a2b8a843ec7b5bd61202

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Last-Modified
Sun, 19 Apr 2020 16:06:32 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
32664FF550CBFCA0
ETag
"2a6b36df9c728e02224e7ba4bdbf0d0b"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
177867
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
jFCVeEcNUb1I4XrWAG0_SW45Q7ZsGNjK
x-amz-id-2
nYrpFmRmTDV4MSpQte1NLgE2Gv7bmDM9CODmY/gnZPm2hRbD3bZtmo3hu8txbA9JgFyBDW+HNU0=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
320x50
static.a-ads.com/a-ads-banners/132809/ Frame 33B6
28 KB
29 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/132809/320x50?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1331411?size=320x50
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
15faa1474d3b7960386ebb250853bb66826a113ed0355cd62c292b7172d19d5c

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:19:59 GMT
Last-Modified
Tue, 17 Nov 2020 12:14:17 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
A43A4E509DD7EE63
ETag
"6e957e6658d4bcb55c52288ab999a476"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Content-Length
28900
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
null
x-amz-id-2
Nra3lC5ZZpzd358Tk2k30dmdElqhGvafV5DWe+4VSX++fZkQXdJ904oA+t+59IaG9pria2HeGCU=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame EA7A
14 B
58 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/3855939171-idpiframe.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With
XmlHttpRequest

Response headers

date
Fri, 21 May 2021 13:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 21 May 2021 14:19:59 GMT
sync.gif
links.services.disqus.com/api/
43 B
375 B
Image
General
Full URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 May 2021 13:19:59 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
links.services.disqus.com/api/
76 B
504 B
XHR
General
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e9a8655a1977de85a130a0abd6c324374663a8420bb69f7a965e3e58ccbe3d0e

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 21 May 2021 13:20:00 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://mrhacker.co
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
76
Expires
Thu, 01 Jan 1970 00:00:00 GMT
jot
syndication.twitter.com/i/ Frame D961
43 B
375 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1621603200029%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22MrHackerCo%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22MrHackerCo%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%220be74e80%3A1620761712411%22%2C%22item_ids%22%3A%5B%221393330628708417538%22%5D%2C%22item_details%22%3A%7B%221393330628708417538%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 21 May 2021 13:20:00 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e1244f08c3c89dd69c06b0e0fe29d9982876bc340e228e5eedb9f60e6b093295
x-transaction
c91f00f4a7b1d5b9
expires
Tue, 31 Mar 1981 05:00:00 GMT
1f631.svg
abs-0.twimg.com/emoji/v2/svg/ Frame D961
2 KB
1 KB
Image
General
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f631.svg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c050671286ff22d29215d2ecf081a85337b164bdc007e6d342b47f39ef11a339
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
788
etag
"gRlamEekWay7K2gKcDV3KA=="
x-served-by
cache-fty21383-FTY, cache-vie21630-VIE
last-modified
Wed, 21 Feb 2018 22:31:09 GMT
date
Fri, 21 May 2021 13:20:00 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
tw-cdn
FT
expires
Thu, 04 Mar 2021 06:43:24 GMT
1f486-1f3fb-200d-2642-fe0f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame D961
3 KB
1 KB
Image
General
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f486-1f3fb-200d-2642-fe0f.svg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3148d6f31758ea6c9a845310897e70f05595108097759f6992cb416021a93a6e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
timing-server-allow
https://twitter.com;https://mobile.twitter.com
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
889
x-served-by
cache-fty21349-FTY, cache-vie21630-VIE
last-modified
Wed, 21 Feb 2018 22:31:03 GMT
etag
"dw3GmzbeLpeezxNuFy6vcg=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
date
Fri, 21 May 2021 13:20:00 GMT
expires
Sat, 09 Apr 2022 07:58:35 GMT
embed.vendors~ondemand.TweetVideo.3c032c04b56c9f7a86e6.js
platform.twitter.com/embed/ Frame C9F2
178 KB
47 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TweetVideo.3c032c04b56c9f7a86e6.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
45a87095cd83714673208e7b8b1aafdadfa4ef4898044dea56135d9faba6aa64

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:20:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/67C2)
Age
659543
Etag
"13721ed6bbf5be70832283d0a1d5108e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
47445
embed.ondemand.TweetVideo.6ad139cbd5678dcb33e7.js
platform.twitter.com/embed/ Frame C9F2
2 KB
1 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.ondemand.TweetVideo.6ad139cbd5678dcb33e7.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F2) /
Resource Hash
722120b3a4b0aa8f8c03765a247157fe356f12e1899bbc2acb3362485b0935bc

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:20:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:46 GMT
Server
ECS (frb/67F2)
Age
659544
Etag
"20a4910316176b419b4ec266300204b0+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
916
jot
syndication.twitter.com/i/ Frame C9F2
43 B
119 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1621603200135%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22MrHackerCo%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22MrHackerCo%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%220be74e80%3A1620761712411%22%2C%22item_ids%22%3A%5B%221393970836302811138%22%5D%2C%22item_details%22%3A%7B%221393970836302811138%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 21 May 2021 13:20:00 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e1244f08c3c89dd69c06b0e0fe29d9982876bc340e228e5eedb9f60e6b093295
x-transaction
d4b35ed499313c73
expires
Tue, 31 Mar 1981 05:00:00 GMT
YAMtIV_2_normal.jpg
pbs.twimg.com/profile_images/1326466985258086405/ Frame D961
2 KB
2 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/1326466985258086405/YAMtIV_2_normal.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
96b98029e7f5f6da84f1a964d9ba759af3a7f6c94c5459807f37aee40f1230d5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:00 GMT
x-content-type-options
nosniff
age
287374
x-cache
HIT
content-length
1807
x-response-time
123
surrogate-key
profile_images profile_images/bucket/2 profile_images/1326466985258086405
last-modified
Wed, 11 Nov 2020 10:07:08 GMT
server
ECS (frb/6724)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
4e0c9476a8e831100ab7522e933c7fb982c917531d7f16e20f67bc7df1c85a78
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
E1Ya0i3XIAAr9RM
pbs.twimg.com/media/ Frame D961
17 KB
17 KB
Image
General
Full URL
https://pbs.twimg.com/media/E1Ya0i3XIAAr9RM?format=jpg&name=360x360
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) /
Resource Hash
d2487430c6774a4281f18f4b59a3e3211be1e62fbc717721bea809cb5e3ffb97
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:00 GMT
x-content-type-options
nosniff
age
572312
x-cache
HIT
content-length
17114
surrogate-key
media media/bucket/9 media/1393330624732274688
last-modified
Fri, 14 May 2021 22:19:22 GMT
server
ECS (frb/6793)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7c003b9540d4bd029de000937eea5828589e2d47c7509b7015882f3d8293c4ab
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
1f525.svg
abs-0.twimg.com/emoji/v2/svg/ Frame C9F2
822 B
636 B
Image
General
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f525.svg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
496
etag
"ZwaaE+AGNFzijsxYHy7RYg=="
x-served-by
cache-atl6237-ATL, cache-vie21630-VIE
last-modified
Wed, 21 Feb 2018 22:31:06 GMT
date
Fri, 21 May 2021 13:20:00 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
tw-cdn
FT
expires
Wed, 22 Jan 2020 16:28:34 GMT
E1Ya0ivWYAg0ayM
pbs.twimg.com/media/ Frame D961
20 KB
20 KB
Image
General
Full URL
https://pbs.twimg.com/media/E1Ya0ivWYAg0ayM?format=jpg&name=360x360
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
258b127e4eb9e53b133dfb338b4427092f9bbb3a7168a225201fd701c753dc14
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:00 GMT
x-content-type-options
nosniff
age
572312
x-cache
HIT
content-length
20465
surrogate-key
media media/bucket/1 media/1393330624698671112
last-modified
Fri, 14 May 2021 22:19:22 GMT
server
ECS (frb/6731)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
589d9997db333d4b2222aa126c8a4c7b67c55b6df0e6e82504253f57e5dd21a4
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
G9mVbzoN_normal.png
pbs.twimg.com/profile_images/1248777897617195008/ Frame C9F2
6 KB
6 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/1248777897617195008/G9mVbzoN_normal.png
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
eb9315f962903cb24ab239dcdae975290ddcf3a6c74292bfc2ac207a91a7cd5b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:00 GMT
x-content-type-options
nosniff
age
414282
x-cache
HIT
content-length
6063
x-response-time
116
surrogate-key
profile_images profile_images/bucket/9 profile_images/1248777897617195008
last-modified
Sat, 11 Apr 2020 00:58:26 GMT
server
ECS (frb/6727)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
c5ade57c2f4d174f220248f47a809a7b5df374ad116542a3df6575ef54fe0675
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
/
glitter.services.disqus.com/urls/ Frame 0604
473 B
771 B
Script
General
Full URL
https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=mrhackerco&thread_id=8537414278&referer=
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
4e6a70928f3b57e1834c37870126c0c40eeab951a310ea057dc987d6f71247bb
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:20:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
openresty
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
no-cache
transfer-encoding
chunked
X-Service
glitter
Content-Disposition
attachment; filename=f.txt
Strict-Transport-Security
max-age=300; includeSubdomains
Vary
Accept-Encoding, Cookie
noavatar92.png
a.disquscdn.com/1621371204/images/ Frame 0604
2 KB
2 KB
Image
General
Full URL
https://a.disquscdn.com/1621371204/images/noavatar92.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.bc826e2c6760336a4737669d17512963.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:00 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
148955
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
content-type
image/png
content-length
1644
x-amz-cf-id
WTA2nvLwXbWe-jgLaRXaiU0DegQpD5D5gfyDJBXwuWjjdjty7nLwLQ==
expires
Fri, 18 Jun 2021 19:57:25 GMT
embed.vendors~loaders.video.VideoPlayerDefaultUI.9b7027d000c21593bcd8.js
platform.twitter.com/embed/ Frame C9F2
132 KB
32 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.VideoPlayerDefaultUI.9b7027d000c21593bcd8.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e903d38956688915ba03.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
6d5adcbf950fefdb94dc0bc4becc0c6204a6fec560adb3665b803b2124c9476e

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1393970836302811138&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&sessionId=5131b58f1eab87761a5f1e73ad754b2da6bfee80&siteScreenName=MrHackerCo&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:20:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 May 2021 20:52:47 GMT
Server
ECS (frb/67AA)
Age
659543
Etag
"a06f590c1e94adff87f0d2a13aad449c+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
32011
E1hhFO_VcAIYdpS.jpg
pbs.twimg.com/tweet_video_thumb/ Frame C9F2
111 KB
111 KB
Image
General
Full URL
https://pbs.twimg.com/tweet_video_thumb/E1hhFO_VcAIYdpS.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
5ea079e618336d0992da0cdc0497b4a697215879d7a207697080c90225acce15
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:00 GMT
x-content-type-options
nosniff
age
419676
x-cache
HIT
content-length
113717
surrogate-key
tweet_video_thumb tweet_video_thumb/bucket/0 tweet_video_thumb/1393970827222151170
last-modified
Sun, 16 May 2021 16:43:18 GMT
server
ECS (frb/67BA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
ad76f10db4aada4b51e06cc88e9605ee86180bbca6d8ec6d28abbb30bff3cf0c
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
jot
syndication.twitter.com/i/ Frame C9F2
43 B
118 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1621603200387%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22MrHackerCo%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22MrHackerCo%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%220be74e80%3A1620761712411%22%2C%22item_ids%22%3A%5B%221393970836302811138%22%5D%2C%22item_details%22%3A%7B%221393970836302811138%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1250.7349997758865%7D&dnt=1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 21 May 2021 13:20:00 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e1244f08c3c89dd69c06b0e0fe29d9982876bc340e228e5eedb9f60e6b093295
x-transaction
4f04fcd43fecfff0
expires
Tue, 31 Mar 1981 05:00:00 GMT
E1hhFO_VcAIYdpS.jpg
pbs.twimg.com/tweet_video_thumb/ Frame C9F2
111 KB
111 KB
Image
General
Full URL
https://pbs.twimg.com/tweet_video_thumb/E1hhFO_VcAIYdpS.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.ff962fc355c6a950595b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
5ea079e618336d0992da0cdc0497b4a697215879d7a207697080c90225acce15
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:00 GMT
x-content-type-options
nosniff
age
419676
x-cache
HIT
content-length
113717
surrogate-key
tweet_video_thumb tweet_video_thumb/bucket/0 tweet_video_thumb/1393970827222151170
last-modified
Sun, 16 May 2021 16:43:18 GMT
server
ECS (frb/67BA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
ad76f10db4aada4b51e06cc88e9605ee86180bbca6d8ec6d28abbb30bff3cf0c
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
event.gif
referrer.disqus.com/juggler/ Frame 0604
43 B
295 B
Image
General
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=1&embed_hidden=1&load_time=1580&event=init_embed&thread=8537414278&forum=mrhackerco&forum_id=5865020&imp=1ed038125sup5b&prev_imp&thread_slug=researcher_publishes_poc_for_cve_2021_31166_vulnerability_in_microsoft_iis&user_type=anon&referrer=https%3A%2F%2Fmrhacker.co%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:20:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
pixel.html
live.rezync.com/ Frame 56D5
507 B
1 KB
Document
General
Full URL
https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1eb50di1ifa2tq&pctry=AT&referrer=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-25-30.fra56.r.cloudfront.net
Software
lighttpd/1.4.33 /
Resource Hash
212e1c98ec4ce2591c8a5f28bb4cb861bcddad6d35fde87415aff0cb36f6c583

Request headers

:method
GET
:authority
live.rezync.com
:scheme
https
:path
/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1eb50di1ifa2tq&pctry=AT&referrer=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default

Response headers

content-type
text/html; charset=utf-8
content-length
507
date
Fri, 21 May 2021 13:20:00 GMT
server
lighttpd/1.4.33
set-cookie
zync-uuid=831265fb-859f-4cf6-82ff-a4f8d02e369e:1621603200.73; Domain=rezync.com; Expires=Wed, 17-Nov-2021 06:20:00 GMT; Path=/; SameSite=None; Secure sd-session-id=.eJwVij0LgzAUAP9KebODBlyEDoWUUugztOgQF_EjLU9MWk2kVcl_rw4Hd3ArlB816soo4yBx46QCaHraykKyQkt2mDaDJlJ1HLYU0bNibgAfgFXW0tuU1O7nod4uwfGHnYwKfXWC53FBYSiZZLfsNRdaOpk9tLjcv6jzJe36XnRnhjscZ-SnKV3wCN7_Ad0uMiI.E4lFAA.RIKXRFGTWcXigxJWJj8vAkY8KrA; Expires=Wed, 17-Nov-2021 13:20:00 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache
Miss from cloudfront
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
QLj9TihENLqH8ZG0MlHOg-OPLc8wTfL6kGY6gp3Ote47uprvqKHGwg==
362358.gif
idsync.rlcdn.com/ Frame E513
Redirect Chain
  • https://ejp.rlcdn.com/501709.html
  • https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCIDnnoUGEgUI6AcQAEIASgA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPzfMQGJgNGGenDZRcjw3h4&google_cver=1
42 B
315 B
Document
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPzfMQGJgNGGenDZRcjw3h4&google_cver=1
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method
GET
:authority
idsync.rlcdn.com
:scheme
https
:path
/362358.gif?google_gid=CAESEPzfMQGJgNGGenDZRcjw3h4&google_cver=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
rlas3=4oS0Omr4aXHnu91sim19LsUmn9ItDbqO5dyMShK8wEU=; pxrc=CIDnnoUGEgUI6AcQABIGCLrqARAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default

Response headers

cache-control
no-cache, no-store
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
rlas3=4oS0Omr4aXHnu91sim19LsUmn9ItDbqO5dyMShK8wEU=; Path=/; Domain=rlcdn.com; Expires=Sat, 21 May 2022 13:20:00 GMT; Secure; SameSite=None pxrc=CIDnnoUGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Tue, 20 Jul 2021 13:20:00 GMT; Secure; SameSite=None
timing-allow-origin
*
date
Fri, 21 May 2021 13:20:00 GMT
content-length
42
via
1.1 google
alt-svc
clear

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPzfMQGJgNGGenDZRcjw3h4&google_cver=1
date
Fri, 21 May 2021 13:20:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
289
x-xss-protection
0
set-cookie
IDE=AHWqTUm81V_lTblEPMs7F9l3Uco4cTzWXUbxoyJZCK4Hd8MibJS5M1sj2ik--AtcX0w; expires=Wed, 15-Jun-2022 13:20:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
io.narrative.io/ Frame 0604
Redirect Chain
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Ac1eb50di1ifa2tq&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft...
  • https://io.narrative.io/?io.narrative.guid.v2=3efb3430-ba37-11eb-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac1eb50di1ifa2tq&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-p...
35 B
319 B
Image
General
Full URL
https://io.narrative.io/?io.narrative.guid.v2=3efb3430-ba37-11eb-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac1eb50di1ifa2tq&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.163.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-163-171.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-49739&t_u=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis&t_e=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_d=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&t_t=Researcher%20publishes%20PoC%20for%20CVE-2021-31166%20vulnerability%20in%20Microsoft%20IIS&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:20:00 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=3efb3430-ba37-11eb-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac1eb50di1ifa2tq&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis
Date
Fri, 21 May 2021 13:20:00 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
jot
syndication.twitter.com/i/ Frame D961
43 B
118 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1621603200553%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22MrHackerCo%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22MrHackerCo%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%220be74e80%3A1620761712411%22%2C%22item_ids%22%3A%5B%221393330628708417538%22%5D%2C%22item_details%22%3A%7B%221393330628708417538%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1424.7750006616116%7D&dnt=1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/vulnerabilities/researcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis?feed_id=19217\u0026_unique_id=60a6f8d8f1906
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 21 May 2021 13:20:00 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e1244f08c3c89dd69c06b0e0fe29d9982876bc340e228e5eedb9f60e6b093295
x-transaction
bbf1fbea47b77eda
expires
Tue, 31 Mar 1981 05:00:00 GMT
52154.gif
idsync.rlcdn.com/ Frame 56D5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=7203524076022560153
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=831265fb-859f-4cf6-82ff-a4f8d02e369e%3A1621603200.73&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc1eb50di1ifa2tq
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c1eb50di1ifa2tq
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7203524076022560153
42 B
315 B
Image
General
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7203524076022560153
Requested by
Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1eb50di1ifa2tq&pctry=AT&referrer=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://live.rezync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 21 May 2021 13:20:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

Pragma
no-cache
Date
Fri, 21 May 2021 13:20:01 GMT
X-Proxy-Origin
89.187.168.226; 89.187.168.226; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.85:80
AN-X-Request-Uuid
8e53dccf-eb36-4cc4-9b29-28d10410f066
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7203524076022560153
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
397676.gif
idsync.rlcdn.com/ Frame 56D5
Redirect Chain
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=831265fb-859f-4cf6-82ff-a4f8d02e369e%3A1621603200.73&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab...
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871597495260606863
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c1eb50di1ifa2tq
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=j6HUE7_z9ivdpMyD3ro4TJKO5hOxc8rZ
42 B
325 B
Image
General
Full URL
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=j6HUE7_z9ivdpMyD3ro4TJKO5hOxc8rZ
Requested by
Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1eb50di1ifa2tq&pctry=AT&referrer=https%3A%2F%2Fmrhacker.co%2Fvulnerabilities%2Fresearcher-publishes-poc-for-cve-2021-31166-vulnerability-in-microsoft-iis%3Ffeed_id%3D19217%5Cu0026_unique_id%3D60a6f8d8f1906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://live.rezync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 21 May 2021 13:20:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=j6HUE7_z9ivdpMyD3ro4TJKO5hOxc8rZ
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3747
date
Fri, 21 May 2021 13:20:01 GMT
content-length
221
content-type
text/html; charset=utf-8
sodar
pagead2.googlesyndication.com/getconfig/
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa490f8b07896cc8eccac441b9fdfe2cb353a61b72e9866a01729d75bf4bed12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 21 May 2021 13:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7657
x-xss-protection
0
300x100.html
adsxyz.com/sponsors/linklite/ Frame F752
1007 B
666 B
Document
General
Full URL
https://adsxyz.com/sponsors/linklite/300x100.html
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c092a55edafc4fc6e61f4160240336a168508c6002ed14f61572dda08f4ca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adsxyz.com
:scheme
https
:path
/sponsors/linklite/300x100.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

date
Fri, 21 May 2021 13:20:05 GMT
content-type
text/html
last-modified
Mon, 30 Nov 2020 12:35:10 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=14400
cf-cache-status
HIT
age
5278
cf-request-id
0a30ae599d00005364c81d8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ABAfcxr1TMwfafa6aR1bq7thUTcbAb0aEaSBrBwxHTKFux2H8WsiglvmkxoiJtw4JOep0MDcIPHipeTSneErfBep757vUT528b%2BFzrVayxh2AEsP1G5E"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
652e19a29d2b5364-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
728x90.html
adsxyz.com/sponsors/linklite/ Frame F9C8
1 KB
569 B
Document
General
Full URL
https://adsxyz.com/sponsors/linklite/728x90.html
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd0e00c83c57326a376b8037ffddc324a5fbaae13461d9260b96efa69265d42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adsxyz.com
:scheme
https
:path
/sponsors/linklite/728x90.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

date
Fri, 21 May 2021 13:20:05 GMT
content-type
text/html
last-modified
Mon, 30 Nov 2020 12:35:36 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=14400
cf-cache-status
HIT
age
5278
cf-request-id
0a30ae59a3000053640022a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s4NPXp9za%2FMfm6CTLvznyD%2BHCDB5zwUsnxKgQApLb5oF%2B8828mw5o5yDF4%2BtURMzCFw8%2FuPUUy%2BQKIYugrtgDr%2BP31vMjsMZT6Yecl8cr0yGDW01dBRG"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19a29d465364-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
300x250.html
adsxyz.com/sponsors/linklite/ Frame 3B92
1 KB
570 B
Document
General
Full URL
https://adsxyz.com/sponsors/linklite/300x250.html
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe5e6637bcd2b45a416c7ee538f31244be004fca119a5313c0853ece7ca9e5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adsxyz.com
:scheme
https
:path
/sponsors/linklite/300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

date
Fri, 21 May 2021 13:20:05 GMT
content-type
text/html
last-modified
Mon, 30 Nov 2020 12:35:18 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=14400
cf-cache-status
HIT
age
5278
cf-request-id
0a30ae59a500005364be045000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GFPZYSR4BRbB692Uvlz7TL8SXm%2FfjNTdzDeMzZPMSdePlb0zKWuvrnkyGAf9j3LLi2sl5wo7IfCllYxb8LIbPZnqXmPo60KNL%2BvDP%2Fu2La%2BYgwvgjP4y"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19a2ad525364-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
random3f.js
adsxyz.com/sponsors/linklite/ Frame F752
920 B
857 B
Script
General
Full URL
https://adsxyz.com/sponsors/linklite/random3f.js
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x100.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926cb0eb3abf09a081ba1960a7e54f9f47da5561d50b17a967d95db2c8022e47

Request headers

Referer
https://adsxyz.com/sponsors/linklite/300x100.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2345642
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae59c50000d6cd6307b000000001
last-modified
Fri, 26 Jun 2020 11:54:08 GMT
server
cloudflare
etag
W/"5ef5e1e0-398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TX8yhG2sd0P4dpc9G3q0L9%2BOO9eVhHDeX5MDS1Mk91hJTdD6mviYMVtLr40Ngzt8lGlE9Rb4MhaFTBgny%2BOT2mfT9ZPBCcunGfD4jDLffwgiVfA5UYvp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19a2cf37d6cd-FRA
expires
Mon, 24 May 2021 09:46:02 GMT
random3f.js
adsxyz.com/sponsors/linklite/ Frame F9C8
920 B
856 B
Script
General
Full URL
https://adsxyz.com/sponsors/linklite/random3f.js
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/728x90.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926cb0eb3abf09a081ba1960a7e54f9f47da5561d50b17a967d95db2c8022e47

Request headers

Referer
https://adsxyz.com/sponsors/linklite/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2345642
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae59c50000d6cd6cae2000000001
last-modified
Fri, 26 Jun 2020 11:54:08 GMT
server
cloudflare
etag
W/"5ef5e1e0-398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3H2w7KOkS6P66zagn7UsV%2BiO31JsVcLtqGOIv07ZWHNtPVi5iaBKaIdKcxIXfCg5VfrYMCg6OwlPEbyra5PvRPOWgoXzXdhxITME8pHZKSBkurFR2Ghn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19a2cf47d6cd-FRA
expires
Mon, 24 May 2021 09:46:02 GMT
random3f.js
adsxyz.com/sponsors/linklite/ Frame 3B92
920 B
860 B
Script
General
Full URL
https://adsxyz.com/sponsors/linklite/random3f.js
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x250.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926cb0eb3abf09a081ba1960a7e54f9f47da5561d50b17a967d95db2c8022e47

Request headers

Referer
https://adsxyz.com/sponsors/linklite/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2345642
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a30ae59c60000d6cd9e083000000001
last-modified
Fri, 26 Jun 2020 11:54:08 GMT
server
cloudflare
etag
W/"5ef5e1e0-398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oDMrsgLLqCAvlfs4TVdkb2huaShDemOIMzYd8BwAQE77%2FmBG3F9l0v4xzO7EEQAMUSxvgYShUh7VnAB4A%2FTRZEGlAD4McNt7OSZG9HVs0L%2BLGtp24rQp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
652e19a2cf4bd6cd-FRA
expires
Mon, 24 May 2021 09:46:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 13:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 21 May 2021 13:20:05 GMT
aads_320x50.html
mrhacker.co/banner/ Frame D12C
0
0
Document
General
Full URL
https://mrhacker.co/banner/aads_320x50.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x100.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mrhacker.co
:scheme
https
:path
/banner/aads_320x50.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:20:06 GMT
content-type
text/html
last-modified
Sun, 19 Jan 2020 08:10:55 GMT
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae59db00001776d99f4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qfcjfWQFL2ENjAC5KPofsJ7XhAf0tAWKxIv27hRs3BqpJvdXH1OGeFTHRmLVTg5AqVIC1kgTbAM%2FMh1LM4pa9JIp2gugpUJ4RswnX9PfBNrG81UiHbLm%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19a2fc5e1776-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_320x50.html
null88.com/banner/ Frame 35C2
555 B
513 B
Document
General
Full URL
https://null88.com/banner/aads_320x50.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x100.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc28c1cae7fbe099cd302bbd11f2a3d569f6bde24d976bce9ed9d4ce08c203bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
null88.com
:scheme
https
:path
/banner/aads_320x50.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:20:05 GMT
content-type
text/html
last-modified
Sat, 22 Feb 2020 06:35:06 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae59db00004e7f3dbe4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zRbGr%2B1Su6sT5Xh%2F8YKAm5nax8OPBEBn3%2BhY6GMPMkunyPR8eLVCjgjLUvfVkg5qITmTY9cCO3peCdjfx4nYz7%2BWwwFDWZXwJTH%2BN7JsIz9oLbZ3Dfzm"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19a2f8594e7f-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_320x50.html
thehacker.co/banner/ Frame 2A72
0
0

aads_728x90.html
mrhacker.co/banner/ Frame C6F6
0
0
Document
General
Full URL
https://mrhacker.co/banner/aads_728x90.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/728x90.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mrhacker.co
:scheme
https
:path
/banner/aads_728x90.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:20:06 GMT
content-type
text/html
last-modified
Sun, 19 Jan 2020 08:12:10 GMT
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae59df00001776e38f7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n1N8bOVmvtMLl%2FwzY%2FKH41238X1lCZ32win%2Br9Rh%2FIW0aWGwTj03D13AD0U0%2FFNd2G9je3lcdU5%2B7R0Z7sLwwg312Io3ZHkryrqtX0sBla2C5NYBWh4DEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19a2fc641776-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_728x90.html
null88.com/banner/ Frame 399B
555 B
518 B
Document
General
Full URL
https://null88.com/banner/aads_728x90.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/728x90.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1063c4327c4d67eed0961d9dfc41d607c90321cb696e505cddcd9d717253811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
null88.com
:scheme
https
:path
/banner/aads_728x90.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:20:06 GMT
content-type
text/html
last-modified
Sat, 22 Feb 2020 06:36:18 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae59e000004e7fed0fb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8kxUMnKJBYBeU6JCgVwS1RQ%2FSLsK%2F9r6tE%2B3t1AVEPbmG8Na7jeX%2BboZm3kW1lwQ%2Flo8K6qudptCqg%2Bi2%2FaVG10kJyfLrmpyx8ObDlZjEX%2BCrAiOGagG"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19a2f86d4e7f-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_728x90.html
thehacker.co/banner/ Frame 639A
0
0

aads_300x250.html
mrhacker.co/banner/ Frame 06E7
0
0
Document
General
Full URL
https://mrhacker.co/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x250.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mrhacker.co
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:20:06 GMT
content-type
text/html
last-modified
Sun, 19 Jan 2020 08:10:22 GMT
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae59e500001776ec38d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ntj5ciCT%2F8Ja%2Fa6QpKwTm6K30jknpBu1eDv8mP2YEZrvrGOC1SAWwVcd42RsCPzfFhLc7uwRtJXouvbfeU4SALdPhyZdOiW1TeuWRuGUzL9TxSlAiWlM7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19a30c701776-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_300x250.html
null88.com/banner/ Frame 67D5
558 B
486 B
Document
General
Full URL
https://null88.com/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linklite/300x250.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff3c131212b8c54e4fef81437dd815acba30e979a4e811a5a1174250e548bcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
null88.com
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsxyz.com/

Response headers

date
Fri, 21 May 2021 13:20:06 GMT
content-type
text/html
last-modified
Sat, 22 Feb 2020 06:34:19 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a30ae59e500004e7f3dbe7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MiMGXl%2ByjNxdS1NGpJaUXJ2z298e3CJD5iyVxzZbLouAFuXtMHM6vpfCjwvcaOYpSlpP%2FHBBLYey4wl1QjLSeRzIab7pVgktHYZhmGIPLq4OhmQGSMvS"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
652e19a3087d4e7f-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
aads_300x250.html
thehacker.co/banner/ Frame 387C
0
0

runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3AA8
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mrhacker.co/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 21 May 2021 13:16:38 GMT
expires
Sat, 21 May 2022 13:16:38 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
207
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js
pagead2.googlesyndication.com/bg/ Frame 3AA8
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 12:40:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
2346
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5784
x-xss-protection
0
expires
Sat, 21 May 2022 12:40:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=4309633950982047&bg=!9_Sl9LDNAAZ7hX_Ue4U7ACkAdvg8WhpD1sw3GscyzrxWcFqk43aNek32q8-phH55DJTrEXsVkS6DJQIAAABkUgAAAAhoAQcKADvho2CGe8hmyzae1bQtW4aF9FBiRIwwwOasuYl-xeSZXf44clLXA5FG_RUCuqxmHuNW_S5GlVymW3ZmypkCOwMszg_aQh4DMLN__2E8KiNmSkDJjsRaP5wvo_JtCVs8hN0NIwkkETAqxW4v2tTmj3nZz-PQsC26Yux_HeHBaz-q-aidvuTidZXHDj8Omfhm2ogyGwLH1GjIoQf_v6RRENKgjsZq8an3fpOd1giD0PE0cllVlaDeWuxwVGUTzJHD6kYnJI1rTwwMTDGcRlVSG7-k54rBp6KWdNsuhPXWIrBRBtwYaCdLX8CSnYaiqPI6W9G6Q3iEkJUbkFmY5sl0wWcsJSvh0fiMUWm3BhXEA-l1Ik31Zjw8PpWSbSv59ytdbaZ0DWytrVXK4g31ekZ0B4mK2Mw1d3qlj2imxW6CdUCW4ZkY0E5_Jj7fz6W5o_DSDrJZLTF8kxCw9D6xCIdVvB6rpuXeLeCTsfhrGuRgtfGjvbiX63lkCCDCxhfzInc25ncmEYvukkr0-S5kPEuoGPW4KSu42nmC6BI5iony6Fv0BaDJ5NJT1uvFuzkZbhhk44Ht7yffFqR8ClCwXkp9_-RiHz-nQrDsC3P8eQsxnyVMsvR7MDQTxxj9e4bsXleyN_U0vNtPqotE4yqSmKX15lVnDoCUAzPffw1oIcS7LMVv4X217uzyELsh_fecEJBcT9DDBmJVA48izDkVjV5n2-OtOAYU8FUncj2uSLKJBQtL2C_najJ7YxoFL72a0zLi8VI1qPZHOztUEYcmmLz7rc-90YBzzY1GIrKr6kekV7fM7q8knpTs3PE-XaPCPJkPZBvNxGCu2Yh3-3g
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 May 2021 13:20:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1331411
ad.a-ads.com/ Frame F1DC
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1331411?size=320x50
Requested by
Host: null88.com
URL: https://null88.com/banner/aads_320x50.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
ad403881e498103baa495e0fd5d746b99d91472e739365cee316eb759a51604a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://null88.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://null88.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 21 May 2021 13:20:05 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://null88.com/
Content-Encoding
gzip
320x50
static.a-ads.com/a-ads-banners/138213/ Frame F1DC
147 KB
148 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/138213/320x50?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1331411?size=320x50
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d6e20a756f3c205262dc72d4a953e95141a1693e1ddff84fabf75231f20ae756

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:20:05 GMT
Last-Modified
Fri, 05 Feb 2021 15:50:55 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
CCF450255EFE4ECF
ETag
"28a040eefb5d87799641b0f78bb1a97e"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
150942
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
null
x-amz-id-2
9ysqKy7bvNDco1hr3kOkvwuabuQR9lhwjIIttzfCVzLntiAmLmVv1j3hZx+dzZl2TzkVbN/P0Rg=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1331413
ad.a-ads.com/ Frame E0A0
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1331413?size=728x90
Requested by
Host: null88.com
URL: https://null88.com/banner/aads_728x90.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
2d15415d269f3fd6995b8b17d82c24bb2697d506ab170e5cb703a3ade43b189c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://null88.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://null88.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 21 May 2021 13:20:06 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://null88.com/
Content-Encoding
gzip
1331410
ad.a-ads.com/ Frame EAEF
7 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1331410?size=300x250
Requested by
Host: null88.com
URL: https://null88.com/banner/aads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
e17aed066a99a815c82333c38bb33ba964de839312eb1d57254a49af64557732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://null88.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://null88.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 21 May 2021 13:20:06 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://null88.com/
Content-Encoding
gzip
728x90
static.a-ads.com/a-ads-banners/116326/ Frame E0A0
46 KB
46 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/116326/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1331413?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1056ffa10b231310cc322a456a9be9de5d0d52c2fb0982c71f8aabdb9242bf89

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 13:20:06 GMT
Last-Modified
Wed, 08 Apr 2020 19:37:58 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
27CDC9B937884B1B
ETag
"4a8bdf5e9cb0308423c0d0f055b7064d"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
46934
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
1MZp97rkQ00bzlhE9Db9XhB7EHlthNJ5
x-amz-id-2
peVT+//O7hZUdc/9udfvNN09QyhjhyFoZgQsYVVxwLSyS6iTH8sx0RCINzS2LxOjgjQegq4b6Uw=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-7952463575870072&su=mrhacker.co&doc=complete&pg_h=9724&pg_w=1600&pg_hs=9724&c=3&aa_c=0&av_h=200&av_w=1021.359&av_a=204271.875&s=877&all_s=877&b=6209&all_b=6209&d=0.062&all_d=0.062&ard=0.039&all_ard=0.039&dt=d
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 May 2021 13:20:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
thehacker.co
URL
https://thehacker.co/banner/aads_300x250.html
Domain
thehacker.co
URL
https://thehacker.co/banner/aads_300x250.html
Domain
thehacker.co
URL
https://thehacker.co/banner/aads_320x50.html
Domain
thehacker.co
URL
https://thehacker.co/banner/aads_728x90.html
Domain
thehacker.co
URL
https://thehacker.co/banner/aads_320x50.html
Domain
thehacker.co
URL
https://thehacker.co/banner/aads_728x90.html
Domain
thehacker.co
URL
https://thehacker.co/banner/aads_300x250.html

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| et_site_url string| et_post_id function| et_core_page_resource_fallback undefined| $ function| jQuery function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| google_lpabyc object| __twttrll object| twttr object| __twttr object| google_tag_manager string| disqus_shortname string| disqus_title string| disqus_url string| disqus_identifier object| google_tag_data string| GoogleAnalyticsObject function| ga object| addComment function| ResizeSensor object| monarchSettings object| NiceScroll object| jQuery112408050919388576121 function| retinajs function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| _abort function| _error function| _start function| _process_inline function| _process_image function| _show function| _format_title function| _process_title function| _set_navigation function| _finish function| _preload_next function| _preload_prev function| _preload_image function| _draw function| _get_viewport function| _get_zoom_to function| _get_obj_pos function| _get_zoom_from function| _animate_loading undefined| fb_timeout object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto object| boxzilla_options object| Boxzilla function| disqus_config object| DISQUS function| addEvent object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| disqus_recommendations_config object| DISQUS_RECOMMENDATIONS boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16216031991226 object| vglnk undefined| vglnk_16216031997187 undefined| vglnk_16216031999499 function| BezierClass number| a object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
console-api log URL: https://mrhacker.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
abs-0.twimg.com
accounts.google.com
ad.a-ads.com
adservice.google.com
adservice.google.de
adsxyz.com
apis.google.com
c.disquscdn.com
cdn.syndication.twimg.com
cdn.viglink.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
disqus.com
ejp.rlcdn.com
fonts.googleapis.com
fonts.gstatic.com
glitter.services.disqus.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
io.narrative.io
links.services.disqus.com
live.rezync.com
mrhacker.co
mrhackerco.disqus.com
netdna.bootstrapcdn.com
null88.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
platform.twitter.com
referrer.disqus.com
secure.gravatar.com
ssl.gstatic.com
static.a-ads.com
syndication.twitter.com
tempest.services.disqus.com
thehacker.co
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
thehacker.co
104.244.42.200
104.244.43.131
13.32.25.30
151.101.0.134
151.101.112.64
151.101.14.49
172.217.18.98
172.217.23.98
185.33.221.53
193.0.160.128
199.232.196.134
2600:9000:211e:ae00:6:8656:f5c0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:3030::ac43:90aa
2606:4700:3032::ac43:9332
2606:4700:3036::ac43:c75c
2606:4700::6810:125e
2606:4700::6810:a40d
2606:4700::6812:bcf
2a00:1450:4001:801::200a
2a00:1450:4001:802::200e
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:828::200d
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a02:2638:1::13
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
35.244.174.68
54.170.163.171
85.10.201.130
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d
008486e16a9d59747c3d9fb4a395d3294ad33a0de83224207f6f743c6dfd54e7
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
090b57d2ba8067994e94dadb6fea5c934c4bd4c38f516c9e7fc29dd8387d5d88
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
0eea965a55fc297d75f2fdef62dd870c90e0e7446cb21d90c95c8f38869a07bd
0fe5e6637bcd2b45a416c7ee538f31244be004fca119a5313c0853ece7ca9e5c
1056ffa10b231310cc322a456a9be9de5d0d52c2fb0982c71f8aabdb9242bf89
15faa1474d3b7960386ebb250853bb66826a113ed0355cd62c292b7172d19d5c
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
212e1c98ec4ce2591c8a5f28bb4cb861bcddad6d35fde87415aff0cb36f6c583
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
23447fb0d238c3cd29ee8eae3e95bcf257f7206216902e063c38f9392729446f
23da523a0ffff334fe2ed33b683579bc44b55c457ab79e4934a1873c7e5e0541
258b127e4eb9e53b133dfb338b4427092f9bbb3a7168a225201fd701c753dc14
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
263627ec362c25037d69022de008fad33cf85ec7267604a5ae5c8e6fe4ad9e38
27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774
2a89cc296752a1ce335a801d1bfdcea7c48247dc0e9045e14026939d6d649032
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d15415d269f3fd6995b8b17d82c24bb2697d506ab170e5cb703a3ade43b189c
2e84aaf06139c7610a7c716bb9fd310dea3e427aa77c678719f34b8d14d569ef
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758
2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d
3148d6f31758ea6c9a845310897e70f05595108097759f6992cb416021a93a6e
33d9c56f2b1408711b9b963963790177ac4e7c38a5ecf0e3c12f558c676e294b
35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
399f4c281a2defa4e1b77f494f9af7d72813dbd69376f480dde8a1ae6ecc6a67
3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa
3e469f62fcee473e6b944a3c83d212c10e8cf481f42748587121061f561a8d00
3fa4708138b3bf07311428cc3e0fd918d3db13e4e1c923927f25f1260b98024c
45a87095cd83714673208e7b8b1aafdadfa4ef4898044dea56135d9faba6aa64
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
47c092a55edafc4fc6e61f4160240336a168508c6002ed14f61572dda08f4ca4
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b06f137b58e9c4a6c99203d89bdd07b5f038a5c4e3111ef37aca9737a73e87c
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
4d02459457d4bd5904269232670f101bbe71b002ab7ff705fdc3b81628376c53
4e6a70928f3b57e1834c37870126c0c40eeab951a310ea057dc987d6f71247bb
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
51efcb98223b7a4f4e1553657b36fd2322014e2c60e3e015c8b8221f8622b31a
52415b65b808c23ba1578c46b4b397fdaa4f979c8ae04dc1bd2b9cd96d4230fb
59e054acacbce0cfc6b7329639eb4ad898676b507b93a2b8a843ec7b5bd61202
5ea079e618336d0992da0cdc0497b4a697215879d7a207697080c90225acce15
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69a6db247b1ef20d66a372d955df476bdf1942d6731e4edd5fc4a51663b276d1
6a76f4bba8f5f4895c3aa44d243a16e8b3ae0d9b53a2cefa06b10480c5df6575
6d5adcbf950fefdb94dc0bc4becc0c6204a6fec560adb3665b803b2124c9476e
6d69c9489b46e8d8ef12d84e296f9cf210782ddcfcd81d48834b7e847c5ca8de
6f7eca3f99ce39f0220940a4eeae70037446bd11337e6f2bf3ec0e108a92e882
70dfcd6c13453caef5a19f4e202e078bd898ad5207201c635962873a749f1d31
7205183b49f075b10dae46f88fb41a28670fe4c0a746ed2ca60c0c3b7819cde9
722120b3a4b0aa8f8c03765a247157fe356f12e1899bbc2acb3362485b0935bc
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
7519e61aea4f2c775a819496a69370040c9fdbf229fd19e5be139e79be481a23
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
7b5a69f728a7160605b396d9e4411856db9e4d9bbcd4b830cd946da9aee455af
7e2377067504553946e798b718389582701636c22404c882d363c4d1468cd662
80c55181d1ba4131913f39eef192443f4b069f85fb92a0e0d20115f9306911c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a533b2f001d4d30d190e2cbf285dc6ca675eb533976ac5f22f165ba24fce6bc
8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc
8ba2cea0dfdf4ca120822280b0a8c53179eb36cce15b9a17069bda2e3d82cdd3
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8ff3c131212b8c54e4fef81437dd815acba30e979a4e811a5a1174250e548bcb
90758ffccd0b37b56cb20b2edc437a57ffccb585ff72800febcf00bb4d498c6a
926cb0eb3abf09a081ba1960a7e54f9f47da5561d50b17a967d95db2c8022e47
92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
96b98029e7f5f6da84f1a964d9ba759af3a7f6c94c5459807f37aee40f1230d5
978c66cb935cca183ddebe17950e90ed219c6f1b30f90de271fa40a722bc62b6
99459a8b9fe5d6be694668cbda2837bf588d4d5ca6b4c066b68bbf5ba85a3814
9a0dbaa875550446e24f258eb684cce8bb6a0ee8ed88d857c5d3aecadef479ca
9d511d7e2069be02e6fa21b47e92a0c0c903f9dc5acc2a8c6ff841f1cbd39715
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9f039f992afd10a0f6f68802b13f82ce6d453d50b9295e8c63ea3d4f60b4da35
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a12ca33d8d830307063bfa9ac879b3c785ab08c34aae754a6c900de2337b241c
a2d1cd847d14b321ef7202052128ad6491b05518a2830abc0f0927f9f81a0ee8
a3395d12bcb27e81ca17efb2159f55937492bceafea7713ca61534f340d6f202
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68091c3a89ef3d42bdf172776721fade92cbc1bf09821205f1a2370a3f7c3a9
a7733d7cdf5627664c2672c9101d56d3c6e7f5351fe10353a25dea90eb3fd2ca
a7d14b983e535139708c6526fcd9c46fb986f2a9e77fba33da4b811bab6dac9a
a81b39817e5ed4efd3571edbe7f33ff1d4e88fd958d7067c7be05d0c0d1e861f
a94135d4a9ed7fa3af64af87091a356f4f629d359a7e0ee08ad0aa379d5ed1c2
a964efeb641d284f29a57b510bffea162f63e301cd3914273f8623c0dcf48909
aaa36800c0f3ebbd7c4a5a3900810e695d613220dcf5e4673acc3e82161e44c6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc146648ca4f22a5e4083944c3eb3962982ac57cb5043ee75b78edaa987d1ff
ad403881e498103baa495e0fd5d746b99d91472e739365cee316eb759a51604a
af41dbc4e562110814632b039b6441559294bda49ba486114c264b9cdc2ac937
b1063c4327c4d67eed0961d9dfc41d607c90321cb696e505cddcd9d717253811
b264ca556a09a341d7d8c2ee64e63e0003b32c24ff4ce2b64c202e5b6ab140f7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be2f847a9ed9057023a6d05f276f8074b76c95064a7220bacd8195eb7df7896f
c050671286ff22d29215d2ecf081a85337b164bdc007e6d342b47f39ef11a339
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5b8a61b7114f9131b2c26131527d5ea955e8fc57c3989b92f7ab781473db139
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6737086b7d5121d9b73988c310046850799d3a354fe2d78fd64d797a417d011
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c9786046b4ef00eb2e915fe8504b786887370bcb0eb7540d1ac16b059fdef531
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cc28c1cae7fbe099cd302bbd11f2a3d569f6bde24d976bce9ed9d4ce08c203bb
cd3da7289c7060c9c0d7fc2b4417c039e7afa7121fa13db83a87f38b1a29dd10
ce609a18ff66b8f8d0318be227f176f99e3de7ee383253b1b4e9a1caa230afac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14249854f89bfc3d438d887833ac7ec8f86f7070a683454e325d3b54810ce11
d2487430c6774a4281f18f4b59a3e3211be1e62fbc717721bea809cb5e3ffb97
d309618347368b498f6cd50c4110fbaaafafed5ba9fd992ff1bbcf45df8a0b2d
d6e20a756f3c205262dc72d4a953e95141a1693e1ddff84fabf75231f20ae756
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
db1b8da1dada254a423ac3fb0b3bf4b0dd8ffd3b6aad429bdc5aef431d3de557
db75b790206a2694094f8cae3da3176a7086f929e4f41c3fafe6e07490dc4a87
dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
e0cdcd18df62db5dab7fc26e2f03e5835191e4015f30c7b27783c49c9023273e
e17aed066a99a815c82333c38bb33ba964de839312eb1d57254a49af64557732
e266ee79702331906d5cf3925aca935801736d96f27d5226b008f24ba87009e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a8655a1977de85a130a0abd6c324374663a8420bb69f7a965e3e58ccbe3d0e
eb9315f962903cb24ab239dcdae975290ddcf3a6c74292bfc2ac207a91a7cd5b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd0e00c83c57326a376b8037ffddc324a5fbaae13461d9260b96efa69265d42
eff375bcaf5be11fa1dc1a790adf44eaebb863577195fc88707ae50ed9da26c3
f061c6836f4de43ab0b492cce4b4a22af4ea18b03c195343cbb447ebb2b167f7
f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f3e57f67a280ceb0579775cfca1f5e4575c008e2fa0975db6d3c55da1f86aaae
f493c9cdcc3bd4b86124a98a6da5f57a04d38a46fc748116bb744064b001532b
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143
f86b01a41a36b02b05e17d936f4d3aedb0752211d5fbfe1f9c054f0f1965fa71
fa490f8b07896cc8eccac441b9fdfe2cb353a61b72e9866a01729d75bf4bed12
fb81d4108d1a485047b260bd9736c2c8ef105b1f56ead03c7d7f2a8811b3a6bc
fbd48e204da7cd0b22bde95b2df2b86c87f0f7cfc2e669e6a3567f2abb7d2ace
fe806972ff7a354edfe5482663f51a336ed6d9fc28231c8ac84742f8ce036a53
ffa907d826f82968612e5a325704a5cc38330a791049b23da9725a6609e22538