book.hacktricks.xyz Open in urlscan Pro
172.64.147.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://book.hacktricks.xyz/windows-hardening/av-bypass/
Effective URL:
https://book.hacktricks.xyz/windows-hardening/av-bypass
Submission: On December 06 via api (December 6th 2024, 8:21:10 am UTC) from NL — Scanned from NL

Summary HTTP 155 Redirects Links 76 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 155 HTTP transactions. The main IP is 172.64.147.209, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is book.hacktricks.xyz. The Cisco Umbrella rank of the primary domain is 843296.
TLS certificate: Issued by WE1 on October 19th 2024. Valid for: 3 months.

This is the only time book.hacktricks.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 128	172.64.147.209 172.64.147.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:264... 2600:9000:2644:ae00:1e:5c56:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
4	172.64.146.167 172.64.146.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:249... 2600:9000:2490:7200:e:e47a:54c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
9	2600:9000:249... 2600:9000:2490:ce00:e:e47a:54c0:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
155	10

128 172.64.147.209 (San Francisco, United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

book.hacktricks.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
129538173-files.gitbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2783428383-files.gitbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:ae00:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.146.167 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

integrations.gitbook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.gitbook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.gitbook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:7200:e:e47a:54c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.iframe.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2490:ce00:e:e47a:54c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.iframe.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
123	hacktricks.xyz 5 redirects book.hacktricks.xyz — Cisco Umbrella Rank: 843296	6 MB
13	fontawesome.com ka-p.fontawesome.com — Cisco Umbrella Rank: 3310	6 KB
10	iframe.ly cdn.iframe.ly — Cisco Umbrella Rank: 28942	8 KB
5	gitbook.io 129538173-files.gitbook.io 2783428383-files.gitbook.io	1 MB
4	gitbook.com integrations.gitbook.com — Cisco Umbrella Rank: 187027 app.gitbook.com — Cisco Umbrella Rank: 97037 api.gitbook.com — Cisco Umbrella Rank: 86259	7 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 12293	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	557 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4108
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	109 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 6429	2 KB
155	10

	Domain	Requested by
123	book.hacktricks.xyz	5 redirects book.hacktricks.xyz
13	ka-p.fontawesome.com	book.hacktricks.xyz
10	cdn.iframe.ly	book.hacktricks.xyz
4	129538173-files.gitbook.io	book.hacktricks.xyz
2	api.gitbook.com	book.hacktricks.xyz
1	2783428383-files.gitbook.io
1	app.gitbook.com	book.hacktricks.xyz
1	www.google.nl	book.hacktricks.xyz
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	integrations.gitbook.com
1	integrations.gitbook.com	book.hacktricks.xyz
1	static.wixstatic.com	book.hacktricks.xyz
155	13

This site contains links to these domains. Also see Links.

Domain
training.hacktricks.xyz
twitter.com
www.linkedin.com
github.com
cloud.hacktricks.xyz
hacking-printers.net
www.gitbook.com
srv.buysellads.com
discord.gg
t.me
www.stmcyber.com
www.youtube.com
youtu.be
discord.com
antiscan.me
www.twitch.tv
en.wikipedia.org
gist.github.com
rastamouse.me
www.llvm.org
securityintelligence.com
avred.r00ted.ch
www.uvnc.com
i.imgur.com
astr0baby.wordpress.com
www.blackhat.com
www.labofapenetrationtester.com
niiconsulting.com
policies.gitbook.com

Subject Issuer	Validity	Valid
book.hacktricks.xyz WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
*.wixstatic.com R10	`2024-11-14` - `2025-02-12`	3 months	crt.sh
gitbook.com WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh
*.iframe.ly Amazon RSA 2048 M03	`2024-09-23` - `2025-10-22`	a year	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.nl WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
gitbook.io WE1	`2024-12-04` - `2025-03-04`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://book.hacktricks.xyz/windows-hardening/av-bypass
Frame ID: 692B156B652CAE66C2C9086F577F72F4
Requests: 145 HTTP requests in this frame

Frame: https://cdn.iframe.ly/6vtHQHG
Frame ID: 9BA399498FD065A56DB2BE11B1413223
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/4vQfee1
Frame ID: 5BF3E223CA886FBA5276EA1193F9DE76
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/21WBdCD?app=1
Frame ID: 484722ABB7750ED03C0DDB1DFA1C966F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/6vtHQHG
Frame ID: DA25DF1F4F99AC6D7BD5C35658FE183B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/4vQfee1
Frame ID: 70995195D7916A4A24A2602AE395314A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/21WBdCD?app=1
Frame ID: 8FE46C3E1B81F357870D5372F51610E7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/6vtHQHG
Frame ID: 10F6799A3563277E9208D0B457F06A98
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/4vQfee1
Frame ID: D269C9DCF3660B5DB2EB319F5C1AB5B2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/21WBdCD?app=1
Frame ID: 83821DC4EDDF33A7E1A85DA547AE8D0D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Antivirus (AV) Bypass | HackTricks

Page URL History Show full URLs

http://book.hacktricks.xyz/windows-hardening/av-bypass/ HTTP 307
https://book.hacktricks.xyz/windows-hardening/av-bypass/ HTTP 308
https://book.hacktricks.xyz/windows-hardening/av-bypass Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

155
Requests

97 %
HTTPS

80 %
IPv6

10
Domains

13
Subdomains

10
IPs

3
Countries

8091 kB
Transfer

13274 kB
Size

8
Cookies

76 Outgoing links

These are links going to different origins than the main page.

URL: https://training.hacktricks.xyz/courses/arte
Title: HackTricks Training

Search URL Search Domain Scan URL

URL: https://twitter.com/hacktricks_live
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hacktricks
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://github.com/sponsors/carlospolop
Title: Sponsor

Search URL Search Domain Scan URL

URL: https://cloud.hacktricks.xyz/pentesting-cloud/azure-security/az-lateral-movements
Title: Pivoting to the Cloud

Search URL Search Domain Scan URL

URL: http://hacking-printers.net/wiki/index.php/Main_Page
Title: Pentesting Printers

Search URL Search Domain Scan URL

URL: https://cloud.hacktricks.xyz/pentesting-cloud/kubernetes-security
Title: Pentesting Kubernetes

Search URL Search Domain Scan URL

URL: https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology
Title: Pentesting Cloud (AWS, GCP, Az...)

Search URL Search Domain Scan URL

URL: https://cloud.hacktricks.xyz/pentesting-ci-cd/pentesting-ci-cd-methodology
Title: Pentesting CI/CD (Github, Jenkins, Terraform...)

Search URL Search Domain Scan URL

URL: https://www.gitbook.com/?utm_source=content&utm_medium=trademark&utm_campaign=-L_2uGJGU7AVNRcqRvEi
Title: Powered by GitBook

Search URL Search Domain Scan URL

URL: https://github.com/HackTricks-wiki/hacktricks/blob/master/windows-hardening/av-bypass.md
Title: Edit on GitHub

Search URL Search Domain Scan URL

URL: https://srv.buysellads.com/ads/click/x/GTND427ICKBDPKJICEYLYKQUCKBDTK3NCVSIVZ3JCA7IC53MCEADC2JKC6BI627YCEYI45QJFTBI653UCEAD553NHEYI5K7ICESI6K3ECTNCYBZ52K
Title: Frontend Masters – Master Web Development Skills with Expert-Led Courses!

Search URL Search Domain Scan URL

URL: https://www.gitbook.com/?utm_source=content&utm_medium=sponsored-by-gitbook&utm_campaign=-L_2uGJGU7AVNRcqRvEi
Title: Sponsored via GitBook

Search URL Search Domain Scan URL

URL: https://training.hacktricks.xyz/courses/grte
Title: HackTricks Training GCP Red Team Expert (GRTE)

Search URL Search Domain Scan URL

URL: https://discord.gg/hRep4RUj7f
Title: Discord group

Search URL Search Domain Scan URL

URL: https://t.me/peass
Title: telegram group

Search URL Search Domain Scan URL

URL: https://github.com/carlospolop/hacktricks
Title: HackTricks

Search URL Search Domain Scan URL

URL: https://github.com/carlospolop/hacktricks-cloud
Title: HackTricks Cloud

Search URL Search Domain Scan URL

URL: https://www.stmcyber.com/careers
Title: Careers | stmcyber.com | penetration testingstmcyber.com

Search URL Search Domain Scan URL

URL: https://twitter.com/m2rc_p
Title: @m2rc_p

Search URL Search Domain Scan URL

URL: https://github.com/rasta-mouse/ThreatCheck
Title: ThreatCheck

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLj05gPj8rk_pkb12mDe4PgYZ5qPxhGKGf
Title: YouTube playlist

Search URL Search Domain Scan URL

URL: https://youtu.be/StSLxFbVz0M?t=1439
Title: https://youtu.be/StSLxFbVz0M?t=1439

Search URL Search Domain Scan URL

URL: https://twitter.com/mariuszbit
Title: @mgeeky

Search URL Search Domain Scan URL

URL: https://discord.com/servers/red-team-vx-community-1012733841229746240
Title: Red Team VX Discord

Search URL Search Domain Scan URL

URL: https://github.com/Cybereason/siofra
Title: Siofra

Search URL Search Domain Scan URL

URL: https://github.com/Flangvik/SharpDllProxy
Title: SharpDLLProxy

Search URL Search Domain Scan URL

URL: https://twitter.com/Flangvik/
Title: @flangvik

Search URL Search Domain Scan URL

URL: https://github.com/EgeBalci/sgn
Title: SGN

Search URL Search Domain Scan URL

URL: https://antiscan.me/
Title: antiscan.me

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/videos/1644171543
Title: S3cur3Th1sSh1t's twitch VOD

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=3eROsG_WNpE
Title: ippsec's video

Search URL Search Domain Scan URL

URL: https://github.com/optiv/Freeze
Title: Freeze

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Fileless_malware
Title: fileless malware

Search URL Search Domain Scan URL

URL: https://twitter.com/mattifestation
Title: Matt Graeber

Search URL Search Domain Scan URL

URL: https://gist.github.com/r00t-3xp10it/a0c6a368769eec3d3255d4814802b5db
Title: Github Gist

Search URL Search Domain Scan URL

URL: https://twitter.com/_RastaMouse/
Title: @RastaMouse

Search URL Search Domain Scan URL

URL: https://rastamouse.me/memory-patching-amsi-bypass/
Title: https://rastamouse.me/memory-patching-amsi-bypass/

Search URL Search Domain Scan URL

URL: https://github.com/S3cur3Th1sSh1t/Amsi-Bypass-Powershell
Title: this repo

Search URL Search Domain Scan URL

URL: https://github.com/h4wkst3r/InvisibilityCloak
Title: InvisibilityCloak

Search URL Search Domain Scan URL

URL: https://github.com/obfuscator-llvm/obfuscator
Title: Obfuscator-LLVM

Search URL Search Domain Scan URL

URL: http://www.llvm.org/
Title: LLVM

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Obfuscation_(software)
Title: code obfuscation

Search URL Search Domain Scan URL

URL: https://github.com/andrivet/ADVobfuscator
Title: ADVobfuscator

Search URL Search Domain Scan URL

URL: https://github.com/fritzone/obfy
Title: obfy

Search URL Search Domain Scan URL

URL: https://github.com/weak1337/Alcatraz
Title: Alcatraz

Search URL Search Domain Scan URL

URL: https://github.com/a0rtega/metame
Title: metame

Search URL Search Domain Scan URL

URL: https://github.com/ropfuscator/ropfuscator
Title: ropfuscator

Search URL Search Domain Scan URL

URL: https://github.com/icyguider/nimcrypt
Title: Nimcrypt

Search URL Search Domain Scan URL

URL: https://github.com/klezVirus/inceptor
Title: inceptor

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/NTFS#Alternate_data_stream_(ADS)
Title: NTFS Alternate Data Stream

Search URL Search Domain Scan URL

URL: https://github.com/mgeeky/PackMyPayload/
Title: PackMyPayload

Search URL Search Domain Scan URL

URL: https://securityintelligence.com/posts/net-execution-inlineexecute-assembly/
Title: https://securityintelligence.com/posts/net-execution-inlineexecute-assembly/

Search URL Search Domain Scan URL

URL: https://github.com/xforcered/InlineExecute-Assembly
Title: https://github.com/xforcered/InlineExecute-Assembly

Search URL Search Domain Scan URL

URL: https://github.com/S3cur3Th1sSh1t/Invoke-SharpLoader
Title: Invoke-SharpLoader

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=oe11Q-3Akuk
Title: S3cur3th1sSh1t's video

Search URL Search Domain Scan URL

URL: https://github.com/deeexcee-io/LOI-Bins
Title: https://github.com/deeexcee-io/LOI-Bins

Search URL Search Domain Scan URL

URL: https://twitter.com/DaniLJ94
Title: @ATTL4S

Search URL Search Domain Scan URL

URL: https://github.com/dobin/avred
Title: avred

Search URL Search Domain Scan URL

URL: https://avred.r00ted.ch/
Title: https://avred.r00ted.ch/

Search URL Search Domain Scan URL

URL: http://www.uvnc.com/downloads/ultravnc.html
Title: http://www.uvnc.com/downloads/ultravnc.html

Search URL Search Domain Scan URL

URL: https://i.imgur.com/1SROTTl.png
Title: popup

Search URL Search Domain Scan URL

URL: https://i.imgur.com/rfMQWcf.png
Title: the config window

Search URL Search Domain Scan URL

URL: https://i.imgur.com/oc18wcu.png
Title: popup

Search URL Search Domain Scan URL

URL: https://github.com/GreatSCT/GreatSCT
Title: https://github.com/GreatSCT/GreatSCT

Search URL Search Domain Scan URL

URL: https://gist.github.com/BankSecurity/812060a13e57c815abe21ef04857b066
Title: REV.txt: https://gist.github.com/BankSecurity/812060a13e57c815abe21ef04857b066

Search URL Search Domain Scan URL

URL: https://gist.github.com/BankSecurity/f646cb07f2708b2b3eabea21e05a2639
Title: REV.shell: https://gist.github.com/BankSecurity/f646cb07f2708b2b3eabea21e05a2639

Search URL Search Domain Scan URL

URL: https://github.com/NotPrab/.NET-Obfuscator
Title: https://github.com/NotPrab/.NET-Obfuscator

Search URL Search Domain Scan URL

URL: https://github.com/paranoidninja/ScriptDotSh-MalwareDevelopment/blob/master/prometheus.cpp
Title: https://github.com/paranoidninja/ScriptDotSh-MalwareDevelopment/blob/master/prometheus.cpp

Search URL Search Domain Scan URL

URL: https://astr0baby.wordpress.com/2013/10/17/customizing-custom-meterpreter-loader/
Title: https://astr0baby.wordpress.com/2013/10/17/customizing-custom-meterpreter-loader/

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/docs/us-16/materials/us-16-Mittal-AMSI-How-Windows-10-Plans-To-Stop-Script-Based-Attacks-And-How-Well-It-Does-It.pdf
Title: https://www.blackhat.com/docs/us-16/materials/us-16-Mittal-AMSI-How-Windows-10-Plans-To-Stop-Script-Based-Attacks-And-How-Well-It-Does-It.pdf

Search URL Search Domain Scan URL

URL: http://www.labofapenetrationtester.com/2016/05/practical-use-of-javascript-and-com-for-pentesting.html
Title: http://www.labofapenetrationtester.com/2016/05/practical-use-of-javascript-and-com-for-pentesting.html

Search URL Search Domain Scan URL

URL: http://niiconsulting.com/checkmate/2018/06/bypassing-detection-for-a-reverse-meterpreter-shell/
Title: http://niiconsulting.com/checkmate/2018/06/bypassing-detection-for-a-reverse-meterpreter-shell/

Search URL Search Domain Scan URL

URL: https://github.com/cocomelonc/peekaboo
Title: https://github.com/cocomelonc/peekaboo

Search URL Search Domain Scan URL

URL: https://github.com/persianhydra/Xeexe-TopAntivirusEvasion
Title: https://github.com/persianhydra/Xeexe-TopAntivirusEvasion

Search URL Search Domain Scan URL

URL: https://policies.gitbook.com/privacy-and-security/statement/cookies
Title: privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://book.hacktricks.xyz/windows-hardening/av-bypass/ HTTP 307
https://book.hacktricks.xyz/windows-hardening/av-bypass/ HTTP 308
https://book.hacktricks.xyz/windows-hardening/av-bypass Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FXywFIidnKNlXurK0JkTw%252Fdll_sideloading_demo.gif%3Falt%3Dmedia%26token%3D51f829f3-2c76-48ff-baa0-8e9cda28d7e2&width=768&dpr=1&quality=100&sign=a5bb8a23&sv=2 HTTP 302
https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FXywFIidnKNlXurK0JkTw%2Fdll_sideloading_demo.gif?alt=media&token=51f829f3-2c76-48ff-baa0-8e9cda28d7e2

Request Chain 44

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FogNqFSNmZ066yHq7hgvQ%252Ffreeze_demo_hacktricks.gif%3Falt%3Dmedia%26token%3D14182ec0-ed87-4541-ad23-3f71d7f821f3&width=768&dpr=1&quality=100&sign=2362ab5f&sv=2 HTTP 302
https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FogNqFSNmZ066yHq7hgvQ%2Ffreeze_demo_hacktricks.gif?alt=media&token=14182ec0-ed87-4541-ad23-3f71d7f821f3

Request Chain 95

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FXywFIidnKNlXurK0JkTw%252Fdll_sideloading_demo.gif%3Falt%3Dmedia%26token%3D51f829f3-2c76-48ff-baa0-8e9cda28d7e2&width=768&dpr=4&quality=100&sign=a5bb8a23&sv=2 HTTP 302
https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FXywFIidnKNlXurK0JkTw%2Fdll_sideloading_demo.gif?alt=media&token=51f829f3-2c76-48ff-baa0-8e9cda28d7e2

Request Chain 97

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FogNqFSNmZ066yHq7hgvQ%252Ffreeze_demo_hacktricks.gif%3Falt%3Dmedia%26token%3D14182ec0-ed87-4541-ad23-3f71d7f821f3&width=768&dpr=4&quality=100&sign=2362ab5f&sv=2 HTTP 302
https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FogNqFSNmZ066yHq7hgvQ%2Ffreeze_demo_hacktricks.gif?alt=media&token=14182ec0-ed87-4541-ad23-3f71d7f821f3

155 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request av-bypass Show response
book.hacktricks.xyz/windows-hardening/
Redirect Chain

http://book.hacktricks.xyz/windows-hardening/av-bypass/
https://book.hacktricks.xyz/windows-hardening/av-bypass/
https://book.hacktricks.xyz/windows-hardening/av-bypass

3 MB
174 KB

52ms
52ms

Document
text/html

172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b24a7e0e2fd1795284365672d0c35049ceeee516476978d8c688aeb3d2fe634

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-ODg0Y2Y2NGQtMTg4Yi00NGY0LTk1MDUtNDI3YzhjM2EzYzQ0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 49529
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
cf-cache-status: HIT
cf-placement: remote-SJC
cf-ray: 8edadc407a5966db-AMS
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'nonce-ODg0Y2Y2NGQtMTg4Yi00NGY0LTk1MDUtNDI3YzhjM2EzYzQ0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
content-type: text/html; charset=utf-8
date: Fri, 06 Dec 2024 08:21:04 GMT
last-modified: Thu, 05 Dec 2024 18:35:35 GMT
link: </>; rel=preconnect; crossorigin=""
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cFMa30VfMipeY5TxtghE1qam8Ek9K16MhxqZTWJoOnH45c3ei77SMl%2Bj%2B%2BB4pepdF9ADapiXq0UOrCNwck%2FXNyKl%2BaeeNvWeLZKVhk0lD1Xg44miTXIVcd0fN0Oqbvd3cEOaXryvcjPwclr2UhR%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-content-type-options: nosniff
x-edge-runtime: 1
x-gitbook-cache: hit
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
x-gitbook-version: 1005ee5
x-matched-path: /[[...pathname]]

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-placement: remote-SJC
cf-ray: 8edadc3f185d66db-AMS
content-length: 0
date: Fri, 06 Dec 2024 08:21:04 GMT
location: /windows-hardening/av-bypass
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bI9x7IT5mbR702BqzsaNhlEEnGH9DKHiWoKGzgUJh3UNToBK29WyF9g%2BLYsp25SasEJWgXmNpiztOPgMXH5OotErhtibI8RePZ0oy9Y6Rb1WiR8vTWfl99lu3kPgSSPvVtgpRe327wcmZz4EJ7AN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding
x-gitbook-cache: skip

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 2 KB
3 KB 145ms
144ms Image
image/avif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F2783428383-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fcollections%252FmuMguNrsRx2mNyNqEox4%252Ficon%252F1qCJ0VIDlWcvGSecYCDq%252Ffondo.png%3Falt%3Dmedia%26token%3D1e721267-450f-43f3-861b-6c4f93278e93&width=32&dpr=1&quality=100&sign=22d8bc3f&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55d3a1993be29f12cba95dcf42d9715efd32b022afcb9e8a42a24cf87e7f038c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cf6hrV0-Wz1IJC5daKjOedh3PKU6gqPBQBxcJz1GjfDQ:0dfdca69fb6688292d64ea565ef4750a"
age: 79056
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=60+15 c=0+15 v=2024.10.6 l=2364 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxM0sCv9L7ZBRgJTOo587X2Ect4ZDqByZa8oHp7iDI2UYY%2BjpExdA4GB1Lc5ZimBB%2B2qcd35KgEvGpZhfeH6m9H4SzrtH2iyxr6fDdjPgN%2BwIeDh1%2B4K7ftcocMfyzLzg41SJDwYXWdefkH1DsG7"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: image/avif
last-modified: Tue, 30 May 2023 19:34:17 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc40daa866db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2364
server: cloudflare

GET
H2 200 3143c3_922aaf9c0eca4b53aa244344583c598f%7Emv2.png
static.wixstatic.com/media/3143c3_922aaf9c0eca4b53aa244344583c598f%7Emv2.png/v1/fill/w_32%2Ch_32%2Clg_1%2Cusm_0.66_1.00_0.01/ 2 KB
2 KB 75ms
21ms Image
image/png 2600:9000:2644:ae00:1e:5c56:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/3143c3_922aaf9c0eca4b53aa244344583c598f%7Emv2.png/v1/fill/w_32%2Ch_32%2Clg_1%2Cusm_0.66_1.00_0.01/3143c3_922aaf9c0eca4b53aa244344583c598f%7Emv2.png
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:ae00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.25.3.2 /
Resource Hash: 33274ab10484f765d37aa20e0b2351b078da4e1d4b20c03955b21f2224ed1598

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-amz-cf-id: w7q5AvmYAOCu5YTAN8ATbQHi7eJBw3XZ8eKkYP1VoMc0li9YC1GP4Q==
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
age: 3778858
via: 1.1 google, 1.1 41f78d12a2f737c8e7f8a05cb4262794.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-seen-by: image-manipulator-5f67fb55d4-tvfsc
content-length: 1744
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 14:40:06 GMT
content-type: image/png
x-cache: Hit from cloudfront
server: openresty/1.25.3.2
x-amz-cf-pop: FRA60-P6
wix-tracer: 2nqIv5jXUnvJpovhM3a7fABrswh

GET
H3 200 27629c7e89370ccb.css
book.hacktricks.xyz/_next/static/css/ 83 KB
6 KB 197ms
196ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/css/27629c7e89370ccb.css

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d4dd2307427b2c3627961d1c2c8ee40de95df9330be03b0c1bbe1d0c23079bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"0d749bc10adf52a6386164076f049187"
age: 69073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4aakYeDW%2B0f%2BaQLk2lCuTH7EwTq%2BFdgZ6fMGx8zOQJ7YevkQKtqdS3kCm4Ll3zBOGqAJLEQSmfKrmRC5luzDpHvMAgrEFVbNrE%2Fm3CTqt7zLRVox4w4GkfMRQzo9FD8fg71cHWZ7ebVwpxYy3Ko4"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40daa966db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 99f50cfb598d2941.css
book.hacktricks.xyz/_next/static/css/ 6 KB
2 KB 199ms
198ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/css/99f50cfb598d2941.css

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

292339afa6df803ce7fc3215663b3c22e250c3ee07a8ba221a3f250d66f3c729

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1def430ea4a9c808cbdb7d7970875196"
age: 107200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4Iy4aQyDUI8vXIeJCLM8u1o8M1XGQCx7V9pYgO2Pze3iIbx%2B0J7KOKwpT%2F0O%2F29irhEzVZBZfbRXfRKGFDmEi2l2txpy67oBVp22VMikWPrA4%2Fh7DUyJ5Mr28BxYuii9S2%2BZd95Px52f%2FRX%2BzrG"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40daaa66db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 d42d805b938873da.css
book.hacktricks.xyz/_next/static/css/ 2 KB
1 KB 199ms
198ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/css/d42d805b938873da.css

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0923585726b1c442b4eea4c6d413f96228a31247249e7693aeea3cd08c6411e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1b85858f0c97b5c863bceb11a89dc36f"
age: 2572891
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3RSmlrbYtmbJFp35OoISXGfTHZA8fOX4YRWb4rwR8xBV6%2F7OItyG8xmJspoQaWCqztj0Z6ljuezLJGgPmup96aUGpI6QdEaStupoIWpZl%2FLuO0pHPUwoHhoh87V3brTQmndwqrGclWNOIq9nzI8P"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40daac66db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 a6ec6753cfef2c52.css
book.hacktricks.xyz/_next/static/css/ 106 KB
17 KB 201ms
200ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/css/a6ec6753cfef2c52.css

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d7ca962ff3fe3720a3f2f7693b7179b0d9d9d3f39d3cf21e37e89736f7b6d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c40cc5c1e05a51b472ca27ed90301072"
age: 43522
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a5etZcJj0lqynUyFZQxGZEMA%2Bt8XIB9h0jHYen%2B7mDtet0k9Qfa38zQW3h1PruG0678FPMczknIx4WMLR8VFdCzanjfVKl7f5eQjmWD640C9eFzD9%2BLU43WsQebDIwbD1Rva8VmAC2EodQ6qyvIo"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40daae66db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 c311d6484335995a.css
book.hacktricks.xyz/_next/static/css/ 159 B
711 B 105ms
104ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/css/c311d6484335995a.css

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41f90d66e405853ca80d4d66f4bd8ea768a4a85b600ca29773c1c499b1e17933

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"364b2d277bf4a05a73929b8017a11307"
age: 2591920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ADO%2FtQ6XfL2egDBlmZ9rRC7ci7zplZAlR00FYE3JdRqY0H2A5xCcbitsufDJrwrQ%2F6xqrZSAgVQAUIQ7y4yaStl1hwAvbjGpud3Pehse9s9iF8rCM28YPdCdKps26lKV30yjCY%2FapiRrWx0tI8O"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40daaf66db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 5a687dea857dc6f5.css
book.hacktricks.xyz/_next/static/css/ 2 KB
1002 B 200ms
199ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/css/5a687dea857dc6f5.css

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5a21135eee7aaea6067c49dd95606e4d7cd18da50e4adcb9ba7f27f7be48f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"51931c9b075b881dade0ac96d5fdc570"
age: 4584761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wwo5n9WxNgbI7Uv0bYGqWjt17k4d1kza8fI4PCj9Vlpbj7NI1T2OcZz3wxN%2Bjis1msVm0w5PpNF9rz1fa1RwXUo%2BoR3H0AZoLXY%2Fg9hIW9YUKLPy7227TQ39a0hQlc8Lz9d47zeH%2FMKaeT212uA1"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40dab066db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 7235fa9d119901d4.css
book.hacktricks.xyz/_next/static/css/ 28 KB
4 KB 203ms
202ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/css/7235fa9d119901d4.css

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c39457c52d0c8e364b6e85f6216840479aafd3840f5e1ec9e3875c114ce095c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"89f645acca45bfd06368ab4f93bdf7e4"
age: 839554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=juy2R9P3Ta%2F0OgIhHpk9zLXmJ4qw7ohPkxK0MMKzwXg%2F5usMLMWtlJmDC6xw9nekHV6DvRFJOXLa2saVM8HSJzzAXoBr4I4lc%2FfuQfqZv%2B2h7VMBoRrxoKGlnaWXM8y2eY8dFkNKoCigGkqo3fk0"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40dab366db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 86d6274f3e6d760c.css
book.hacktricks.xyz/_next/static/css/ 78 KB
6 KB 105ms
104ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/css/86d6274f3e6d760c.css

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c780179fdc6281a24a03367341c70e2bd004f4f352299aea60d978ba6845253

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c600b2ab2b7f888009bb0ec7eb0b025e"
age: 4578780
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pelWeQypADMlhzlvckxm3kwdlXGlLWU2NI4mY1f48hs9MXdt5EEO1ZMFnAB%2B1RBOlBXF8SQShVVNByevVF6ks9C5xyDowxPYxbCHhDHgrSIAMo7rjDar9nyOCGRgnh6PyEQ1xPaXkMqVC0HRtJlf"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40dab566db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 a91fbeec63857000.css
book.hacktricks.xyz/_next/static/css/ 146 KB
22 KB 203ms
202ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/css/a91fbeec63857000.css

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f912415e84ceb5a06689f96705479e1392fdcaae7507419c25b4b22a81806184

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"9d7b44db765d0e096b46b9f2c6374673"
age: 1452198
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vPF%2FZIwsphtyV3P55q%2FMBybpLatirx51aL7QSAZD5Ys4IRc4yIunJGGhNEk1DzOI1GAjpjeNSCaPCmmPdQAUHYj%2BvzGN%2FlRiO%2BSch5vo23Kn22i70uDTVwMbHAN8YLOsO9bGTPJU6xEIZpXm5GfZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40dab866db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 2d0986519abf0323.css
book.hacktricks.xyz/_next/static/css/ 9 KB
3 KB 204ms
203ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/css/2d0986519abf0323.css

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4a811ea1b7f2b15e2cfcea0409a3f300e559d3098bd4ff19f82a971e5c74068

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"ce9ad59d0bea3c06f01c53ffe9d62600"
age: 107200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8QfjshIieumw9axh1UG8WsRlgKqI97YAth0XOoiex53bfaCSMyPIsfUujUjnaoaHJcWp%2Bzqm6DCeMZQ0cX%2FtyvnqKdmgDwlYsToK2wKTwSp2XyQUvMDcxo9FtHpNv2rLENnwQUwKmMWGUjPF0Jc1"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40dab966db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 0f891de5863d7182.css
book.hacktricks.xyz/_next/static/css/ 139 B
733 B 105ms
105ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/css/0f891de5863d7182.css

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a65540109ec1e413cd9314ca8e3d8828fc8ea866765c189664e4b95f78307cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1c37a7a1d40c67136443657ad9b33dc0"
age: 2602153
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IDftgybkPTjTuz5qLxISHlHb4Ap3oAqSRmnSjFLcUd5X00Qa1aEr4xR4jP1%2FZQIEnEeCb0HPZo%2B3Fk2rTcwCQN0E1oLcJVn%2Bvdneoh1BgO8%2BvXLMnwVC%2FDY6uqnN33oRVosjUXv4VG64SDb6SnV2"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40dabc66db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 webpack-21fb00c223e55731.js Show response
book.hacktricks.xyz/_next/static/chunks/ 5 KB
3 KB 176ms
176ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/webpack-21fb00c223e55731.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1182ef07bf26e7c978fed77a9afe16522fdec0f111df240648494d4075c21fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8f0b9a65859d6415ff932d6c84166e94"
age: 1452198
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rY%2Fw7ix2mOmjxvzE7fhnKCILPX6UgXesKRl2eKgJJyXsB2iQ8qopatPTZoyiIdCsPJfn%2BKjGislrTBp49OW0vqi339%2F7jKVjLDZh%2Byq2o2p5yhnGC%2FLnXw8qM6aA0edSl9YmGK7PEc0OCkvOX7w4"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40eac566db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 1dd3208c-b11c3db6cd7d86b2.js Show response
book.hacktricks.xyz/_next/static/chunks/ 169 KB
53 KB 157ms
156ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eada73c016775094674c94215fd8248667b11479eeff9c2634e9b903cfb28dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c2687f84dd0cc3a42d6863412a432659"
age: 111924
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6KLtqTd4EgulNve2KYwb2u97STsNJcXlxnX9%2FxrKQ2SCk9qtVbk1VVkNgy6XNYp66FPqyamlAZr5d98WX7l77%2FHpscy2Z2S4GFQesPv06jkg5IwVQq32H3pR28vBdlOTXgcxBZIWTj70NM3JS6iF"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40eac666db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 9978-293e379e3e1468f4.js Show response
book.hacktricks.xyz/_next/static/chunks/ 173 KB
48 KB 176ms
174ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6dafce9cdb0024fcb61013365544ac7e68dd9650f02a6a2c661b303cc980ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"208fb82e75b482c75f59c5477ee00990"
age: 107200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t7pDo1kLg9Yrk6MsGDfx0y%2BkzZQhRmYeESIDHx3gPDGLTyzdSDzu6LugG8AcPa8X7Fal29rGek1KGM%2Bjt3b5z35gZmvXmYa1%2BoqQOU1hjpvIMRhq9Y%2FUClOR6q1%2BXqH8pyWmek3VGhWPQRSk7xHD"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fac866db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 main-app-d2f90ea8bb63023f.js Show response
book.hacktricks.xyz/_next/static/chunks/ 978 B
1 KB 225ms
223ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/main-app-d2f90ea8bb63023f.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64891b51805db7030d5a2a4771cf459bfcbe89d694db4afa641dde6fb43dc9ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6ee29c4573386577560a0c18ed590078"
age: 59420
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JsAyDUVprsRSC9CchPcVz84vsOrPJwekBo2wIFX%2BbuJfmRr2thtFbaNgfJLZ5P1DVP8PDmHNBNIS9tpNsBYVUXHKu07yL08GYuSPGDONVofpQCp8jsgrFU8gPxxk0JA%2BIFLsGH13580FMnFKV4DY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fac966db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 global-error-19768e91f18f21d9.js Show response
book.hacktricks.xyz/_next/static/chunks/app/ 6 KB
3 KB 113ms
111ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/app/global-error-19768e91f18f21d9.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe489d4c9ac52d1c839a81e3d30ba5a571f3c19e6499194cb6a58ca88db74425

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"573bdd9339f452e843b110f535a8502f"
age: 3699401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nrOMmoiLmxzohJqLNyfOXv%2BVc1s7bj2vbAS0B%2FhlubdewV56YPkRa7CpyGbu3QiduttDueFEIWhx%2BJnteCcrzpmU2HrB%2Bod95nLjO0p6Nm5ZSaz33zBFf2XP53c8gj5WvxVQLInA9MTfI%2F67k92d"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40faca66db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 b5d5b83b-3d9186fb60556c53.js Show response
book.hacktricks.xyz/_next/static/chunks/ 72 KB
22 KB 169ms
167ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/b5d5b83b-3d9186fb60556c53.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0007dacb56b8759bd82e3b92c7f6bb666a62e03a1311330d4d0b710f62456d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6fd3d2bbbc533feddfdd0c9f4df8794a"
age: 3699401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2UtPxORemtjZcvS%2FbWrH%2FR0GBFm0LXw99G5cIT%2BIHwKQuZt03xKHWTLE5OGEZzk3G8rvKCoWCYrGDCw5nBjpXvqwSx4kKQFFibSXht6MIU0uVkriwcWlz1%2B1Ajzepn5fmwT73seCB%2B1lhfRV4jTE"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40facb66db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 7609-ae1015bd89577747.js Show response
book.hacktricks.xyz/_next/static/chunks/ 40 KB
14 KB 225ms
223ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/7609-ae1015bd89577747.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63c446f7cec55334ce70922d7cea869633b1f7011872ef52dc506477cf5ab93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"cc9d7879158d7806b7de7a7764aaa3ef"
age: 2943230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LDpt3wD6jQ4MpRuewtg0v%2FzoHB466SV8Ymwj9QdVHu0o7Yg0q4K%2F81alSHD7%2B%2Bnr6eAeOPmRwOGmL1bFkiBGGQO3Wnb1K%2FpvpRtuMSsoHRL0K6O4AM3d2KyPjv8T7hDnFE%2F5429KCFtllpaGM1L"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40facc66db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 1281-411df876b32e19c2.js Show response
book.hacktricks.xyz/_next/static/chunks/ 9 KB
4 KB 170ms
168ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/1281-411df876b32e19c2.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e86e1238beedf433b5bbb8589f06907ef13f4344cc544b7e0dcc76735103f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"9bab183636b70c644fda4a0a3b7a4799"
age: 753308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TjpwOyYaCn9fm8YjnAcCgG3A4L1Gr4lux%2F8hgC0Lg0hvFPEwk8BfYONAY5Y9aOVRUB57x1zyeS5t7JYIMnEARJYYbXo6%2BZPVLrZ8ye%2B9q6KSTvhPgZnV61%2F3sDnBe%2FYuEaN6gcMDCjvGPpLopugd"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40facf66db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 4012-e2a4915e6272b31c.js Show response
book.hacktricks.xyz/_next/static/chunks/ 20 KB
8 KB 96ms
94ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/4012-e2a4915e6272b31c.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fff98ad61d96f71a9f7e209394fc556cc9e7ac67aada9e6289faab4acaa9266

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1745707fc204222741ccaba513b047c4"
age: 69073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BrCuzVNNrrsT9Mz%2BN%2FflV5cM7%2BmNBkIKZQ1mBteI73C6Vc38kDRuh3YOvlLdkIJbWdcXU6349B7zT3ZkcFHM4WHSdTnnC6b9EVoZuniFM5qDiqEUJIoZSNkL5cA555jiwIL8K0vuNimm%2BdzBi3lz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fad066db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 layout-512d7fc9258aa558.js Show response
book.hacktricks.xyz/_next/static/chunks/app/(site)/ 193 B
726 B 171ms
169ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/app/(site)/layout-512d7fc9258aa558.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78a9acd24a1ae7800eb6b46e160a1a5201edc54cc00307f20f5eda70b4218e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"be97a1ec45da1bf22e06c31e3addad8a"
age: 2056424
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpYKujweqZATxz7PGahA90TeArYjZG0wqlcDYNRbDfEIbPO6jIcFg1aplFT2uiVPaNUYVlH3uVaOFBHCzMqyxGCyWijwRrb9nVqr8mSljBJ%2FeJB0nWiv%2FJTHEowt4qo%2Bw75xjDUtKIEmPGX22w3o"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fad266db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 error-211ad2924b043f7d.js Show response
book.hacktricks.xyz/_next/static/chunks/app/(site)/ 4 KB
2 KB 246ms
244ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/app/(site)/error-211ad2924b043f7d.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76f9a4c4a0f0510a1241d047d2896d534124d341b8bff27d9321477b7d8ff258

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"525f920f3c940bdf380a008ec22689a7"
age: 69073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s0jYo4WXzpHxfM3Q0M4RxTzFFSKlZUupiYkyjW1L1cTxXdaLxxgNvUdHQE%2Bh3fgZDC%2FPEkLtj%2B7fnZofSQ0cjQ67O6ivXYnF%2BcnoWGOGnKsdQi%2FvVPjnYaqzBHlLEiOj%2BZJvWpqT4quJAFVFczke"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fad566db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 9505-a8f112b566ef7f41.js Show response
book.hacktricks.xyz/_next/static/chunks/ 306 KB
87 KB 78ms
76ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/9505-a8f112b566ef7f41.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d065db3bd8ef83a4536ae49b3b2a45d9cc835d3c6dca0ba10941bd4cb6d58ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8ce6b1ca16e88dc00273a112d2fb9058"
age: 1452198
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yc0zgaCdG6vIM%2B%2BVuQM5YlcLl%2FAgaz3cwbn2wYHWofZ6lFSO%2BHNnJZMmJzYuNmt3XRbWe%2Btk7LwqlIyi31L27JAhGEpH4ii15x3TFjSLnQmvzVk7qjwrOlp8fz0bOl0O5gH6OBBQ3kBy77DA6MIF"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fad766db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 4531-b39a0af8c700f9ea.js Show response
book.hacktricks.xyz/_next/static/chunks/ 108 KB
36 KB 225ms
223ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/4531-b39a0af8c700f9ea.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78743bdfad4163c8559ee4f06d646adf79b77eadace2acdfed42c438aedeaf8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"fbcba563f1ea1c357dc0bb603e862c5a"
age: 825423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KXpP4geK2G0Cc%2FHIKeLYbh3V1uFo4ANM3d3POqLoitsZaroctUyoxB35V25HRMn29IBsh9HwHWdUnkQXMVUBI1hA9BsxfvTJX%2BTeHCpDCGuSZ78piWPL1oLw%2BU9qyXYZOxKxh%2B%2FWSzigyJzwISSG"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fad866db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 4746-fcf448a964a3d7bb.js Show response
book.hacktricks.xyz/_next/static/chunks/ 27 KB
11 KB 229ms
227ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/4746-fcf448a964a3d7bb.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe09d72189c330176d84cdb3f3d6cdd472d04a4fa50b7a1d11e513dbaabd30c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6b9c684fd54c89175d5a9744433ae71c"
age: 825423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3bGQbam7EeJql1SSFaqEf2HTBk3PuDurqds019b2GomKwCGYRcocYrJg5%2F8jlBCL3CCQRVUk2L5nJzOOug%2FlU1N4YEkfkXQSKh%2B0rgafyfH0mGV%2FaVlGedzZbqyG1pnZXEqXV70GtC6%2FLj9ob06"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fada66db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 1285-7b9a0a181f22b7ba.js Show response
book.hacktricks.xyz/_next/static/chunks/ 28 KB
11 KB 229ms
227ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/1285-7b9a0a181f22b7ba.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b59964a7a83ecf1245ab6335e27b9ae9ad14909d8a5149c5be5783f2ba108d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"ee5fa1c04881c91f3acd34d590cc1f9b"
age: 69073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4PQk1K7Es7jHRxaWJtHHichfNhE5lHmCBqRyezsPrusD5OWnT6jqzXmBfA0lTku8xDkf2MmZU0yMiKCbpcG1rO%2FPKjumRn8iLDyPgS6TjUGs18phHe4TP5TqFsbamxz3Y7k%2FsmT4ozA0MH%2B%2Fb7Oz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fadd66db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 3902-19c217a299034164.js Show response
book.hacktricks.xyz/_next/static/chunks/ 4 KB
2 KB 137ms
135ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/3902-19c217a299034164.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3f6b54c642d999cce1a7eec61cd152e354f992deefaa208a1d04a064c402456

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"86471c0b68f57dc3fc90348ec0822d49"
age: 4213405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9uuz4QRLLcEUqxCCsmX8M%2Bt704yj0UwAQUaTbjqy%2BPRqjfhcrqNgZzxgaMFCFj3HJ%2FGXnTZ4Yc%2F%2F5D4hKV8aPn9Wc0Dia5UvvXGKnAOJ4Ub3Y37n95DAUQNZREq289DyX9Ao6osrYnX4iDzMrVtg"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fadf66db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 layout-fd3a9c9d5877f0e7.js Show response
book.hacktricks.xyz/_next/static/chunks/app/(site)/(content)/ 31 KB
10 KB 228ms
227ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/app/(site)/(content)/layout-fd3a9c9d5877f0e7.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99d67773ac3e03b3959e2b8d18d6e68c4515209b0339bde61820362ae05c2976

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"868ef4993b159e38fdf0e4ca2d89802d"
age: 162541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W07qsa5Kd%2FRSDHRbcfLACY6E3erMhu49OhvvQcM7NmP9J0gJO5%2Fy7mp2eelnS4axrin01D1G21vyuPD6TWaxLC7hldapaDQgPYFfUY1XZZ782db5kt3XiayXh6xWAzb%2F0VFdBGBTCCLkKlxBG4oI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fae166db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 script.js Show response
integrations.gitbook.com/v1/integrations/googleanalytics/installations/759312918e94de4ec174288e6a746823da52987e5a982d76677af254f47fc9cd/sites/site_ysCdm/ 2 KB
1 KB 96ms
73ms Script
application/javascript 172.64.146.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://integrations.gitbook.com/v1/integrations/googleanalytics/installations/759312918e94de4ec174288e6a746823da52987e5a982d76677af254f47fc9cd/sites/site_ysCdm/script.js?version=149.0
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.167 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa10632845c92b62da88cdd77d4cc5513dbf810f551bafa6363f56bc2912147c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"925-fFcVnPb6C4wkuH+2imfjPRCFvDc"
age: 75348
alt-svc: h3=":443"; ma=86400
x-cache: HIT
x-release: gitbook-x-prod-10.9.987-318c7c93cae34891626c033d1c91ddd9f91b2fed-12178430220
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cloud-trace-context: 995147119b3a59a0392d120d640ea7d7
priority: u=3,i=?0
server-timing: cfExtPri
cache-control: max-age=604800
access-control-allow-credentials: true
x-magic-hash: f0225ec3bd13b241e7c7abff809784bed27a3770d485cb94b4ede31b40fc1b19
via: magic cache
cf-ray: 8edadc411ab30b83-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 993
function-execution-id: 29h6ptuj2t2a
server: cloudflare

GET
H3 200 6150-57a79db9099e4be8.js Show response
book.hacktricks.xyz/_next/static/chunks/ 20 KB
8 KB 76ms
74ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/6150-57a79db9099e4be8.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dceef739a3784e7d962af1e9fa3eab86ba71473ef68044f395f456ea6b24587c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1417c67d3052c449db9274076dd5ed11"
age: 868616
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o5MJWkkJVBnZWl72AJpmo9Z4es8k7ZbT%2F5rMWCK9raiRYTBzzpNIrtgCo9Nkp1s5lLCjm2Y77zptDevgitgMgsDYygNIdrNE8XynBspjohPZw1lfJzCUkWaYxxNDZaeU1H%2FKJCMza%2FblQUDfui4I"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fae366db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 8510-2f41b25832a6d317.js Show response
book.hacktricks.xyz/_next/static/chunks/ 39 KB
14 KB 241ms
240ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/8510-2f41b25832a6d317.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97c7c5fb089f6dd442b91e0a25ab029dfd7e993f1021f3ec54e79e95a0326f26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"e5fc05f199425e4357e9902907f3c87d"
age: 701622
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbuWDENYqMF1bmid%2BxEQwHVNJa1QGztfyIWR%2Bw4VLv8jbA4lA%2B2CXMH78XM%2FUK5f08ynWuuZTOyhJEsfow3DkF24yvXMt%2Bss1EheCqv1hgTmAr6%2FrZnJJT03P49cD%2FTfp%2FiWrS6MwZqxjfVynU%2FZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fae566db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 8325-5bb891172c79071a.js Show response
book.hacktricks.xyz/_next/static/chunks/ 10 KB
5 KB 231ms
230ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/8325-5bb891172c79071a.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd05e627badab4af4271fb8ff949734a47c02d1321c30f30fab3a4d2eacaac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"9d418a3d2d694933f8f7d249522ef8dc"
age: 576443
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LqB2O%2FZBnhiBCslO30SBCLGTD96Apw0%2B283idDtxS6QOJoaNbR32z2KeekanbLLIT0wSGJ8h3xrE%2B0KxIIvFOxdx076oALUwOT1YhH%2Fl91%2B47bnGhXgb4FySVtUYmVnM2UUuuyRDoB5uxiDQzKzd"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fae766db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 9028-bdf215f649fe02e9.js Show response
book.hacktricks.xyz/_next/static/chunks/ 15 KB
6 KB 241ms
240ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/9028-bdf215f649fe02e9.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2a968d506fbf01e8f273c31d00d8e17d77dda4d1c9c089baa4a049eb9313b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"4295b05806c87d40ffb90eff3c23cc56"
age: 71653
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzpyrzz2jy3uD%2FwMlmA3xIvzsggxTb90wdEZ8ZHSaMJ2rUatyQK4x%2FtS7u4w2CqY%2B5nDIcw2SAyOao266DiaOtMkpDzPGRTZQvyLJ8qataGPGM6WieB0DwvHU9gEhFwoQGIO3mR8bLZVp5KVWvdR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fae866db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 page-bb35daef9f1179e4.js Show response
book.hacktricks.xyz/_next/static/chunks/app/(site)/(content)/%5B%5B...pathname%5D%5D/ 12 KB
5 KB 169ms
168ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/chunks/app/(site)/(content)/%5B%5B...pathname%5D%5D/page-bb35daef9f1179e4.js

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bac769c6de32173f6e139e86e584f930988552bb802820e3630704ef90531f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"82bb3675874a1085f273988c25762c75"
age: 576443
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sFo6TPY0Xk5%2FelWePztkdMaiQ708WROnZ554xENBXFRV5lhxhgcx1DBaoEFtrnLMU6n2Y1f4SrKBFc1MLbM7ypFip7XqWOOdproa6L73cZr1PkHw0g7geqRrfmN3sXY1M%2B3rwW8TEc3OO9hHdbdK"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc40fae966db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H2 200 embed.js Show response
cdn.iframe.ly/ 24 KB
8 KB 79ms
23ms Script
application/javascript 2600:9000:2490:7200:e:e47a:54c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/embed.js
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:7200:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e8b19acc79b2357936ef1381c0ea3d34a38c8b73d096da65272b8be1ed41043

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-amz-cf-id: 0X05Fl4_glWK0xxIJXsOlWhbH_lk-rXZ-CkbmpjKgOad5YU-OLWtWw==
cache-control: public, max-age=86400
content-encoding: br
etag: W/"656de555-6060"
age: 9846
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Fri, 06 Dec 2024 05:36:58 GMT
content-type: application/javascript
last-modified: Mon, 04 Dec 2023 14:42:29 GMT
server: nginx
x-amz-cf-pop: FRA56-P6
vary: Accept-Encoding

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 1 KB
2 KB 213ms
213ms Image
image/png 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FwdlXOpyZOVGNzyhOiiFK%252Fimage%2520%281%29.png%3Falt%3Dmedia%26token%3D13f4d279-7d3f-47ce-a68e-35f9a906973f&width=768&dpr=1&quality=100&sign=32a4c5e2&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a22d9b568818486c76a86eb06afa45f9b6ef5ec53b047f95bee47dfe38ac80a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cf0KPoPyFDrOE0p4sj4CEJDdLsK-ChRTP4It8jXA90DQ:ffaff40eb704164365df385d53b85081"
age: 256993
cf-bgj: imgq:0,h2pri
cf-resized: internal=ok/h q=0 n=31+247 c=0+247 v=2024.10.6 l=1372 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWnPZKS1GMthPkuJ5qP6ngoE%2B%2FKtJhAFhlJPf%2BBG0ZF4hHmWHJDNKaXY9YJedbAxyWISSZ7s3Zf5pqCg6GTi17yhoGhXniKKIl7DVXdC4sAMqFilTp1h0FBwGyQZjXiCXKA%2FhPRx9xuptIyAVMbd"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "original is 18507B smaller"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/png
last-modified: Mon, 23 May 2022 23:54:15 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=4,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b1d66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1372
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 73 KB
74 KB 215ms
215ms Image
image/png 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FkFwiFfVFKtlODBYwQ3E9%252Fimage.png%3Falt%3Dmedia%26token%3D578595d0-b468-4540-94b2-ebd719dd1707&width=768&dpr=1&quality=100&sign=1ea30ee3&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df1c7756b4ff30be65e0e3caa88ed6e493c968cb051d9ef932384814fb9eac90

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfIaefk9EzBfM_ELS6n_Ubvmm9K-ChRTP4It8jXA90DQ:8c169ff2834489ca7331421ac45a0bcc"
age: 146775
cf-bgj: imgq:0,h2pri
cf-resized: internal=ok/h q=0 n=81+156 c=0+0 v=2024.10.6 l=74530 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LrIRbGsTRhTG4l%2F17zRyjy0PqR%2BIFRkp8ZojmONLa2aD6KZvv1agrZ1eHwMHh2M7xSf219qUxlxKM2OqFLd1GDQQnSojvzn6%2BV8W8t04vwDY53M8cJpx5pymqE0jSTs52gsflFGUjXwFncb6i7CZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "original is 18785B smaller"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: image/png
last-modified: Sun, 11 Dec 2022 17:55:00 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=5,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b2166db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 74530
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 140 KB
140 KB 194ms
194ms Image
image/avif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FdMdbB38KOW7LLfsck5D1%252Fimage.png%3Falt%3Dmedia%26token%3D09a37f36-0865-49b8-ab36-61f45a145f3d&width=768&dpr=1&quality=100&sign=a94de624&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7109859cb84e381156d50c08fe6e7c149925a0c940b9e7b98b77947e8dc8c2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfFX7_dG5swhLMzUHkjYUeQWu2K-ChRTP4It8jXA90DQ:3b3ff7025b5ab3c33fbabc8b280f6772"
age: 146775
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=36+252 c=0+0 v=2024.10.6 l=142950 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0wamU16Lps1ZjBDIS8IRwpCgqKp50TD4nng3DdwiTQbQsBoHFPm0GL2McWBB37hctIYbN1Ewoq9CgtoAk%2FBAKUzjWDcyGmTA42KR1ddamqbpwLdMf5fkP1MKKgSAt%2B75eoCzZJ896IG6wTtc4iVq"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: image/avif
last-modified: Sun, 11 Dec 2022 17:55:22 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=3,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b2366db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 142950
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 386 KB
387 KB 132ms
132ms Image
image/avif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FVayPWsIk70sFM9PNboGc%252Fimage.png%3Falt%3Dmedia%26token%3D89185e70-e11b-4a0d-8e74-ae06d368fc2e&width=768&dpr=1&quality=100&sign=6dd1d347&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47136260041fbb099dcaddd4db334aa18c41b42eadd44233eba8707e71c119b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfftxjQ5JzUpK8Oh0vkuns02BXK-ChRTP4It8jXA90DQ:f7e017362ac050b435fd6ffc986c224c"
age: 196
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=59+691 c=0+0 v=2024.10.6 l=395232 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bicV%2Futd8QcxWVhKQboemnPcm0C9ob1cAz6Z0%2FYQHcR%2FlkAnf7Qh8pZ8eCP5UbFfgHyG8BiRym3Tw9lWKkOLOMWxekAw447IUTvl%2FM94mfRBu1A0T3CGKf4qTceWbaW9qwaTWN3n6LYFnLLbTD2A"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: image/avif
last-modified: Sun, 11 Dec 2022 17:56:09 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=3,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b2666db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 395232
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 200 KB
201 KB 160ms
159ms Image
image/gif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252F751CmVqrSKBBMyvSpoAf%252Fsharpdllproxy.gif%3Falt%3Dmedia%26token%3D027e90ff-03b3-4c73-820b-02903cc91bbb&width=768&dpr=1&quality=100&sign=cbbfe0fd&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7b507f13227fba37ac18b882ec236ffea81357e410089486eb370f145249ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cf4yC-aNtMLwR0tcfdFy1JWSF9K-ChRTP4It8jXA90DQ:17ccfa8f1bd3a6416a9a3b3aeb741174"
age: 146775
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=54+316 c=0+0 v=2024.10.6 l=204843 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8TQRiZkmLwMG88AZZuWcWVyopWONZ0h7OnivUHkE2m1Nd9hm0ViCTeyJex6UCoFaTV0c8U0sqVuqZu8IiwSXMA%2FlF2XJKPEZMskA6Vk88sGi3xcBw%2FbLu4g4%2BKj%2B943guka5uRkVVkUEXT6DFGj"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "AVIF anim not supported", cf-images 299 "animation too big for WebP"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: image/gif
last-modified: Sun, 11 Dec 2022 21:24:53 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b2866db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 204843
server: cloudflare

GET
H3

200

spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FXywFIidnKNlXurK0JkTw%2Fdll_sideloading_demo.gif
129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/
Redirect Chain

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FXyw...
https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FXywFIidnKNlXurK0JkTw%2Fdll_sideloading_demo.gif?alt=media&token=51f829f3-2c76-...

629 KB
630 KB

53ms
53ms

Image
image/gif

172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FXywFIidnKNlXurK0JkTw%2Fdll_sideloading_demo.gif?alt=media&token=51f829f3-2c76-48ff-baa0-8e9cda28d7e2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

fa5ee8e029db3a55be6a13d3d3178d8f6d9d15a400db3a88a6d3db518d622902

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.987;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-goog-hash: crc32c=1xEjyg==, md5=Zm9IRqZxtYHTOUNaoR+dPg==
cf-cache-status: HIT
etag: "666f4846a671b581d339435aa11f9d3e"
age: 241337
x-content-type-options: nosniff
x-goog-meta-height: 582
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-type: image/gif
content-disposition: inline; filename*=utf-8''dll_sideloading_demo.gif
last-modified: Sun, 11 Dec 2022 21:25:33 GMT
x-guploader-uploadid: AFiumC6vgvcsKLQE69Hzn3rHZR_wHGolSicTyC6Hh1UfvJLTNGpJWZP4mDCyonix0RNgEuXHHNc8xCWhEA
priority: u=3,i
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
x-goog-generation: 1670793933231881
content-length: 644339
x-powered-by: GitBook
server: cloudflare
x-goog-metageneration: 1
cf-bgj: imgq:100,h2pri
x-goog-stored-content-encoding: identity
expires: Tue, 03 Dec 2024 14:18:47 GMT
cf-polished: origSize=767415, status=cannot_optimize
x-goog-stored-content-length: 767415
date: Fri, 06 Dec 2024 08:21:05 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.987;
x-goog-storage-class: STANDARD
x-goog-meta-firebasestoragedownloadtokens: 51f829f3-2c76-48ff-baa0-8e9cda28d7e2
x-goog-meta-width: 1787
cf-ray: 8edadc43c990f5ef-AMS
access-control-allow-origin: *

Redirect headers

x-gitbook-cache: skip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FXywFIidnKNlXurK0JkTw%2Fdll_sideloading_demo.gif?alt=media&token=51f829f3-2c76-48ff-baa0-8e9cda28d7e2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zm7BR09MYvuLaz2QTcDltVCa338F4XSkkW%2FYx%2BbF4QVr2hAOdkBVIeUNpejNmbK%2BpRkSZO28kte5PjXAi8XTczE8kY9oXxnqlfhB5ZAsighM3HtfRift7H2c3%2BamT2AWVJXmZRoaUWi7jZRnS1s"}],"group":"cf-nel","max_age":604800}
cf-ray: 8edadc412b2a66db-AMS
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Fri, 06 Dec 2024 08:21:05 GMT
cf-placement: remote-SJC
vary: Accept-Encoding
server: cloudflare
priority: u=3,i

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 349 KB
350 KB 110ms
109ms Image
image/avif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FzZb1HvWlE8tjApo7Dqur%252Fimage.png%3Falt%3Dmedia%26token%3Df2dba7a9-bc81-40df-8bf5-ded1be286384&width=768&dpr=1&quality=100&sign=b31b7d7d&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36c0c98c92da8c3ea588630c4c4b2187a2778ca560210bedda966d10c11ed383

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfpqKri4oEgKA_xdV1MNI7mdqlK-ChRTP4It8jXA90DQ:934c19e6395d9c30916a37ccaf2d559e"
age: 146774
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=45+193 c=0+0 v=2024.10.6 l=357808 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w0qiDwAExg2Xc5eXgTwpUX9b0Wzov99smS2NX3nJSTUfLOvBS6Uvyw7i5MJlcLDN%2F40aPGZTUCqWonIciTUzeLl2E8aCjXpr2ubWGERxwtEqlEEr0a0WJ0WtEF7ZtAjeNi0VK7%2BKzajbpcm1HExa"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: image/avif
last-modified: Sun, 11 Dec 2022 19:20:13 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=3,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b2b66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 357808
server: cloudflare

GET
H3

200

spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FogNqFSNmZ066yHq7hgvQ%2Ffreeze_demo_hacktricks.gif
129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/
Redirect Chain

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FogN...
https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FogNqFSNmZ066yHq7hgvQ%2Ffreeze_demo_hacktricks.gif?alt=media&token=14182ec0-ed8...

674 KB
675 KB

71ms
50ms

Image
image/gif

172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FogNqFSNmZ066yHq7hgvQ%2Ffreeze_demo_hacktricks.gif?alt=media&token=14182ec0-ed87-4541-ad23-3f71d7f821f3

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

11aec833519062b2fc6b34b0ead7a12010703a1b922750b21e231d3e51c815da

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.987;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-goog-hash: crc32c=XU2GiQ==, md5=d9Xh2PV9Cpdx8FIgfeZqMw==
cf-cache-status: HIT
etag: "77d5e1d8f57d0a9771f052207de66a33"
age: 37178
x-content-type-options: nosniff
x-goog-meta-height: 600
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-type: image/gif
content-disposition: inline; filename*=utf-8''freeze_demo_hacktricks.gif
last-modified: Sun, 11 Dec 2022 21:26:01 GMT
x-guploader-uploadid: AFiumC4Er5KP_YGEaezo6nyAcJY7RkanUwAKDe8D0VxfvsroFuIkTTdoJVawvBPkpmEzxBgmY_A
priority: u=3,i
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
x-goog-generation: 1670793961686376
content-length: 690217
x-powered-by: GitBook
server: cloudflare
x-goog-metageneration: 1
cf-bgj: imgq:100,h2pri
x-goog-stored-content-encoding: identity
expires: Tue, 26 Nov 2024 14:37:01 GMT
cf-polished: origSize=818949, status=cannot_optimize
x-goog-stored-content-length: 818949
date: Fri, 06 Dec 2024 08:21:05 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.987;
x-goog-storage-class: STANDARD
x-goog-meta-firebasestoragedownloadtokens: 14182ec0-ed87-4541-ad23-3f71d7f821f3
x-goog-meta-width: 1920
cf-ray: 8edadc43a918f5ef-AMS
access-control-allow-origin: *

Redirect headers

x-gitbook-cache: skip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FogNqFSNmZ066yHq7hgvQ%2Ffreeze_demo_hacktricks.gif?alt=media&token=14182ec0-ed87-4541-ad23-3f71d7f821f3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xdH00%2FGXLjTcBhH%2B1O1lR68%2BspryrbmUkAiLemejxUqK9snHU%2FxhJRms1czSH4eGAfrUwHUCRZUlcWuUGwoWi7N2aFJHR7ScUykMiLSzQwfoGM%2FVA8vrwU%2FO0evQm6rhYTcxw2U3a2Qr8%2BTXLmpr"}],"group":"cf-nel","max_age":604800}
cf-ray: 8edadc412b2f66db-AMS
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Fri, 06 Dec 2024 08:21:05 GMT
cf-placement: remote-SJC
vary: Accept-Encoding
server: cloudflare
priority: u=3,i

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 11 KB
12 KB 215ms
214ms Image
image/png 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FVYdikIZXv3P8p44tDo7h%252Fimage.png%3Falt%3Dmedia%26token%3D79a2f843-3963-43f4-adb3-19d3d130926c&width=768&dpr=1&quality=100&sign=846d88dc&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a452edfbaae7af03314d10ec9f219554840b9f0ee3a1d1199feaaaaeb9e05d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cft6he1MoJqLjKndHENE0pMRP5K-ChRTP4It8jXA90DQ:a544ab99c5bb6808bde34863a17c60bb"
age: 146775
cf-bgj: imgq:0,h2pri
cf-resized: internal=ok/h q=0 n=43+436 c=0+133 v=2024.10.6 l=11351 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEL%2FXrZvAmFtr1zMWmHTlKM3Eek2X2fHndjHrj%2BKvfZ3JJVt%2BBfOFD9K5SLkORBF7J%2FFiO3hfb58kzBQjivsmjqOJp8oPN1OmDmdoog4DqMhYapkaraUK7almb%2FlUrBqwzKYWZP%2BCPtm57JcKgTm"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "original is 43342B smaller"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: image/png
last-modified: Sun, 11 Dec 2022 19:21:17 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=5,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b3066db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11351
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 14 KB
15 KB 213ms
212ms Image
image/png 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FwGQ0N379Mk0WmTohZJbg%252Fimage.png%3Falt%3Dmedia%26token%3D93be237a-0391-48a9-8f80-7b717673fc9d&width=768&dpr=1&quality=100&sign=e8b9b87d&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5978d7f99b9781c89855ea6d0d1ed9125ebf74b774010f8f6b35c1950340cca9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfoFcuBgB49GYMZ8RSrBj-BsX7K-ChRTP4It8jXA90DQ:f0324f26819b1c0604a3cb1d43fd2fde"
age: 196
cf-bgj: imgq:0,h2pri
cf-resized: internal=ok/h q=0 n=85+166 c=0+0 v=2024.10.6 l=14805 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDcHf32nDN7rGTG%2BqBGGzXSnkODGY%2BC70tuwxKyzii5ZahutuS5w8%2BScr1bDjQRUiS4ZO3qnn6QsgpL0uRo37K4tEE3DxMV26oO6iBxfL7I3wge4MtPCLAFtKXFG8PO7oxdCrq5Gb%2FYbTFBFY5Yr"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "original is 69821B smaller"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: image/png
last-modified: Sun, 11 Dec 2022 19:22:10 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=5,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b3266db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14805
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 7 KB
8 KB 192ms
191ms Image
image/webp 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FBC3G77H12WuxxGmJCRT1%252Fimage.png%3Falt%3Dmedia%26token%3Df40a24d7-9b49-4da4-9a2e-22813dcc5fc8&width=768&dpr=1&quality=100&sign=24658ae&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc5bbba6615e2892bbdbd13779a429f79e5abc580494a9a721f42d8aa6fab8f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfDDsr5YJy6Gs5LDvURAIBafVo--CcXmoXJ4cITo8VDQ:c0376c06750720b9f5445d4162911a71"
age: 46
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=37+15 c=0+15 v=2024.10.6 l=7134 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IhA8lITyxYm0bYVNtBq73dv%2FKf5Xx5%2BDtnLaIjj5LkKa%2FMTIqOoSem1hWIkzlhWNOG2WxazufAHerEinFLSgbPhN7zZP1s9KbIJvr%2FE1jHUfkvJ2Ck9yAtcET8D8loOA4%2BWOCrQXthpmS%2B1l2C3u"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: image/webp
last-modified: Sun, 11 Dec 2022 19:22:36 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=3,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b3466db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7134
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 192 KB
192 KB 217ms
216ms Image
image/avif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252Fg0O4mQMWjEeb6TdWT1Cz%252Fimage.png%3Falt%3Dmedia%26token%3Dc0878b83-780b-4488-a39b-e9f51a4f15bb&width=768&dpr=1&quality=100&sign=73788143&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b1730ee8253dc36e7c84049dcaadcb9726e812b0fcac3a2e10076ccf841930

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfjLtzs6UauNTuNzUvd50pV4lGK-ChRTP4It8jXA90DQ:984f46f16a103282066b46fe8363e36d"
age: 146774
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=33+262 c=0+0 v=2024.10.6 l=196265 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=alBSvMryZE9ZR2P0ntXvuPpn2JKMlhC863yrLix03v%2FVbsIRfMJ7TtKQEa8AnmW5NAEqUkM3xkSuaxujfiR0g2qf36gPDwmuq0sHHfczddeHrEmOupezD2WK73brEXpchu8z46xItKQGEHAyvqzT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/avif
last-modified: Sun, 11 Dec 2022 19:23:02 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=3,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b3666db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 196265
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 1014 KB
1015 KB 140ms
140ms Image
image/gif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252Fcg011KP3DzciaxqY0UWE%252Fpackmypayload_demo.gif%3Falt%3Dmedia%26token%3Dbf2601c5-3cd3-4ca4-b2df-5f6c5df4cd88&width=768&dpr=1&quality=100&sign=18c99a39&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fd85634af321096efb353874247868a2338c72707a1cdb41b687c8ac96ecb5e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfpuI84aDzE9WOIQdt-B7LwxoKK-ChRTP4It8jXA90DQ:29e9384e090f37630378f3489c542943"
age: 146774
cf-bgj: imgq:0,h2pri
cf-resized: internal=ok/h q=0 n=63+95 c=0+0 v=2024.10.6 l=1038560 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPnqtArqA57bYkWn8Tu%2BzV7bx0xQtLs8ZPizWKID2ByWTb9TCSHygpzEIccPjpXImr9n%2FuBeyldKlfU9A9IzWCaoe2k6buIF%2BVwwxg82ZuCLc2%2Bc8TCwt9VF9nvGRN8KNU%2FdOLm73nPJUppxuLhd"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "animation too large, passing through unchanged"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: image/gif
last-modified: Sun, 11 Dec 2022 21:26:41 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b3966db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1038560
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 64 KB
64 KB 214ms
213ms Image
image/png 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FzgVmtNlb3gTAJ70bZj43%252Fimage.png%3Falt%3Dmedia%26token%3Da2062c69-d865-4a28-93af-ff0ef2e3b82e&width=768&dpr=1&quality=100&sign=2c5fbcb7&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e0616b099a8212f4784f1e8fc76d8044c829bcd130c0cfe52dbff32078b4476

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfeLUqKUBgs2XWlp6jLszwtHD3K-ChRTP4It8jXA90DQ:b1632b7a655afd16f7e6c19eb2f4f25c"
age: 146775
cf-bgj: imgq:0,h2pri
cf-resized: internal=ok/h q=0 n=68+706 c=1+635 v=2024.10.6 l=65255 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=byBewCiRcYv%2FQUcQ6O%2F%2BYf2QCaY0vC7T58IG68EeLdnyC3MhVd28n%2BD%2BS2UCqUIRpMwK6nBGUBYfg7k5f42H1AJ0TlSlWYAxJsYI8AmEtA8p34Hn5nM0tpUKv%2FpXDcSmzWiLeA8%2FbRAtE%2F5vRIPz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "original is 205729B smaller"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/png
last-modified: Sun, 11 Dec 2022 19:24:00 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=5,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b3a66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 65255
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 216 KB
217 KB 204ms
204ms Image
image/avif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FW3eVOL29waBKmCNp3cs7%252Fimage.png%3Falt%3Dmedia%26token%3D0c176b92-ad78-4e23-acd7-712a219b6211&width=768&dpr=1&quality=100&sign=96a2b70&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d561cf7653209af40270c123455e36d3ff8d41dbec150e10e01f11b61efba02

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfvC_nqrqh40h-AMMF9-qwnSPjK-ChRTP4It8jXA90DQ:de9d46c6388b2ac0dbe1acc73d50d8f2"
age: 196
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=43+185 c=0+0 v=2024.10.6 l=221213 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1plVULKYLsNhhpXaXJVlOAr%2BnPVEa8H0mFEfvR7ls3%2FlLnAhY4nhwpNMj8ow5R87bDJhfMr1r%2FgaNsVcQ%2FsVFvYoNYagxswCF0faO0HXiAi%2ByPBBiS47V5KLM9u5RzDxtYCow63FXhy%2Fb6iJNr%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/avif
last-modified: Sun, 11 Dec 2022 19:24:23 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=3,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b3b66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 221213
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 3 KB
3 KB 132ms
131ms Image
image/avif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252Fgit-blob-ce8af1068db7be4ad9003f8ddb02fea8f943f1a4%252Farte.png%3Falt%3Dmedia&width=40&dpr=1&quality=100&sign=b69737ad&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffb6addbbce17fdb50e13ace30f5ce756e5ca32b4ca911e354b83ef8dcb67822

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfTvQdEGkqUyZ7reSJBK_GjSirnidDwyl9XcN7XALJDQ:91ae5ec34b7bf741255ee7080b7c4368"
age: 40324
cf-bgj: imgq:100,h2pri
cf-resized: internal=ram/m q=0 n=0+0 c=0+0 v=2024.6.0 l=2637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fd4Xp%2F2AqMVWtnk0ZZ4CkskIX9Q1NLWYDLgH%2BcaVLFUd%2FVrDa5wXFA1nrTNUHxsKHYNOgywUoTJO%2Fgv0U6tuWYjjq9HpYbaE6b3g2b493lrinwAIXrgR%2BZAA%2F4ayjxOqa%2FpbvjG71TaMF8F8W2KI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: image/avif
last-modified: Thu, 18 Jul 2024 16:15:36 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=3,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b3d66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2637
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 3 KB
4 KB 132ms
132ms Image
image/avif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252Fgit-blob-54ee1fb931f39d1e6f50150361b6aa1927f4ee88%252Fgrte.png%3Falt%3Dmedia&width=40&dpr=1&quality=100&sign=6aebe399&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7ecb43092c85e10d94eaca25de564ee3e8331bd93f194df338b680df1d2ab84

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfB5qlY1h1_cXZSBMjWgEP6iLNnidDwyl9XcN7XALJDQ:6fe8649693222b22819a1e430fdcf581"
age: 40324
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=43+51 c=36+15 v=2024.10.6 l=2895 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FmiDLxFwGQ50TgU%2FNnot6%2FOb0gZxtt8s8kxpgu4bQfFDZ3RDxVzmanhlbrw8YbNVx%2B85XOxo%2BbHSOq2lRfRNkXHuaTAzXosDjwdeaA%2F23CJ5X9TCR7yeQ%2FYWL0wpNqmWZIVVL8BqKraNb35OtI5"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: image/avif
last-modified: Thu, 18 Jul 2024 16:15:37 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=3,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc412b3e66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2895
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 326 KB
109 KB 95ms
43ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-45K19GNPSL

Requested by

Host: integrations.gitbook.com
URL: https://integrations.gitbook.com/v1/integrations/googleanalytics/installations/759312918e94de4ec174288e6a746823da52987e5a982d76677af254f47fc9cd/sites/site_ysCdm/script.js?version=149.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9a14f3404b97c1a63d8bd4e76194b51a6f85bc5c4319ba2631ebe5839f2fcc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 06 Dec 2024 08:21:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 08:21:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110430
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 6vtHQHG
cdn.iframe.ly/ Frame 9BA3 0
0 82ms
21ms Document
text/html 2600:9000:2490:ce00:e:e47a:54c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/6vtHQHG
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:ce00:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / iframe.ly
Resource Hash

Request headers

Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1879
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Dec 2024 07:49:46 GMT
etag: W/"a4ceb7cff87440debce01723ff3f495c"
expires: Fri, 06 Dec 2024 08:49:46 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-id: kHCjd80w83vJkIzHBXK1xf4CNkBiYnPTY4WtX8SFYGe6EzAYPzieLQ==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-powered-by: iframe.ly

GET
H2 200 4vQfee1
cdn.iframe.ly/ Frame 5BF3 0
0 83ms
23ms Document
text/html 2600:9000:2490:ce00:e:e47a:54c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/4vQfee1
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:ce00:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / iframe.ly
Resource Hash

Request headers

Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1879
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Dec 2024 07:49:46 GMT
etag: W/"672d8f1359d487233d45f3873a4bb853"
expires: Fri, 06 Dec 2024 08:49:46 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-id: T5Q1p4VlF_0oC6aVnSEmcfndflLK-h8XGQfBxrW7Ffft2FTn7Qmzxg==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-powered-by: iframe.ly

GET
H2 200 21WBdCD
cdn.iframe.ly/ Frame 4847 0
0 81ms
22ms Document
text/html 2600:9000:2490:ce00:e:e47a:54c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/21WBdCD?app=1
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:ce00:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / iframe.ly
Resource Hash

Request headers

Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1879
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Dec 2024 07:49:46 GMT
etag: W/"4251fcd69bfc95d9f4d3139ba73c9a2c"
expires: Fri, 06 Dec 2024 08:49:46 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-id: i5tCgH9_HKxaBh0VpzxnLAhA5YTXjB512MpcDg6dZBlsRIItUXlaYw==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-powered-by: iframe.ly

GET
H3 200 a34f9d1faa5f3315-s.woff2
book.hacktricks.xyz/_next/static/media/ 47 KB
48 KB 79ms
78ms Font
font/woff2 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/media/a34f9d1faa5f3315-s.woff2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/css/27629c7e89370ccb.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/_next/static/css/27629c7e89370ccb.css

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "d45b0dd4cb6ee6e590ede559bc68daa2"
age: 2728469
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oHjCi%2FX3RuxXz6eeWSpxYiIsZxPGRyGM9C1549osFQ66URt7JwCQJoklXdeJbX6xMVek3xiK4sAukRiNHVsEk%2BdTScxKSo1XtqT2h5OUYX7u5lbifabu7t%2BeDwrl1kWhCKoEGNnwXskKWM4xd0Yg"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: font/woff2
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc42acca66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48556
server: cloudflare

GET
H2 200 chevron-down.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 396 B
511 B 94ms
34ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/chevron-down.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e71c9e7a39ceb8762c63ded70c32e28964a2fe7d8e88ba85e99cf6b7e7714004

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1e1-18c"
age: 839332
cf-ray: 8edadc42bc95b96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:37 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 magnifying-glass.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 483 B
414 B 95ms
36ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/magnifying-glass.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf2a6a5f8c28ed6ebddf6fa704ad4f21d95c55a140c124b94dd4bf28b736a654

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1f6-1e3"
age: 704067
cf-ray: 8edadc42bc91b96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:58 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 chevron-right.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 394 B
337 B 99ms
40ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/chevron-right.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e745a051fade69ed0d6a92fe8f0437d646bafe59a91f3c6654b0c4295c1ed91f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1e1-18a"
age: 107185
cf-ray: 8edadc42bc93b96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:37 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 arrow-up-right-from-square.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 695 B
478 B 92ms
36ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/arrow-up-right-from-square.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d227ad1e206549bd4ff147c5fe8be3ae6a0a652d233a1dc9b4913c4a59a6e0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1d9-2b7"
age: 71428
cf-ray: 8edadc42bc97b96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:29 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H3 200 gitbook.svg
book.hacktricks.xyz/~gitbook/static/icons/svgs/custom-icons/ 1 KB
1 KB 70ms
69ms Image
image/svg+xml 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/static/icons/svgs/custom-icons/gitbook.svg?v=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2b5edbdd84e821da7830e59580a2581cfd2e2bfb01a197c3e9f919b7859fc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6a0e8c1b87703edb50c128db3b80b0c7"
age: 6278124
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UkSEC7LhaQGTDlOEzmrSkFuaqFSw%2F4IPfc4STi%2BCImpXEU2WlWRYGJ18niv3676YGu70Rb978H6iIn4MEYch3ndkOGakokJglGv4uJXyTyY7XTxxFilLZIN8RXGMr%2B3AwW0g9POu6k9l6%2Br0msuv"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
vary: Accept-Encoding
priority: u=3,i
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc426c6566db-AMS
access-control-allow-origin: *
server: cloudflare

GET
H2 200 github.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/brands/ 2 KB
886 B 85ms
39ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/brands/github.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 358b232d84389a9e0080047ad102d76c30f57281adefe2f27ea2b61ee487dc72

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a0bb-610"
age: 6278124
cf-ray: 8edadc42bc96b96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:20:43 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 chevron-left.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 393 B
334 B 78ms
41ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/chevron-left.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ab2a0562e22f0c92b3178ff3d9ca99c14646df6947a180f3e655305c7249f2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1e1-189"
age: 6278124
cf-ray: 8edadc42bc98b96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:37 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 sun-bright.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 1 KB
546 B 43ms
43ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/sun-bright.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5c1fa2a8114d0a5856d0c0863f0b4fe58afefe99bba193f6fc238e935675058

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a20c-483"
age: 6278124
cf-ray: 8edadc42dcc0b96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:26:20 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 desktop.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 727 B
526 B 43ms
43ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/desktop.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d647cd376c51e1215768ef42fa04ea319b2526cef5067041fb5b132597d4f563

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1e7-2d7"
age: 842681
cf-ray: 8edadc42dcc2b96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:43 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 moon.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 921 B
646 B 51ms
51ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/moon.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7e028b16aa55b30bda76da681b1a98df68d46bfb08be440f1a6e8e0bd113993

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1f9-399"
age: 2929533
cf-ray: 8edadc42dcc3b96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:26:01 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H3 200 79ec87d3cdff1fa5-s.woff2
book.hacktricks.xyz/_next/static/media/ 2 MB
2 MB 57ms
57ms Font
font/woff2 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/media/79ec87d3cdff1fa5-s.woff2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/css/d42d805b938873da.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9ace726a07c376e50d23fda2552280cc6ae95f391b1abc378fd00d38802f74c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/_next/static/css/d42d805b938873da.css

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "a7348788292604a044bf6c450e763370"
age: 110920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ghuSC5UDc7%2FlVYM7XMizfe3Mnz74Bcml6FITHzLDF0v84LSFTxGtotGR2wihN04L4SMWzo6JC7IiBo0g6nsX%2BBtm0D29mBW%2FDlbdEYlkAw0JwjxPtW5lrSVxUrleXN5nktyqgnRhM57X2f7j%2Fda9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: font/woff2
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc42acd066db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1666688
server: cloudflare

GET
H2 200 6vtHQHG
cdn.iframe.ly/ Frame DA25 0
0 1ms
1ms Document
text/html 2600:9000:2490:ce00:e:e47a:54c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/6vtHQHG
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:ce00:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / iframe.ly
Resource Hash

Request headers

Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1879
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Dec 2024 07:49:46 GMT
etag: W/"a4ceb7cff87440debce01723ff3f495c"
expires: Fri, 06 Dec 2024 08:49:46 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-id: kHCjd80w83vJkIzHBXK1xf4CNkBiYnPTY4WtX8SFYGe6EzAYPzieLQ==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-powered-by: iframe.ly

GET
H2 200 4vQfee1
cdn.iframe.ly/ Frame 7099 0
0 3ms
3ms Document
text/html 2600:9000:2490:ce00:e:e47a:54c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/4vQfee1
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:ce00:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / iframe.ly
Resource Hash

Request headers

Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1879
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Dec 2024 07:49:46 GMT
etag: W/"672d8f1359d487233d45f3873a4bb853"
expires: Fri, 06 Dec 2024 08:49:46 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-id: T5Q1p4VlF_0oC6aVnSEmcfndflLK-h8XGQfBxrW7Ffft2FTn7Qmzxg==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-powered-by: iframe.ly

GET
H2 200 21WBdCD
cdn.iframe.ly/ Frame 8FE4 0
0 5ms
5ms Document
text/html 2600:9000:2490:ce00:e:e47a:54c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/21WBdCD?app=1
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:ce00:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / iframe.ly
Resource Hash

Request headers

Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1879
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Dec 2024 07:49:46 GMT
etag: W/"4251fcd69bfc95d9f4d3139ba73c9a2c"
expires: Fri, 06 Dec 2024 08:49:46 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-id: i5tCgH9_HKxaBh0VpzxnLAhA5YTXjB512MpcDg6dZBlsRIItUXlaYw==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-powered-by: iframe.ly

GET
H2 200 circle-check.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 488 B
401 B 33ms
32ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/circle-check.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14438a8fb82a9e8288f05ab19d969a6fd09d43a382b942dd84aab9f6e5979189

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1e2-1e8"
age: 842768
cf-ray: 8edadc435d88b96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:38 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 hashtag.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 814 B
501 B 33ms
33ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/hashtag.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b053c1a8d1743d15e13597718631b7f7d8eb96c7d283d071fbdb8b37e5e05fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1f1-32e"
age: 1944947
cf-ray: 8edadc435d8bb96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:53 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 circle-info.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 559 B
395 B 33ms
32ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/circle-info.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e69b9bc3fe6c8f32aa595be25c5bbcd9b477f93031111faf20f97363cb13116

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1e2-22f"
age: 6278086
cf-ray: 8edadc435d8eb96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:38 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H3 200 3478b6abef19b3b3.woff2
book.hacktricks.xyz/_next/static/media/ 10 KB
10 KB 40ms
40ms Font
font/woff2 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/_next/static/media/3478b6abef19b3b3.woff2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/css/27629c7e89370ccb.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bc2a00d28ef824b977ed1c523138d821eaa4576447153e02de70aacb071147

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/_next/static/css/27629c7e89370ccb.css

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "4f52c61f8f0cad0e31eb3b44c3bf3d4e"
age: 2056353
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5Fs4A2nnVGAHoAEZs85PSs%2F%2Beyak8jpPFs0rtLK5o%2F50MB9tQRKYSv%2FyxXhxF7R1Rcdg70OcjRIY3Im1en7eBQT0uffQeqS%2BQu2XvKDYEK0IsMR%2FfYsXgDMFE5WPZJEgy0GIAi4OD1hKjaUsmgC"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: font/woff2
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8edadc438ebd66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10088
server: cloudflare

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 61ms
18ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-45K19GNPSL&gtm=45je4c40v9103541025za200&_p=1733473264881&_gaz=1&gcs=G111&gcd=13t3tPl2l5l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=934558745.1733473265&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733473265&sct=1&seg=0&dl=https%3A%2F%2Fbook.hacktricks.xyz%2Fwindows-hardening%2Fav-bypass&dt=Antivirus%20(AV)%20Bypass%20%7C%20HackTricks&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=878
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-45K19GNPSL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://book.hacktricks.xyz
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
557 B 81ms
24ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-45K19GNPSL&cid=934558745.1733473265&gtm=45je4c40v9103541025za200&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPl2l5l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-45K19GNPSL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://book.hacktricks.xyz
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 107ms
44ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-45K19GNPSL&cid=934558745.1733473265&gtm=45je4c40v9103541025za200&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPl2l5l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&tag_exp=101925629~102067555~102067808~102081485&z=1786991886

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 06 Dec 2024 08:21:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 6vtHQHG
cdn.iframe.ly/ Frame 10F6 0
0 2ms
0ms Document
text/html 2600:9000:2490:ce00:e:e47a:54c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/6vtHQHG
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:ce00:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / iframe.ly
Resource Hash

Request headers

Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1879
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Dec 2024 07:49:46 GMT
etag: W/"a4ceb7cff87440debce01723ff3f495c"
expires: Fri, 06 Dec 2024 08:49:46 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-id: kHCjd80w83vJkIzHBXK1xf4CNkBiYnPTY4WtX8SFYGe6EzAYPzieLQ==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-powered-by: iframe.ly

GET
H2 200 4vQfee1
cdn.iframe.ly/ Frame D269 0
0 2ms
2ms Document
text/html 2600:9000:2490:ce00:e:e47a:54c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/4vQfee1
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:ce00:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / iframe.ly
Resource Hash

Request headers

Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1879
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Dec 2024 07:49:46 GMT
etag: W/"672d8f1359d487233d45f3873a4bb853"
expires: Fri, 06 Dec 2024 08:49:46 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-id: T5Q1p4VlF_0oC6aVnSEmcfndflLK-h8XGQfBxrW7Ffft2FTn7Qmzxg==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-powered-by: iframe.ly

GET
H2 200 21WBdCD
cdn.iframe.ly/ Frame 8382 0
0 2ms
2ms Document
text/html 2600:9000:2490:ce00:e:e47a:54c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/21WBdCD?app=1
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:ce00:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / iframe.ly
Resource Hash

Request headers

Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1879
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Dec 2024 07:49:46 GMT
etag: W/"4251fcd69bfc95d9f4d3139ba73c9a2c"
expires: Fri, 06 Dec 2024 08:49:46 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-id: i5tCgH9_HKxaBh0VpzxnLAhA5YTXjB512MpcDg6dZBlsRIItUXlaYw==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-powered-by: iframe.ly

GET
H2 200 xmark.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 485 B
389 B 48ms
47ms Image
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/xmark.svg?v=2&token=a463935e93
Requested by: Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25f4b78072b864e10fa420f11ec65288ac46fd785f638fb65a71c3ee16451fa9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://book.hacktricks.xyz
Referer: https://book.hacktricks.xyz/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a25f-1e5"
age: 6278122
cf-ray: 8edadc4648aab96f-AMS
access-control-allow-origin: *
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:27:43 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H3 200 / Show response
book.hacktricks.xyz/ 5 KB
3 KB 50ms
50ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bc2db27d52e7088902d87d48f5cb22e7eb3ad3479c14712c53687994283b923

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-MzkwNWEzNjItOTVjZi00MDc2LWJkZGUtNWE5NmIxZWQ4MjJm' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BdrlM2dDAcgiAGzpekuAt2iD2%2B05%2FT8gZcKjJ91vrV%2BuHU3Jg6cMgAnf8%2F1KUeDTu8hFqrcHOE2jmZK4hKVFBWxmL9CKO%2BtDOkQ3nzk2PFC8D27JCU5PE4J4knTlhbN0FOTR11xxcjS2BOalQ5aU"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:17 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-MzkwNWEzNjItOTVjZi00MDc2LWJkZGUtNWE5NmIxZWQ4MjJm' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc46b9db66db-AMS
server: cloudflare

GET
H3 200 __session Show response
app.gitbook.com/ 52 B
6 KB 208ms
207ms Fetch
application/json 172.64.146.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/__session?proposed=93dd2895-f6eb-4e97-b323-2ccf75f080d2R

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/app/(site)/(content)/layout-fd3a9c9d5877f0e7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.146.167 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

4bfb02d2bd4718f78dc3b21ef4481b5ffd6f2208b71ddf83329a0a2707e6aa59

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com integrations.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com track-eu.customer.io track.customer.io customerioforms.com eu.customerioforms.com .api.gist.build .cloud.gist.build api.getripe.com us.api.getripe.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' integrations.gitbook.com app.gitbook.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://.algolia.net https://.algolianet.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.amplitude.com https://static.cloudflareinsights.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://assets.customer.io https://code.gist.build https://customerioforms.com https://eu.customerioforms.com https://.adroll.com http://.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net storage.getripe.com us.storage.getripe.com .opentok.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net code.gist.build; img-src data: * blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/ track-eu.customer.io track.customer.io https://.adroll.com http://.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net images.getripe.com storage.googleapis.com us.images.getripe.com us.storage.googleapis.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net assets.getripe.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network https://beacon-v2.helpscout.net renderer.gist.build code.gist.build; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src .intercomcdn.com https://beacon-v2.helpscout.net *.mux.com blob:; frame-ancestors app.gitbook.com; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.987;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"34-CBUtkK2X1nIpUaWUuTv1F48LUDg"
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 08:21:05 GMT
alt-svc: h3=":443"; ma=86400
x-cache: MISS
x-release: gitbook-x-prod-10.9.987-318c7c93cae34891626c033d1c91ddd9f91b2fed-12178430220
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-cloud-trace-context: 460d6e1d1072bf4429ab0a9dd7f025b0
priority: u=1,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com integrations.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com track-eu.customer.io track.customer.io customerioforms.com eu.customerioforms.com *.api.gist.build *.cloud.gist.build api.getripe.com us.api.getripe.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' integrations.gitbook.com app.gitbook.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://*.algolia.net https://*.algolianet.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.amplitude.com https://static.cloudflareinsights.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://assets.customer.io https://code.gist.build https://customerioforms.com https://eu.customerioforms.com https://*.adroll.com http://*.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net storage.getripe.com us.storage.getripe.com *.opentok.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net code.gist.build; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/ track-eu.customer.io track.customer.io https://*.adroll.com http://*.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net images.getripe.com storage.googleapis.com us.images.getripe.com us.storage.googleapis.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net assets.getripe.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network https://beacon-v2.helpscout.net renderer.gist.build code.gist.build; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net *.mux.com blob:; frame-ancestors app.gitbook.com; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.987;
cache-control: private
server-timing: cfExtPri
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
via: no cache
cf-ray: 8edadc470bfb0b83-AMS
x-magic-hash: f0225ec3bd13b241e7c7abff809784bed27a3770d485cb94b4ede31b40fc1b19
access-control-allow-origin: https://book.hacktricks.xyz
content-length: 72
function-execution-id: gxjaec0j91jo
x-powered-by: GitBook
server: cloudflare

GET
H3 200 hacktricks-values-and-faq Show response
book.hacktricks.xyz/welcome/ 5 KB
3 KB 46ms
46ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/welcome/hacktricks-values-and-faq?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78fc197427bdafab7cf6f4fc940507ffc5fc37a61747ac1a029b2a1951736673

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NmI1NmZiZWMtMjY0ZC00MDUyLTgyNGQtMTg3NmJjOTcyMmY0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bx0LyqI1M5lyIgeJZ2xLGkOFeLeNWJENpVzzAwiKKrh4up7qOEach1xFzwHcYtv0C%2BMIMHntqJWXNfmHpD9EA1vsOQ52TFWdF1GJwQrl%2FcG9RjxSf5V1UsQ%2FDnT4S7jAZ%2BniIGt3waTyDW20Q5wK"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:16 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NmI1NmZiZWMtMjY0ZC00MDUyLTgyNGQtMTg3NmJjOTcyMmY0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc470a2866db-AMS
server: cloudflare

GET
H3 200 about-the-author Show response
book.hacktricks.xyz/welcome/ 5 KB
3 KB 53ms
52ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/welcome/about-the-author?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0891c70111cc5ef2ed46fa0717afcc4822512b144d042a58f87e77267a9e66

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NDY1YmFmYmQtNjQ4ZC00YTY2LTk4M2EtOTg1MDdhMTQ1MzIx' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBzlIsNkLd3ioAclQaIJmiQrWb2ALOzJdPRyyW2jrWVb7UqMwN2mVDg17%2BaPYIZ%2F3qSL1xTJQ4%2FIdhC9VSTUKoCKFw4jmSu%2FVgk9dcRiBosb1V5RT01EyQtsVfatkIT1Et96PTH3wtbnz6ymHjxt"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:17 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NDY1YmFmYmQtNjQ4ZC00YTY2LTk4M2EtOTg1MDdhMTQ1MzIx' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc470a2966db-AMS
server: cloudflare

GET
H3 200 pentesting-methodology Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 72ms
71ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/pentesting-methodology?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ac231778047ec38b569dbc4a92d213ef180172a8870762e2542c4fd6f460c9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-ZGYxMTg0MWMtNDQ1NS00MDI1LTk3ODktNjY2ZDcwNWRjNDRi' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKIRbb%2F9f7GT2wqiWXaB06VUru%2F50Xnsl6cTGD2L61v1cXywJFQj2%2Bs9OFdRnytnls06chVXArW3xQH%2BDt%2B4VPoXpauyihTOsb%2BunI8jDVAlejQQGBZPki3uq4Vsjh%2F0jp9ejIxLLkqUQw2gRAaZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:17 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-ZGYxMTg0MWMtNDQ1NS00MDI1LTk3ODktNjY2ZDcwNWRjNDRi' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc470a2a66db-AMS
server: cloudflare

GET
H3 200 external-recon-methodology Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 62ms
62ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/external-recon-methodology?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5dcc33a6e850f1e0aa992b52864cd3d800cd709deae3c5feccb5d93973fbc11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-N2FiZDc5ZTktZGFhNy00OGYyLWE5YTgtYmRiZjJmYzVlYTE3' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iwDlL8mfPHq3La43DjwYN%2B6EOZ4f3zZQQ2lYwrnb2A9uS7a%2F1s7JAOkJak%2F6v7%2FXqYaRVuPQt9c4zQUR2euM%2BjQ8148CAe42YeH3z77%2Fn%2FBNwuZUBTegx1apk94GQB5JmA1JooYqUVV913kgEghT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:16 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-N2FiZDc5ZTktZGFhNy00OGYyLWE5YTgtYmRiZjJmYzVlYTE3' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc470a2c66db-AMS
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 10 KB
11 KB 156ms
155ms Image
image/avif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252Fgit-blob-ce8af1068db7be4ad9003f8ddb02fea8f943f1a4%252Farte.png%3Falt%3Dmedia&width=40&dpr=4&quality=100&sign=b69737ad&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5791c65ca557a203bb77914aeec06c626b01c97890a0e37f5a2fc788708a4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfTvQdEGkqUyZ7reSJBK_GjSirCg1WoIuA24ZSgwTxDQ:91ae5ec34b7bf741255ee7080b7c4368"
age: 40324
cf-bgj: imgq:100,h2pri
cf-resized: internal=ram/m q=0 n=225+0 c=42+131 v=2024.6.0 l=10383
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRIUWfTygpWULiJ5SSae5GqpE5C%2F1NGtNaf2fVDverVeaqvlBD225KMcztpI0D88xxnoyQyP5bSSsaV2vdeMI%2BRvpBbcbNks3Nob3n4pxpvnKUibowTytR3jBk%2F5HIHhrFE4mnxYjXNIdnbYzNEs"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "dpr > 3 should never be used"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/avif
last-modified: Thu, 18 Jul 2024 16:15:36 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=3,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc479acc66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10383
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 11 KB
12 KB 107ms
107ms Image
image/avif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252Fgit-blob-54ee1fb931f39d1e6f50150361b6aa1927f4ee88%252Fgrte.png%3Falt%3Dmedia&width=40&dpr=4&quality=100&sign=6aebe399&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3481cf80a982dbe5a22147066f25bbdb9c4a3d2cf18de55f8256eb46a730a35d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfB5qlY1h1_cXZSBMjWgEP6iLNCg1WoIuA24ZSgwTxDQ:6fe8649693222b22819a1e430fdcf581"
age: 111917
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=36+86 c=29+57 v=2024.10.6 l=11205 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kns3bF71jeAzSDZat7HONVXN7Gu81VP56LTBxqC0aTYhei9zRv4BD3%2BmdJ%2BfAWZOM3fXLTmPPsyRRsKIZIRLQ8EvmzAXh7shCR48kL8i5xZGZNivcauC%2BlGKBuXTIwcdwDtW1kXA2IacubTeGcWe"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "dpr > 3 should never be used"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/avif
last-modified: Thu, 18 Jul 2024 16:15:37 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=3,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc479acf66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11205
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 76 KB
76 KB 156ms
155ms Image
image/png 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FdMdbB38KOW7LLfsck5D1%252Fimage.png%3Falt%3Dmedia%26token%3D09a37f36-0865-49b8-ab36-61f45a145f3d&width=768&dpr=4&quality=100&sign=a94de624&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc3e4f939379c5ca1cfd209b44663ee2b0f6b031eac932351b5b8d70cb91abc8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfINNN-b1-fY392LTQCKhI-grkdVzuGkxbo9totcBpDQ:3b3ff7025b5ab3c33fbabc8b280f6772"
age: 80611
cf-bgj: imgq:0,h2pri
cf-resized: internal=ok/m q=0 n=260+139 c=0+0 v=2024.10.6 l=77370 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mosG3VXUzBgDwIbhlEVga33kbgOShs6EEj2fydoqrWFapeGBsgX7rveODFTmTysAcYM6YVmQdRw5CpjGBmfY5aEwE7lXJLCp9qbx42IuAN6AHxnU%2F0gzFNoFSlk%2BS%2F39j4BNCky6KHaO295s2xY4"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "dpr > 3 should never be used", cf-images 299 "original is 145498B smaller"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/png
last-modified: Sun, 11 Dec 2022 17:55:22 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=5,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc479ad066db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77370
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 117 KB
118 KB 135ms
134ms Image
image/png 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FVayPWsIk70sFM9PNboGc%252Fimage.png%3Falt%3Dmedia%26token%3D89185e70-e11b-4a0d-8e74-ae06d368fc2e&width=768&dpr=4&quality=100&sign=6dd1d347&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb48f684fd85ea8837d297114961d712749759bdc03b64fbc856a2df3ae900e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfftxjQ5JzUpK8Oh0vkuns02BXdVzuGkxbo9totcBpDQ:f7e017362ac050b435fd6ffc986c224c"
age: 155585
cf-bgj: imgq:0,h2pri
cf-resized: internal=ram/h q=0 n=0+340 c=0+0 v=2024.10.6 l=119899 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jL%2F%2BwfLQokKtJHeZTY6CeO9KcTmuYmFGR8KNwF7Zme49dDEBaqUp7EohmX4NA4HYiDGsrQCVL9qDGgApP3HKV1asJV4WdhnLayxmiaddgkyCKynrwBDMVvzsOYsFEYrwxK9%2BP0qHLrlefoawZxvG"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "dpr > 3 should never be used", cf-images 299 "original is 534865B smaller"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/png
last-modified: Sun, 11 Dec 2022 17:56:09 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=5,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc479ad266db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 119899
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 50 KB
51 KB 123ms
122ms Image
image/gif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252F751CmVqrSKBBMyvSpoAf%252Fsharpdllproxy.gif%3Falt%3Dmedia%26token%3D027e90ff-03b3-4c73-820b-02903cc91bbb&width=768&dpr=4&quality=100&sign=cbbfe0fd&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd0631963b09c6186809d6f2bbee60c36b376b86e4b3229357724830c3f44de4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cf4yC-aNtMLwR0tcfdFy1JWSF9dVzuGkxbo9totcBpDQ:17ccfa8f1bd3a6416a9a3b3aeb741174"
age: 155585
cf-bgj: imgq:0,h2pri
cf-resized: internal=ram/h q=0 n=0+1811 c=0+0 v=2024.10.6 l=51539 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t8xrT0OZ%2FBKbYXKNVB87z7fdINDeDRfRuRe8Rp19ehwEjkpOklntTx6MexQNJrskdor543x7CsJ%2F2XmIm%2F2XRAKiRmzwvda%2Fz69TJnfBkocT2Grj12chNx47zwllcCpN9YH0iuHOIuRfIYON74x3"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "dpr > 3 should never be used", cf-images 299 "AVIF anim not supported", cf-images 299 "animation too big for WebP", cf-images 299 "original is 6384B smaller"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/gif
last-modified: Sun, 11 Dec 2022 21:24:53 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc479ad366db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51539
server: cloudflare

GET
H3

200

spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FXywFIidnKNlXurK0JkTw%2Fdll_sideloading_demo.gif
129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/
Redirect Chain

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FXyw...
https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FXywFIidnKNlXurK0JkTw%2Fdll_sideloading_demo.gif?alt=media&token=51f829f3-2c76-...

629 KB
0

0ms
0ms

Image
image/gif

172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

fa5ee8e029db3a55be6a13d3d3178d8f6d9d15a400db3a88a6d3db518d622902

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.987;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-goog-hash: crc32c=1xEjyg==, md5=Zm9IRqZxtYHTOUNaoR+dPg==
cf-cache-status: HIT
etag: "666f4846a671b581d339435aa11f9d3e"
age: 241337
x-content-type-options: nosniff
x-goog-meta-height: 582
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-type: image/gif
content-disposition: inline; filename*=utf-8''dll_sideloading_demo.gif
last-modified: Sun, 11 Dec 2022 21:25:33 GMT
x-guploader-uploadid: AFiumC6vgvcsKLQE69Hzn3rHZR_wHGolSicTyC6Hh1UfvJLTNGpJWZP4mDCyonix0RNgEuXHHNc8xCWhEA
priority: u=3,i
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
x-goog-generation: 1670793933231881
content-length: 644339
x-powered-by: GitBook
server: cloudflare
x-goog-metageneration: 1
cf-bgj: imgq:100,h2pri
x-goog-stored-content-encoding: identity
expires: Tue, 03 Dec 2024 14:18:47 GMT
cf-polished: origSize=767415, status=cannot_optimize
x-goog-stored-content-length: 767415
date: Fri, 06 Dec 2024 08:21:05 GMT
vary: Accept-Encoding
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.987;
x-goog-storage-class: STANDARD
x-goog-meta-firebasestoragedownloadtokens: 51f829f3-2c76-48ff-baa0-8e9cda28d7e2
x-goog-meta-width: 1787
cf-ray: 8edadc43c990f5ef-AMS
access-control-allow-origin: *

Redirect headers

x-gitbook-cache: skip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FXywFIidnKNlXurK0JkTw%2Fdll_sideloading_demo.gif?alt=media&token=51f829f3-2c76-48ff-baa0-8e9cda28d7e2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IFJFC3lGKsZyiwnZOg2b7nq8CfZtDAujjN7m3UQx%2B3Db7LS4CGIu8pa6k0FDxgPCqfkKTLot60MMHTNyahlN0itrKJ57C7dEw4zXfSS5BdTOMgIEbdStA7YZazicWtm4fgsYFs6ZEo06Jw1LNbd3"}],"group":"cf-nel","max_age":604800}
cf-ray: 8edadc479ad566db-AMS
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Fri, 06 Dec 2024 08:21:06 GMT
cf-placement: remote-SJC
vary: Accept-Encoding
server: cloudflare
priority: u=3,i

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 109 KB
109 KB 174ms
174ms Image
image/png 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FzZb1HvWlE8tjApo7Dqur%252Fimage.png%3Falt%3Dmedia%26token%3Df2dba7a9-bc81-40df-8bf5-ded1be286384&width=768&dpr=4&quality=100&sign=b31b7d7d&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60e52351d2ec23449fee6951d8379dd60ca9bcff29705f08d2cb8ab4457dc351

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfpqKri4oEgKA_xdV1MNI7mdqldVzuGkxbo9totcBpDQ:934c19e6395d9c30916a37ccaf2d559e"
age: 155585
cf-bgj: imgq:0,h2pri
cf-resized: internal=ram/h q=0 n=0+220 c=0+0 v=2024.10.6 l=111107 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qf9jpRpBFIDyc0hV4tg%2FqG7YyyeE17Puk90uySM32ykkLU2QByVhV5RHGIaWpSW7iv0PBBWRFO5VBvOXyerZjWwyEIPTPndgrfCpZUB75DZwusJd1KS9KGmOBLydMtWN1z5nzEL808Cshc6%2B9l6q"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "dpr > 3 should never be used", cf-images 299 "original is 461366B smaller"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/png
last-modified: Sun, 11 Dec 2022 19:20:13 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=5,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc479ad766db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 111107
server: cloudflare

GET
H3

200

spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FogNqFSNmZ066yHq7hgvQ%2Ffreeze_demo_hacktricks.gif
129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/
Redirect Chain

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FogN...
https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FogNqFSNmZ066yHq7hgvQ%2Ffreeze_demo_hacktricks.gif?alt=media&token=14182ec0-ed8...

674 KB
0

0ms
0ms

Image
image/gif

172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/windows-hardening/av-bypass

Protocol

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

11aec833519062b2fc6b34b0ead7a12010703a1b922750b21e231d3e51c815da

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.987;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-goog-hash: crc32c=XU2GiQ==, md5=d9Xh2PV9Cpdx8FIgfeZqMw==
cf-cache-status: HIT
etag: "77d5e1d8f57d0a9771f052207de66a33"
age: 37178
x-content-type-options: nosniff
x-goog-meta-height: 600
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-type: image/gif
content-disposition: inline; filename*=utf-8''freeze_demo_hacktricks.gif
last-modified: Sun, 11 Dec 2022 21:26:01 GMT
x-guploader-uploadid: AFiumC4Er5KP_YGEaezo6nyAcJY7RkanUwAKDe8D0VxfvsroFuIkTTdoJVawvBPkpmEzxBgmY_A
priority: u=3,i
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
x-goog-generation: 1670793961686376
content-length: 690217
x-powered-by: GitBook
server: cloudflare
x-goog-metageneration: 1
cf-bgj: imgq:100,h2pri
x-goog-stored-content-encoding: identity
expires: Tue, 26 Nov 2024 14:37:01 GMT
cf-polished: origSize=818949, status=cannot_optimize
x-goog-stored-content-length: 818949
date: Fri, 06 Dec 2024 08:21:05 GMT
vary: Accept-Encoding
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.987;
x-goog-storage-class: STANDARD
x-goog-meta-firebasestoragedownloadtokens: 14182ec0-ed87-4541-ad23-3f71d7f821f3
x-goog-meta-width: 1920
cf-ray: 8edadc43a918f5ef-AMS
access-control-allow-origin: *

Redirect headers

x-gitbook-cache: skip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://129538173-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FogNqFSNmZ066yHq7hgvQ%2Ffreeze_demo_hacktricks.gif?alt=media&token=14182ec0-ed87-4541-ad23-3f71d7f821f3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lWfWnaE4G3d2%2FzOtBJTTuf7WkZ1sheNXZ9hUHPQQtxFxQsUE8oOtc%2BO73NKPHulyQE1p%2F3qdTCbQBW6ctcnOgD32mKFswibQJAzRvCW8jZyevHQgOU%2FQBoHTQC7hIach0W6iKf9xlkgsEEi9oc0L"}],"group":"cf-nel","max_age":604800}
cf-ray: 8edadc479ad866db-AMS
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Fri, 06 Dec 2024 08:21:06 GMT
cf-placement: remote-SJC
vary: Accept-Encoding
server: cloudflare
priority: u=3,i

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 24 KB
25 KB 138ms
137ms Image
image/png 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252Fg0O4mQMWjEeb6TdWT1Cz%252Fimage.png%3Falt%3Dmedia%26token%3Dc0878b83-780b-4488-a39b-e9f51a4f15bb&width=768&dpr=4&quality=100&sign=73788143&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec12eadda8cdc9627f9fcc9b8cca05d754165f881929b778f3ef1657e5ca897c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfjLtzs6UauNTuNzUvd50pV4lGdVzuGkxbo9totcBpDQ:984f46f16a103282066b46fe8363e36d"
age: 155586
cf-bgj: imgq:0,h2pri
cf-resized: internal=ram/h q=0 n=0+87 c=0+0 v=2024.10.6 l=25066 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OQWR2PZoAoTBKAnZ2dNgpDzz6sm4jRU5v7yKohSEmdhZpwv3tImlVc1F99oOkw81A6Chgcsni8Tc6AsxUd%2BzDdkTca15lNtsv11Qlm7weHHB4B7qWt9AYvioaWajGg33MQRE0jbqQGp2VsoIYHxz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "dpr > 3 should never be used", cf-images 299 "original is 167448B smaller"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/png
last-modified: Sun, 11 Dec 2022 19:23:02 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=5,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc479adc66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25066
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 1014 KB
1015 KB 175ms
175ms Image
image/gif 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252Fcg011KP3DzciaxqY0UWE%252Fpackmypayload_demo.gif%3Falt%3Dmedia%26token%3Dbf2601c5-3cd3-4ca4-b2df-5f6c5df4cd88&width=768&dpr=4&quality=100&sign=18c99a39&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fd85634af321096efb353874247868a2338c72707a1cdb41b687c8ac96ecb5e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfpuI84aDzE9WOIQdt-B7LwxoKdVzuGkxbo9totcBpDQ:29e9384e090f37630378f3489c542943"
age: 155585
cf-bgj: imgq:0,h2pri
cf-resized: internal=ok/h q=0 n=35+77 c=0+0 v=2024.10.6 l=1038560 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDIASjBSGPbDsrg%2FrypgrapIVfjO4wYTQ%2BkTPaqQoBsyB4dtjZOGhXLACKJZza3MquDO%2FaWd31CLii2GqeStUvY%2FApg8YKPvF1IYA2RcdYc9sdBZf%2BLYIszomcwtB1sdReJdbErlq7RaGvkV6YlW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "dpr > 3 should never be used", cf-images 299 "animation too large, passing through unchanged"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
content-type: image/gif
last-modified: Sun, 11 Dec 2022 21:26:41 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc479add66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1038560
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 59 KB
60 KB 207ms
206ms Image
image/png 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2F129538173-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-L_2uGJGU7AVNRcqRvEi%252Fuploads%252FW3eVOL29waBKmCNp3cs7%252Fimage.png%3Falt%3Dmedia%26token%3D0c176b92-ad78-4e23-acd7-712a219b6211&width=768&dpr=4&quality=100&sign=96a2b70&sv=2

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e288d2f0e045be5d45b6013622071cc4360c40382628dc0b3041cf2f1cfea79

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfvC_nqrqh40h-AMMF9-qwnSPjdVzuGkxbo9totcBpDQ:de9d46c6388b2ac0dbe1acc73d50d8f2"
age: 155585
cf-bgj: imgq:0,h2pri
cf-resized: internal=ram/h q=0 n=0+188 c=0+0 v=2024.10.6 l=60307 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XfRCDKwjZoVEybPF2q5exGvUkI0Kkigl%2FCT8%2FcCBiAMflVcJJJlQITsqzD4qVD%2F1Rajra4PzFFhysm7HJEm0fOfoBbsvrj5Ph%2F2tLqd0cU7kPqkdeD%2F7TLa9ZJ%2Fm9B%2FENpfY4QnYsdJltQ3vzZez"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "dpr > 3 should never be used", cf-images 299 "original is 219933B smaller"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
content-type: image/png
last-modified: Sun, 11 Dec 2022 19:24:23 GMT
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=5,i
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc479adf66db-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 60307
server: cloudflare

POST
H3 200 av-bypass Show response
book.hacktricks.xyz/windows-hardening/ 897 B
2 KB 718ms
717ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/windows-hardening/av-bypass

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ea7e8aa9bf4351ddc47fb1566f1eab2977e697e6ce8aaaa7a273f8c098e81ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-MWMxMDU4MzAtYmE3My00NTFiLWIyMGUtZGExNWEyMjY1Mjg0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Next-Action: 8fcc83514372ae2e5d2d076f57e4caeb12df4767
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/x-component
Content-Type: text/plain;charset=UTF-8
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: skip
x-action-revalidated: [[],0,0]
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.987,site:site_ysCdm
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EtocURQ9WaGbmYsKxs1LQHNTNnlnoIb%2Bi%2Bo%2BpxxpVOv6dOFUA4xj6GCr3cX5qOY9QVgBQHwuYxPnMbJBp6GQv6e30o37xGXlyoXjHm99mb6ywGaP5dhJowMjHESvTobVZtitgeqOAnWuCruzroyM"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-MWMxMDU4MzAtYmE3My00NTFiLWIyMGUtZGExNWEyMjY1Mjg0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc479ae066db-AMS
server: cloudflare

GET
H3 200 pentesting-network Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 151ms
151ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/pentesting-network?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

889837f12e5dcbd9198382501c3a45f707fe8719b3e16c3ecc669934f7c71a45

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-MDAzNjc2NWYtZDk1Mi00NWNjLTgwZWEtZmYzMzJlOTk2MTBi' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k1ds2RJ%2BrKKkstjvnDZxu%2Fy%2B5FNjM5hdIteSkwS4qwOin4Esd3wJgG5eIuIWaG9bHLukaURA1SQNVjn%2Fjw7EXALkFxgPyi21c0WGvecn%2BnPKGDde9DhnICD4qidS14Bmd%2BsjRGDO1zzzg0m7ioyL"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:20 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: local-AMS
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-MDAzNjc2NWYtZDk1Mi00NWNjLTgwZWEtZmYzMzJlOTk2MTBi' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc479ae566db-AMS
server: cloudflare

GET
H3 200 pentesting-wifi Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 179ms
179ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/pentesting-wifi?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7460db3be9028d3324a7cbf0c6064ba017a505236ccd0d8bc01ba1dc7f483858

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-MGIzMTU3YWEtZjUyOS00OGQwLWIxNTgtMDUxNDEzYmRmODI4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xaMENpSJ6lITyeH9k9EEd1bjFcbTSBzFG8otnq3G7dhNmRTMIRmGfm44k%2BugwHZ4v27im4EdaxoTaVtGzpJWSfKzYJeHZCaqqsQ%2BDJAXmPizfr2%2B6AyVjopsEMfJoURhC1HwcqwWQ0lLFe%2F1ReIw"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:17 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-MGIzMTU3YWEtZjUyOS00OGQwLWIxNTgtMDUxNDEzYmRmODI4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc479ae666db-AMS
server: cloudflare

GET
H3 200 phishing-methodology Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 144ms
144ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/phishing-methodology?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b550a5d99a6956b35ba107f91ef686935e13669df1ba59b880cc462346fa34

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-N2I4NWYwZjYtMmQzOC00M2IwLTgzNDAtN2IxMWE2YzBkZTgw' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C5krFlQKk8OB0CZ1GQUCiUsKOg%2BGbVY0WnodD7l1%2F0xiCEBaBlh9UFrBjpU11A7f6b4a%2BxVtgRzT52cqPl6ynoTV%2B0%2B%2FQen1luGkP7iwRFCRFuuvzPuHtu2jGwT5DL6Ee62lYvJF0l8drXuTLz%2F4"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:17 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-N2I4NWYwZjYtMmQzOC00M2IwLTgzNDAtN2IxMWE2YzBkZTgw' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc479ae966db-AMS
server: cloudflare

GET
H3 200 basic-forensic-methodology Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 133ms
133ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/basic-forensic-methodology?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c05420d185aa8ae4447d406de1499907a8f06e842e27096cad4abf01a1b72a20

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-Y2MxYzkzNDItNGIwMS00OGZmLThiNmQtZWNlZDA2ZmJiNTZk' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCNLlYYh%2FRIsbuW74HDWYaBvNzRVahNAalhC3%2B6wmA9Z5RavuMRH%2B1MIcpQUX%2FbyVdCjOkv%2FvfAFKCTwaBQTqVj%2F6UO2iC4t49oiYuc8PQKp%2FKvbXFvLZhZfZdF4xhgz7Vavn8f0LprLVQGFP5Mw"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:17 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-Y2MxYzkzNDItNGIwMS00OGZmLThiNmQtZWNlZDA2ZmJiNTZk' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc479aea66db-AMS
server: cloudflare

GET
H3 200 brute-force Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 148ms
147ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/brute-force?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7466a78dbed3f23e3e077222a760bef941d21c0cd3758d033de04f1c9704be88

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NjU1MDRlMmQtMjg2NC00ZGNmLTg2YzAtNjk1ZjFlOTY5Zjdi' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJUpgp%2BXwx9kqgUqysRFDKkqMyxeDSrIjYHyjJSDwWffU1F764ltXD59BOHWL1zwzRXqsq9lJjAzhP377sP7kvueCyvTq%2Biz5s%2BhcnnVxHWBTNESUWkB4yJY6Unx1S5j2QFAHxACm8crQbhVg4vI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:05 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:17 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NjU1MDRlMmQtMjg2NC00ZGNmLTg2YzAtNjk1ZjFlOTY5Zjdi' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc479aef66db-AMS
server: cloudflare

GET
H3 200 python Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 66ms
66ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/python?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b68bffdbbe1e58d9581c53c4c31de8ce9d6e2d839b7fc11881d9e8558a96efc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-MWM2MTg2NTEtMzJjYi00OTk0LWIxMDktNDc0NDliZGEzZTQ3' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJ4SN9g9BaqtfhEXPDzwJbv1VPbDYzPh66%2Fop6ZzUXg%2BrKsQ38xFa%2BwiZfoxy5DOyeAdfNUaCb6xDiR08fMEX%2F8HWjgvnzzvWvfNuDpv32bXc4RSv70CJR3z9dXsGprlF0x%2FSaDg989su8gB7TbS"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:17 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-MWM2MTg2NTEtMzJjYi00OTk0LWIxMDktNDc0NDliZGEzZTQ3' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc485b9566db-AMS
server: cloudflare

POST
H3 204 track_view
api.gitbook.com/v1/orgs/Iwnw24TnSs9D9I2OtTKX/sites/site_ysCdm/insights/ 0
0 185ms
184ms Fetch
text/html 172.64.146.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gitbook.com/v1/orgs/Iwnw24TnSs9D9I2OtTKX/sites/site_ysCdm/insights/track_view

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/app/(site)/(content)/%5B%5B...pathname%5D%5D/page-bb35daef9f1179e4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.146.167 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

access-control-expose-headers: location,x-gitbook-execution-id,x-gitbook-mutations,x-gitbook-subscription-channels,x-gitbook-subscription-urls
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 06 Dec 2024 08:21:06 GMT
content-type: text/html
vary: Accept-Encoding
x-cloud-trace-context: 19411151eeb141ccc4ed33d211d38853
x-frame-options: DENY
strict-transport-security: max-age=3600
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc48bed3f5cb-AMS
access-control-allow-origin: *
x-gitbook-execution-id: d8365aabcf9841c0
x-powered-by: GitBook
server: cloudflare

OPTIONS
H3 204 track_view
api.gitbook.com/v1/orgs/Iwnw24TnSs9D9I2OtTKX/sites/site_ysCdm/insights/ Frame 0
0 60ms
40ms Preflight 172.64.146.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gitbook.com/v1/orgs/Iwnw24TnSs9D9I2OtTKX/sites/site_ysCdm/insights/track_view

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.146.167 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://book.hacktricks.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-castle-request-token,if-unmodified-since,x-gitbook-trace-id,x-gitbook-span-id,x-gitbook-criticality
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-expose-headers: location,x-gitbook-execution-id,x-gitbook-mutations,x-gitbook-subscription-channels,x-gitbook-subscription-urls
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-ray: 8edadc487e51f5cb-AMS
date: Fri, 06 Dec 2024 08:21:06 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=3600
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: GitBook

GET
H3 200 exfiltration Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 59ms
59ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/exfiltration?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e447d9655e2799586f3c8d9a0add612f83f5d60588ed56d6a96fe36a37bbf40e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NTU3NGQ5NWItN2Y3Mi00NDVhLWFmZjYtNWIzZDcwMjY1OGU2' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PkAE3ODqjjIggr3878ZDEjh90BvN4BCh2AbeSL5yREhYtEMkbxMmeDgY4EGxi5dAnlN7IjDJtHwKnvYRd36af2TBSzMheqP2obQeOUIKyXZBS0bfZrbFKXt8khz9f9YAF9QbX44kFZGwfEW1HLVm"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:17 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NTU3NGQ5NWItN2Y3Mi00NDVhLWFmZjYtNWIzZDcwMjY1OGU2' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc485ba466db-AMS
server: cloudflare

GET
H3 200 tunneling-and-port-forwarding Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 52ms
52ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/tunneling-and-port-forwarding?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ba96c861932efc114634bcb1c964628f19c444780ea0ef4a1e1450e276d34df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-YzQ3MmRmNmQtZTUxNi00MTNiLTgyOWUtNzRjNTg0YTBiMmQ4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yT5lhxEmRZ4z46EBcLiFdFhOpBoW%2FiC0PPC4lWAjfR2%2BbLN0l%2Fik2wK%2BkYwTk7qeDwSpBnLNwqp2254KkLGCOvcDSyd9SgqQ73nlnNeO%2BnR18BRsiYMUC3UxjaD4un8h8fDRNArje3JB6los4X60"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:18 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-YzQ3MmRmNmQtZTUxNi00MTNiLTgyOWUtNzRjNTg0YTBiMmQ4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc486bad66db-AMS
server: cloudflare

GET
H3 200 threat-modeling Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 53ms
53ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/threat-modeling?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7db5fb8313e34b49e80138ade8e83e5b68ce0b48eb623f0564ccf657f23c432e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-OGRhNmQ2NDktYmZmZi00ZGRiLWFiNjktMmVjZmE3MTgxMmUz' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ERn5JMwkPoIjGMKWWXYiToNW7OiZ0LC8GOHywEl7%2BlNGoJnr4gQbUJ5dWKe58EwFU4nNPrP3pZIk5656dxcrGtW8X67dJV%2B%2FsmdFW6QS2DzqMyDPILl7dS3MZsOfHP66ESXqDE302Di5GXWtYyfJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:18 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-OGRhNmQ2NDktYmZmZi00ZGRiLWFiNjktMmVjZmE3MTgxMmUz' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc486bb266db-AMS
server: cloudflare

GET
H3 200 search-exploits Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 46ms
46ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/search-exploits?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec02e991d4ad7462e67fa5b905eec449119330f7021c0b062733050725d8f9c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NWVjODBiYTItYTY3ZS00Yzk2LWFjMjgtMTY3OTcxMTJmYzIz' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=16Axd4FFuKbKJj%2Bjs1Q4aH9%2FyKEtXnIUHcVLMYujn8Vv%2FOd9o1NEpipibSFvRlDRVZ%2FBp%2BEHyunVHN1qAPPSK8oEoxt6WgkTzVmTwlpMAOIeS8KH1Rqgc9g6tVX4FCGNWR3r3pm6QKFMqsugNY5F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:18 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NWVjODBiYTItYTY3ZS00Yzk2LWFjMjgtMTY3OTcxMTJmYzIz' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc489be966db-AMS
server: cloudflare

GET
H3 200 reverse-shells Show response
book.hacktricks.xyz/generic-methodologies-and-resources/ 5 KB
3 KB 53ms
53ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/generic-methodologies-and-resources/reverse-shells?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b4fd140e46275980eba9833d549a6bfe6200b34fe9125c333aa94147f4c42a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-OWJmZWJmZDAtODViNi00ZGUzLWEzNDUtMjQzN2QxNjQ4Mzg4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wrtTK40QYgztE4SPrnzdqu8PxDxgb65%2FUZRxHUblylSYReNKh2W7sHl9zYV8U4k1NW8l7dfxisr%2Bie%2FiyQb2QDkRwpfXpvuKp6VwiUS2prdSqS8tI3C%2FJIEpwiwcrtrgRLKale2XqvjZzocOj8I4"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:18 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-OWJmZWJmZDAtODViNi00ZGUzLWEzNDUtMjQzN2QxNjQ4Mzg4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc48bc0a66db-AMS
server: cloudflare

GET
H3 200 linux-privilege-escalation-checklist Show response
book.hacktricks.xyz/linux-hardening/ 5 KB
3 KB 66ms
65ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/linux-hardening/linux-privilege-escalation-checklist?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

692d37fc6d63f7da63122fff44e845a353c23b1f3dfcce901f02ba2ecb504b67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-ZDQ5NTYzOWEtOTI4Mi00YTQ4LWEyODYtOTcwMzNiNjAxNGY4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZCjW0jav%2Bxd2karlP%2Bjf5rfYwP2dGd540zX8AaNIKSclUKhjXtlF7lqRD%2BgnsuEYuexlrS4Dqw5XHWg5j2QfTDiXWK3XfF4folHHdw2aKH%2BpakeX7eojDLdiaWz2SI3huXDy0tqn%2BOL8B0lZU25"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:18 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-ZDQ5NTYzOWEtOTI4Mi00YTQ4LWEyODYtOTcwMzNiNjAxNGY4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc48bc0d66db-AMS
server: cloudflare

GET
H3 200 privilege-escalation Show response
book.hacktricks.xyz/linux-hardening/ 5 KB
3 KB 57ms
57ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/linux-hardening/privilege-escalation?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20715e74e92640dd148523f4afa0f0a36b5455c00a78ef1afba9c06f7abf3551

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-ZjY2ZTBjYjQtZGEyNi00MWI3LTgyYWQtOWFiNjVhNjFhM2Vm' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Afkchmew3koUZ9SzrSBwf6PtRia0Niha8sXJ%2Fy1jFe6kB67o2%2FjdREyrpF5IlThenRhBU6HR6%2F8jehf6m2K7vsNKi2kEJhRUDdhZbok%2FBOFEyfS%2B4NbO%2FcIOjjbndC9uIC%2BSN1MVCZ75ydTvHR97"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:18 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-ZjY2ZTBjYjQtZGEyNi00MWI3LTgyYWQtOWFiNjVhNjFhM2Vm' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc48bc0e66db-AMS
server: cloudflare

GET
H3 200 useful-linux-commands Show response
book.hacktricks.xyz/linux-hardening/ 5 KB
3 KB 50ms
50ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/linux-hardening/useful-linux-commands?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a93a95257aafc93d6bc2ce9e2643613efb22287b09d9a4fb48d12bfd6c9a7f78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-MWQ5NjQ1NGMtNWM4Ni00N2I3LWIzZjktOTA5OTg5MGJiM2U2' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2DpGmyWn2EP06WMfLV%2BOVX05uYjfXyvkkecuPxw5sPLSTgS2r26R4Fl0dmywCXjqbvsJxa1x3kvTKDgOhAJyXXXM2a85Z6HL%2BHUnIYWIBVFQc%2B6zOZJD0wNO1PSfYrgIBPUtzznVwTW%2BWNoC7xFn"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:18 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-MWQ5NjQ1NGMtNWM4Ni00N2I3LWIzZjktOTA5OTg5MGJiM2U2' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc48cc0f66db-AMS
server: cloudflare

GET
H3 200 bypass-bash-restrictions Show response
book.hacktricks.xyz/linux-hardening/ 5 KB
3 KB 50ms
50ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/linux-hardening/bypass-bash-restrictions?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e89790c3abe186bd8567aa1d8501f1a07f443454729947d28526cb6aaa1ab7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NTcwMmY3OWUtYTg4Ny00NDFhLTk2MjMtYTJkM2M1OGJkN2Yx' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSnAdh7lWy3HYdrq8Ui3r7oz5vAbFwaR8a%2Ftd%2Fk2gTHCJ1VCwVaMwPmO3HbbZy1T0AWui73SuUMeGVLMhWsBWCQnp7IugFPBz9Ugf%2FmBzINPvWX8uFfxltT%2FZvDLD5DPisGkpdhFzDd0fTVSD3IA"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:18 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NTcwMmY3OWUtYTg4Ny00NDFhLTk2MjMtYTJkM2M1OGJkN2Yx' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc48ec5666db-AMS
server: cloudflare

GET
H3 200 linux-environment-variables Show response
book.hacktricks.xyz/linux-hardening/ 5 KB
3 KB 67ms
67ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/linux-hardening/linux-environment-variables?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

603ed5f8a7e566e3af01cdd5010dd5c7e55301f390ee5c738c1a3618716a6274

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NTRmYTMwN2QtZDM5OC00MjBkLWI2NTAtNGMxYjNkZWIyYzc0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jAw75Hgt8VnmrwfViPyuI5j3CJJuVdYXvONR7c5tBHBqzi%2Fqsw6TS6UAw0Tak12v0%2FWK13snnv%2FtpuFMMzsaO87gr19XnBfzLMuzFIVs96VecMgarda0%2FkTL6EiF%2FWn35GmTxbPDanxyK7iUq21h"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:19 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NTRmYTMwN2QtZDM5OC00MjBkLWI2NTAtNGMxYjNkZWIyYzc0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc491c8c66db-AMS
server: cloudflare

GET
H3 200 linux-post-exploitation Show response
book.hacktricks.xyz/linux-hardening/ 5 KB
3 KB 48ms
48ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/linux-hardening/linux-post-exploitation?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d268957172dae19a9d1a09ace4588135bc9e0b0104464910613b5a9714a41498

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NTEzODBhMjQtYzRlMC00MmRlLTllNjEtNWM2ZmUzMTc3ZDQ3' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhlifoBQB%2Fw9J4sFLP0tuKDqgsc2pp7o3iOudThUzCF%2Bh5decexFTvz6VvxgYPmkqtkrPqrzopcgRPepwxXTe0932wWm39Xo2o6Z%2FlibCVS%2FGVOzxKbhXKNZG%2BMqvTM%2F1noeVp8JJpTg1t0JBbau"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:19 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NTEzODBhMjQtYzRlMC00MmRlLTllNjEtNWM2ZmUzMTc3ZDQ3' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc491c8f66db-AMS
server: cloudflare

GET
H3 200 freeipa-pentesting Show response
book.hacktricks.xyz/linux-hardening/ 5 KB
3 KB 46ms
46ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/linux-hardening/freeipa-pentesting?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cee5363aac568e34acfcf4cb4f41d958f05ee6cb9db3278037321d04a2ec2fff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NTczZjEzYjItNjg5ZC00YmJmLTk4YmQtZTA1NzY4ODRiZmFk' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqjdWrdTJ2tI5unhWEbTqI8uRMhVUcyq0lFr%2BFoBhxQChAvNzV3Hu8NAYxn6%2BNFQjMoxm9aIqQc7guio2aF4tJ7B93UlzEn3P%2BQszisxpWegCnwOKf3ctFYChE%2FjuHQAXGTI9oo%2BZSbbi8CI4Fkb"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:19 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NTczZjEzYjItNjg5ZC00YmJmLTk4YmQtZTA1NzY4ODRiZmFk' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc491c9866db-AMS
server: cloudflare

GET
H3 200 macos-security-and-privilege-escalation Show response
book.hacktricks.xyz/macos-hardening/ 5 KB
3 KB 75ms
74ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/macos-hardening/macos-security-and-privilege-escalation?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

089ffd01b4853d6163327b197cc641b21b3d440b0a415320e250b1a5580b85d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-YTE4NTNkNzMtMTRhMy00YWNjLTkyNGEtMjRkZjhlMTZkYzRh' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C5gq798m%2B%2BQcVfehTwpnal1exq7y%2FoOX1WBFxvVfGt%2BJuPIpLPpg%2FUfqnNEo8LOXsV5bIP6%2F11BfjYLoduKPHHB2p0Hzi8pJuIccFyGRrbrOoKoWoV538fVXFxQcLQLqh%2BTx3%2FLRy6mAG6Wt8TAq"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:19 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-YTE4NTNkNzMtMTRhMy00YWNjLTkyNGEtMjRkZjhlMTZkYzRh' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc492ca666db-AMS
server: cloudflare

GET
H3 200 macos-red-teaming Show response
book.hacktricks.xyz/macos-hardening/ 5 KB
3 KB 59ms
59ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/macos-hardening/macos-red-teaming?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da5ab61a0e6318087889c532c395774fa2fdf60f975221360ee3b4772634758e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-MTdlNzI1YjctOWM1Yi00NDYzLWI1MzUtMTA4NzllYzc4ODgx' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FKDGcpr%2FN6v9eLz%2BisHi46rCVEpFsQupjxmRnT1ZUDu9Y7RrBnLbSA1vpaNJK%2FylznXfXw7lp8jvhkRs7FZtz01UVPsJqcCS%2Fu6EjAsagfmUu9t8qH8sO1FNDnUTWMu3Q0n3%2BRvBIkYQ70t2Dy5"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:19 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-MTdlNzI1YjctOWM1Yi00NDYzLWI1MzUtMTA4NzllYzc4ODgx' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc493cb266db-AMS
server: cloudflare

GET
H3 200 macos-useful-commands Show response
book.hacktricks.xyz/macos-hardening/ 5 KB
3 KB 65ms
65ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/macos-hardening/macos-useful-commands?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4f261aeaf25e0dffc760ecd5e213c320d92379b876c03fb2b192025831e4121

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-MjZiYTcyODMtYTYzYi00ODNlLWE0NDktNGFjMmQ0NDEwZjMx' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5a6%2FPnsj2L%2B65i1LVuZYJXX446Npyqjz2tO70%2F9SLYmut5%2BWTbFeFDaKvK9lqBJxx9gASKnNc4wSK3m6lN3QxrI2Hx9%2Fi1yPU26iCWZtAbZXwLtPBIuVSApqsU29%2FLiRWS%2F58e%2B1b97ip49UGwss"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:19 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-MjZiYTcyODMtYTYzYi00ODNlLWE0NDktNGFjMmQ0NDEwZjMx' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc496d2b66db-AMS
server: cloudflare

GET
H3 200 ntlm Show response
book.hacktricks.xyz/windows-hardening/ 5 KB
3 KB 65ms
64ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/windows-hardening/ntlm?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fac5c926867d3862fdb65d15c5a13fb8384e19b5f63b071028f1d5ae2583c7ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-YWIzNThiMjEtMTI3My00ZTU0LTg0MzctY2Q2MjAyYzBkNzk2' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 406
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRy71XhV56V33PCzR%2BmP2lBeGgmrQFJ3i5%2BToJYm9KuZwAmOKyuEFWVWUymVARoJbJb%2BiCdmiuCmMX6N7giUkKh85OtK88pwoQyLh9n%2FgwVK1ll%2BmKavf98TT9v2vhuLNqgByIewEAizgDbZYin1"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:20 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-YWIzNThiMjEtMTI3My00ZTU0LTg0MzctY2Q2MjAyYzBkNzk2' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc496d3666db-AMS
server: cloudflare

GET
H3 200 lateral-movement Show response
book.hacktricks.xyz/windows-hardening/ 5 KB
3 KB 48ms
48ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/windows-hardening/lateral-movement?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baecf51bcc345638f89f956ca5d3cfd64ada9ae69f9a9313aae81c76680ed4fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NjQ2MDZiMzYtOGI2Ny00OTZjLTg3ZTktMTcyMzI4MWYxMTg5' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 48486
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hdHjueJcqucnVUb%2FhTOSyTc7pdTkkV9ucBBU8RKKIyVksGMdlP3gZJI5%2Bz0uc9PmMaYHnnnscfILBB8oCLYABKJ2vCN%2B8V4SWxOiRvh5xovNrGrJnR%2BOOJsB%2FAdV85MtLW1yjiAn%2FmbOCE2eKPlz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 18:53:00 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NjQ2MDZiMzYtOGI2Ny00OTZjLTg3ZTktMTcyMzI4MWYxMTg5' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc498d5966db-AMS
server: cloudflare

GET
H3 200 stealing-credentials Show response
book.hacktricks.xyz/windows-hardening/ 5 KB
3 KB 47ms
47ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/windows-hardening/stealing-credentials?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83fd8cbba95893eb234808d36c7306d75cff973cfe2a79aef2a4928c83ec8e59

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-YjVlM2YyZDgtYjg4ZC00M2Q5LTg2M2QtZWJlODU3NTFhN2U3' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 48485
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSA61TPlJ8X%2BCkolM06Q%2BdgpX3bcUWWPR%2BNIgkxVCjXU2RMJrekju%2B1qKe2%2BYMrma0nQcyC%2FgcCEAA2HFpDgdjqBA6UqwltsqgTai1ouXz2BDHefr%2BUzLXWNihK9QsHY0aG%2F1rOxuEsbjcGeTNI%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 18:53:01 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-YjVlM2YyZDgtYjg4ZC00M2Q5LTg2M2QtZWJlODU3NTFhN2U3' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc499d6a66db-AMS
server: cloudflare

GET
H3 200 basic-cmd-for-pentesters Show response
book.hacktricks.xyz/windows-hardening/ 5 KB
3 KB 59ms
58ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/windows-hardening/basic-cmd-for-pentesters?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df06b83215eadb46e642966aaafaf2ec26ee899aa3aacf56aceeaefca5492b6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NTRhMjVhNTEtODQzZC00MzFlLTk4MTQtOWMyMTUxNzVmNWEw' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 48486
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fi5%2BHB4wPasljZIQWUaYBPfL4DqkDJtaybvutDiKDfcHEF5Sg8w7uPoUe7d%2FJ76gh%2BXGhEgoa47wLooVfAw92DeE2Y%2FOYGYeoEtOcfDKP38fZ4Zw8DxaVsH6Hfu9jUX1%2FYuqUTkNbHR%2FaWA22E1b"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 18:53:00 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NTRhMjVhNTEtODQzZC00MzFlLTk4MTQtOWMyMTUxNzVmNWEw' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc49ad7566db-AMS
server: cloudflare

GET
H3 200 basic-powershell-for-pentesters Show response
book.hacktricks.xyz/windows-hardening/ 5 KB
3 KB 82ms
82ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/windows-hardening/basic-powershell-for-pentesters?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0361d21e76d2e91567b169dfceff8e0b9974b99178c93fb7de9f7a91b16ea4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-YWY1YjFmYWEtMTk2Yi00ZTcxLWFhNDQtYjI0NzYxN2M2MmUy' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 48486
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yl4f1Txxav9cNyzDwMn6FGBZU2VnBhzgnTGE5BUPx9zzGpANr5hp6O%2FSjfkC4XR2ywHwIc4qnLOezM9luhcqtJ4XK5doDRkHu9QzbNpzgtLKqxaRrcNVIKDzNN9UFn39UkniXHGBsjavwaJVIgzX"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 18:53:00 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-YWY1YjFmYWEtMTk2Yi00ZTcxLWFhNDQtYjI0NzYxN2M2MmUy' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc49dd9666db-AMS
server: cloudflare

GET
H3 200 android-checklist Show response
book.hacktricks.xyz/mobile-pentesting/ 5 KB
3 KB 46ms
45ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/mobile-pentesting/android-checklist?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f113faca41d5691e231ee04f34d53fb11d8d89c91ea6a336b41eb21d2c7c43

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NWRjMjg4NzktYjNjZC00ZjcxLTg0NjEtMzFkNTRhZmE3NGEz' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 48485
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pclkaeFL1B3jNhwoosH7gFC542sGBk%2Bc8QwQltQlXGVT6Ii8W3izF9yFhZ6qHpfu%2FlwvD5YNAVIRBPrg%2ByOXkynBmByyBZjLzlnyJBdPMiZRDKrQ39%2BBLlEfb0SXHQRaN6Y%2BFLSl95xcIft3hjas"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 18:53:01 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NWRjMjg4NzktYjNjZC00ZjcxLTg0NjEtMzFkNTRhZmE3NGEz' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc49dd9866db-AMS
server: cloudflare

GET
H3 200 android-app-pentesting Show response
book.hacktricks.xyz/mobile-pentesting/ 5 KB
3 KB 67ms
67ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/mobile-pentesting/android-app-pentesting?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bca7736b1f4e9b4d26394525b9e5144dabc8be1de3effd0e91e2c0b53f7e874

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-OTRlMjRmYWQtOGIwMS00MjM4LThlZmQtMmQwY2ZjMjFhNTVi' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 3644
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bNzOBS%2BvWTS3EqfBKLq%2Bm7n60PHXUyCtzyKzJLeWevfv4YonG9l4hfSyQmzlJH5NWUoti%2BLSOoTIW%2BxAHqIH%2BMnkeVwjMLFsCqpH1q8C4x3R%2F4iW3F9AgS7t%2BfXVYtXEd7f3sKJmdDSlLzL4G8ZP"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 07:20:22 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-OTRlMjRmYWQtOGIwMS00MjM4LThlZmQtMmQwY2ZjMjFhNTVi' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc49dd9a66db-AMS
server: cloudflare

GET
H3 200 ios-pentesting-checklist Show response
book.hacktricks.xyz/mobile-pentesting/ 5 KB
3 KB 42ms
42ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/mobile-pentesting/ios-pentesting-checklist?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32db2e9512d58c60881df7750d5d704f3f8e372d9ea9ef65defb50d1ee5afae1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-OTIxNjAyMDktM2IzNy00NjdiLThkZjItZmQxMjI0ZDY3MTFi' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 48485
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2BuUH4JeY25AKGv2IayhSf%2FUEP9aVxnIkjeU%2BDiNQ0zGqQYShj%2BcRFeF5G2yVYfjz5CM6wUnvwHVy6zKDI0Ou1ntpkxUqa9O4itHFIGEnhSEHSTEFshjX%2BDpRZ%2B6vebGHn3kckfEdIezPeoRwnk3"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 18:53:01 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-OTIxNjAyMDktM2IzNy00NjdiLThkZjItZmQxMjI0ZDY3MTFi' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc49eda966db-AMS
server: cloudflare

GET
H3 200 ios-pentesting Show response
book.hacktricks.xyz/mobile-pentesting/ 5 KB
3 KB 44ms
44ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/mobile-pentesting/ios-pentesting?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9693ad8263536c42e0394d906e1d78934a28033e88fefb2a517dcda41228a5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-YWI1MzU5OTktMGQzNi00YTA3LTg1YmMtMjg3NzcxZDVmOTI1' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 48485
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VC7av8IDO4%2Bb1dFR3dZgqrZV%2FEBA%2BNdPOZzioaKwZPm1IO0RwQqhG5VqBdpel%2FKm7m6KDOmCIs3zRZKfN9DpoLAg7mMOuCYlj%2FdHE%2Fg9LAL80DDB%2BkeQMUOlioPqBTroTguNGWOlqy4Gi8NhoCIh"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 18:53:01 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-YWI1MzU5OTktMGQzNi00YTA3LTg1YmMtMjg3NzcxZDVmOTI1' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4a0dbf66db-AMS
server: cloudflare

GET
H3 200 cordova-apps Show response
book.hacktricks.xyz/mobile-pentesting/ 5 KB
3 KB 48ms
48ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/mobile-pentesting/cordova-apps?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a687acfb6b6ec7eddd0c55e11cc6630f1508d882acdc036bb1fedb6f6e6a12b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-ZGQ1YjNmNTAtMjYxMC00MTJjLWI2MDEtMjkyNzY2MjAzNTYx' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 48485
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Fu1W3ZqCC%2Fvsu5dIEH%2FF4xa7l0uKkuUfPWGGWJoLhBOKQlaviUKslS2E0%2B58VZRP%2FzB4m13D4QXvmpy1ngSvDcf86xIFvQpX402cavdzgJfmMXosSCii5WqCIMeLtUa2ecE59v%2ByaXRCg%2FIIr7p"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 18:53:01 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-ZGQ1YjNmNTAtMjYxMC00MTJjLWI2MDEtMjkyNzY2MjAzNTYx' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4a1dd466db-AMS
server: cloudflare

GET
H3 200 xamarin-apps Show response
book.hacktricks.xyz/mobile-pentesting/ 5 KB
3 KB 54ms
54ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/mobile-pentesting/xamarin-apps?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7027d2a7b3a9549393075f1a53753d87f72683b51092e2779c7f08a11e8c940

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-OWRiNjA1MjUtMWZmMS00M2ZkLTkxOTUtMGU4MmZiMmI4Mjll' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 48484
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUhnhgX6npie1GmIoU6LifVannjPWvCen5%2F%2Bk6EUbJOvHUWXRh4H4yUXp4CcAyX%2Bz6fNLF0CvYcGdEZqUQZ21uQRndf7WlI58NE8xaEJraI2wZiZzmoJaxLM4nJDP0kSrMAlYbNn5%2Bcdj669nUzu"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 18:53:02 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-OWRiNjA1MjUtMWZmMS00M2ZkLTkxOTUtMGU4MmZiMmI4Mjll' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4a2de966db-AMS
server: cloudflare

GET
H3 200 pentesting-jdwp-java-debug-wire-protocol Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 43ms
43ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/pentesting-jdwp-java-debug-wire-protocol?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71bcac653e958ed461e11237f293ea4055d0977e9e3781620c5e68d5239383f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-ODlkM2I5MDQtNmNhYi00NWE2LWFkYWEtOTAyZWMzNzU4YWZm' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 44309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cCVasvFRsCvyQK1%2FZccj3wP0uzx7z42Owqcd0nxOwwm%2F8ukErza88s9edYLclOE90bXOH12Q%2F8p3ex%2B5jcZ2efghWmJdlYBFq17B2%2BGOYHIthqXLi6VWEcyMI%2Fj1wGuZh%2FaN7bXMiUDpLl6I2yyB"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 20:02:37 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-ODlkM2I5MDQtNmNhYi00NWE2LWFkYWEtOTAyZWMzNzU4YWZm' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4a4dff66db-AMS
server: cloudflare

GET
H3 200 pentesting-sap Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 50ms
49ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/pentesting-sap?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

411e640935cdeeaed8b5659a5be3029facb6a5e2aa1c2a7780899e50e40dac6e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-ZWNiYTgyNWUtZmFjZi00YzVkLTgwNGQtMTI5YmFiMDg2MzI4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 44308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tfrLlo3rMy1rKqQcIoz7kaAsQmP%2BKU%2BfaHKgDrMyCnXIyfIlmILjS%2BdESngfKSn0e7vtnHEHSQhEDBbDokghQS5RUmwiaIc8yghdFklDBLk18om8irstHo%2BDWlHQZVYoeO1LPlIBDA2PzElmnVep"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 20:02:38 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-ZWNiYTgyNWUtZmFjZi00YzVkLTgwNGQtMTI5YmFiMDg2MzI4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4a5e0b66db-AMS
server: cloudflare

GET
H3 200 collections%2FmuMguNrsRx2mNyNqEox4%2Ficon%2F1qCJ0VIDlWcvGSecYCDq%2Ffondo.png
2783428383-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/ 4 KB
5 KB 51ms
51ms Other
image/webp 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2783428383-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/collections%2FmuMguNrsRx2mNyNqEox4%2Ficon%2F1qCJ0VIDlWcvGSecYCDq%2Ffondo.png?alt=media&token=1e721267-450f-43f3-861b-6c4f93278e93

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

e50e23ef344a9a377dcd838d39f2469c519af1f67b2bd98bc3e376d60a643da3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.987;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-goog-hash: crc32c=VcRWXw==, md5=Df3KaftmiCktZOpWXvR1Cg==
cf-cache-status: HIT
etag: "0dfdca69fb6688292d64ea565ef4750a"
age: 698253
x-content-type-options: nosniff
x-goog-meta-height: 302
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-type: image/webp
content-disposition: inline; filename="collections%2FmuMguNrsRx2mNyNqEox4%2Ficon%2F1qCJ0VIDlWcvGSecYCDq%2Ffondo.webp"
last-modified: Tue, 30 May 2023 19:34:17 GMT
x-guploader-uploadid: AFiumC5-BjeavSvnaUsiUZ4X9YuhPmYPfxvINC5omEP5qe9tkK41dB7xzJBrGQ5KFnN-FxJM_is
priority: u=1,i
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
x-goog-generation: 1685475257946198
content-length: 4388
x-powered-by: GitBook
server: cloudflare
x-goog-metageneration: 1
cf-bgj: imgq:100,h2pri
x-goog-stored-content-encoding: identity
expires: Thu, 28 Nov 2024 07:23:33 GMT
cf-polished: origFmt=png, origSize=11048
x-goog-stored-content-length: 11048
date: Fri, 06 Dec 2024 08:21:06 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.987;
x-goog-storage-class: STANDARD
x-goog-meta-firebasestoragedownloadtokens: 1e721267-450f-43f3-861b-6c4f93278e93
x-goog-meta-width: 300
cf-ray: 8edadc4a5badf5ef-AMS
access-control-allow-origin: *

GET
H3 200 pentesting-voip Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 59ms
59ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/pentesting-voip?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

561827433717f7a1f38f221ff17cdb17f6dc9a92c7e0c9adb26c2b06facf519a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NjYyMjAwMTMtOTExMy00NzU4LTg4YTktNTE3ODZmODA2YjRm' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 42283
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkWEBQg0Dp%2FpOKpujEAt8e8MwmjM0JBjFWxbVmhL5B7WWnaj2lQtsemECilaDtboOmb0UucKwmpxqenT2wEDH%2FsCFicmwRXSUjRGnmTId4n9ZXI1DNP8UuLBU82tM%2Baau7mH9BZJ5UXKJpHe8XUY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 20:36:23 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NjYyMjAwMTMtOTExMy00NzU4LTg4YTktNTE3ODZmODA2YjRm' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4a5e0d66db-AMS
server: cloudflare

GET
H3 200 pentesting-remote-gdbserver Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 57ms
57ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/pentesting-remote-gdbserver?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44c156a7a46a38c54a15ddde7a818e193cedc8773ee2d44585a79e6eec769c0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-MmZmZWViYTMtMTNkNS00M2I5LTk3MzUtYWQ2MjBkMTRlMWYy' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 42280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9YlaXW3rx0sDwkLAd2oR%2FICGL72WcsnIqi90Az7x7JeGKKTbtHr5euJs%2BF%2FbV6zqT8TqT1iDAuAmBAl6gJfwwK5U8Q5qDyVBaijxfLRqLukc14SjzCzOm%2BWq1hQg8XiZ%2F67fQeOMmYgwAKm52Ms3"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 20:36:26 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-MmZmZWViYTMtMTNkNS00M2I5LTk3MzUtYWQ2MjBkMTRlMWYy' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4a6e2866db-AMS
server: cloudflare

GET
H3 200 7-tcp-udp-pentesting-echo Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 61ms
61ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/7-tcp-udp-pentesting-echo?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85c93a7a4761d3ef9eb6e9ce388078e14d3707091bf68a6079baff8fb5819693

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-MmY5MmIwNjktYzZmMC00Zjk1LWJkYjUtNjE1NTFjZWEwYmM4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 42280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1cHPJQHFXXGR19CIuVZb7YFMEbWnS6Fay00HOn%2Bg6CtS6o3SNdiyYmPzDu2CPuzSzd8rolItHQc534BmLAQhAqCodwXtkJn%2BrPsNmW2F1CoPklvWoi2LW%2FJcL6WLdQE4Js382eEgMfYsm5%2BVLTv"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 20:36:26 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-MmY5MmIwNjktYzZmMC00Zjk1LWJkYjUtNjE1NTFjZWEwYmM4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4a8e4b66db-AMS
server: cloudflare

GET
H3 200 pentesting-ftp Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 48ms
48ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/pentesting-ftp?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

332bd2f87562c40a6e6e58546567edcc81bdfd27b67a5e49fbe2ef0b9c2271ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-OTk4ZWYxYmItNmIyMy00ZWJjLThlM2ItYzQxYmVkZDM4MjI0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 42280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aQGMWEQxOor%2BKwyGZ0N%2Fh81hHc5YQtgDaG%2F%2B8poTLDx%2BpTE9MfsphKCxW5EcPW0uYb%2F1sySGzKh6Fux7TtvcKlMR7D%2BXWZVmBwBd2MG6rCgLKfZG77OUz9Iz8z%2FD1dw14bCV2aSMj7ZCFyMKhHtd"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 20:36:26 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-OTk4ZWYxYmItNmIyMy00ZWJjLThlM2ItYzQxYmVkZDM4MjI0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4a8e5566db-AMS
server: cloudflare

GET
H3 200 pentesting-ssh Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 46ms
46ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/pentesting-ssh?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4004da2aa580e8470b304b63996e9d88f61df33db46ebaef41716b9aa2fd4d86

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-ZTAzMGFhYjEtYmMxMy00MDg0LWEwNTctYjQyOTk3ZDVmNWU1' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 44308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=do9tZGUYTY1DYKNwAc7lY5gv3cK%2BKNTq5XWcBSfOaX4Jxz%2FEZqY1lnZVX8nv8DH0oVwkZFw1Q2j7HHU7TepQosZccMVyfhehx26vGHbLtXuygaoPyYmxJ8YRb4sgJJH1HbhzsL%2FKPrfo5Gl255j7"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 20:02:38 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-ZTAzMGFhYjEtYmMxMy00MDg0LWEwNTctYjQyOTk3ZDVmNWU1' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4aae6866db-AMS
server: cloudflare

GET
H3 200 pentesting-telnet Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 48ms
48ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/pentesting-telnet?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42fe648d1929690902ee553e429cb0633a9d76773b2f6cab8a7a8be37da3d704

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-OWE0YWQ2ODctMmExMS00ZTRmLWI2OTgtNmE0ZjNlODlmYzkx' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 42280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8jEJuO45NWOhUjnCCN3M7qVv1xj84GDHlN2I%2FDrPFXUyyBPFndezau1YZjg%2FP9B4ba0GS%2BA4LbZD%2F0B87n4R60xVUm7du6rtih0Fbp6HFSlNpsTjP2RArgD89af0e8hwj0DGDFoPRYPEPFioCBfm"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 20:36:26 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-OWE0YWQ2ODctMmExMS00ZTRmLWI2OTgtNmE0ZjNlODlmYzkx' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4abe7966db-AMS
server: cloudflare

GET
H3 200 pentesting-smtp Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 60ms
60ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/pentesting-smtp?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dce9a0b1385b0e644a4d36e14d542dfd63cc12e375126f4ac1a767079952160

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-YzMwMTJiM2ItMGUxYy00YjY1LWI3ZTAtMWM0Y2FmZjhlN2E1' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 44307
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANWxHXG9d0fDselQ1D3G77DFA0fhQrxicLA3p27oONfIvkigMBrp1A6Y9kXo5IENx1crR7uGIYRvnwk9Fc1P8PUZ%2BsBCNjwHi2k151TXVlVZUmJPIEpn4dSJE85JAdrkRQ05SWxCv4FfQWHQUvd3"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 20:02:39 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-YzMwMTJiM2ItMGUxYy00YjY1LWI3ZTAtMWM0Y2FmZjhlN2E1' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4ace8966db-AMS
server: cloudflare

GET
H3 200 43-pentesting-whois Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 50ms
50ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/43-pentesting-whois?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b95770336e7351fddbe909729fe3a08274c0dcd6fb0d6ef7302aeda48594e945

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-NDhmNzU0NzktMzIxYy00YWExLWEyOWItYTRhNmEwN2ZmZDBk' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 44308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgNRzQkUMdaM975ZI7aUOv%2Br88gtTy8%2FAEiUnVGf4eVMJWcQ29%2F399cNzt8r4xMFrl1dWT1t3zAnhe%2F0CxCkj5oqulLvO37Ai5W7oVoI6HXLimk7dNCXUxWmo7pCvL7UMGLCQ4GJBS%2BJ%2FYO2f4IK"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 20:02:38 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-NDhmNzU0NzktMzIxYy00YWExLWEyOWItYTRhNmEwN2ZmZDBk' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4adea066db-AMS
server: cloudflare

GET
H3 200 49-pentesting-tacacs+ Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 42ms
42ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/49-pentesting-tacacs+?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97fd796ef4a560f2d471893e2619841689639839285f66cee40054cfe0711f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-OTM0MTM0MTgtNzUzYy00MzY1LWFmNGQtMjM2ZGU1OWU4ZmQz' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 44308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BwFB8VVc1SMHfyFgXitFJs0igSf74fsZ0jP61LU14%2F2WhxiDIlMuFXPEW9kxCGKThX%2BYlW7B1lJtaVdtqDPkbjYsAonFrYDgOAaODdf9aVKMECBglJ4GCG%2BQpalCI%2FmySo8etSYwUZDuhZWSnoUv"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Thu, 05 Dec 2024 20:02:38 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-OTM0MTM0MTgtNzUzYy00MzY1LWFmNGQtMjM2ZGU1OWU4ZmQz' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4aeea966db-AMS
server: cloudflare

GET
H3 200 pentesting-dns Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 47ms
47ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/pentesting-dns?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2f70a72f322fa8c6f7b8887daa0c608af81f2865b04c973263b9fbdbb8c21a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-Y2Q5ODhkMzUtNDM4Ni00OTMxLTgxZDktZDAyNWE2YzM2Yjhl' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 15146
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPffGQJSp%2BwH9EJDTRFFUPwu5qNYZlaQN0gJ%2BxCniAWwCThtuDxLFxAWNaaCWNSTjznp%2FroSI%2B%2BYWE8ViKkXb455fSDQCyl6s72BpYs8M4mYYMwxkHLRIHPa3wY%2BztnJONyCZSORjUC5sePa7J2b"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 04:08:40 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-Y2Q5ODhkMzUtNDM4Ni00OTMxLTgxZDktZDAyNWE2YzM2Yjhl' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4afeb366db-AMS
server: cloudflare

GET
H3 200 69-udp-tftp Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 43ms
42ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/69-udp-tftp?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

767fd2d28982540439616ff2cd2c3b6490f6c9f38b33c6035fd69529f6d33a77

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-MTMwOTlhZWQtZDZiNy00YTA5LWI2N2EtMjQ2NmIwNmVmYTg0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 15146
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vtQTRioSfNU5A2ZtCDN5SZ1hZYuQm0OB9ZYZvVvL71vxN6jSdTV7WAmF31azhQ5J48%2BcAcruNnHSR1KedFQ3uw9N%2FePSNDgLAIaJ6QNurG%2Fpb9D8jWaaEEMDTGzwNBE4U%2BazFNna6nmj6AslPqAF"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 04:08:40 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-MTMwOTlhZWQtZDZiNy00YTA5LWI2N2EtMjQ2NmIwNmVmYTg0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4b0ec466db-AMS
server: cloudflare

GET
H3 200 pentesting-finger Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 60ms
60ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/pentesting-finger?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f91da05970a88c68932e7b6142bdf5420675c1a3c077f52a5a72cbd11250a4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-MTI0NjRhMzgtMGZiYi00YzdhLTk3ZGQtMWJiYzU0ZWJhNWE0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 15146
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wninc%2BGR9%2FTA7svIOk80oywXOGs%2FVBxHmDXTTobYcR9h2ZrHezbncD%2BBQKNUMdsI0STxRfAc2f9yIagWB%2F5SKZ5wyt%2B6El%2B3ME0AjabAO0k10ccWEqoTTWwCirc2HBLPX8bTVy4F%2BBzxX553%2Fq%2B3"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 04:08:40 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-MTI0NjRhMzgtMGZiYi00YzdhLTk3ZGQtMWJiYzU0ZWJhNWE0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4b2ede66db-AMS
server: cloudflare

GET
H3 200 pentesting-web Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 42ms
42ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/pentesting-web?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a61f4801d218306721b0b9314ebcd7eab57d2ea24dc8c9b56f176bcc4ed7dfe0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-YTkyMmI2YzEtYzNjZC00NGZkLWI5M2QtMWJkMmYzYjVjMTc4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 15146
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o3elBPCvDLjQa%2BVb9cygpaeS3lQ37VRU9JJHqRLcynFfxXjQkvNbcWNQ4a7hoMicQfV5EuZpXMiQbczRsaD2i4mjneMHn%2B5w0Z7z6JABtb6%2FkZKznHXBFybb%2B%2FZ4dzv6f3FY6ZcsshnKXuN8uYdC"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 04:08:40 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-YTkyMmI2YzEtYzNjZC00NGZkLWI5M2QtMWJkMmYzYjVjMTc4' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4b2edf66db-AMS
server: cloudflare

GET
H3 200 pentesting-kerberos-88 Show response
book.hacktricks.xyz/network-services-pentesting/ 5 KB
3 KB 61ms
61ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://book.hacktricks.xyz/network-services-pentesting/pentesting-kerberos-88?_rsc=18wpo

Requested by

Host: book.hacktricks.xyz
URL: https://book.hacktricks.xyz/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d966a88cda9d7f02bcb63f0e76849e1d9da24f940f280bda5020f8301dabc23

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-ZjMyMmI4NjItODI1Ni00Y2JmLTk4OWItMjBjY2QwM2RlYjQ5' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass
Next-Url: /windows-hardening/av-bypass
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22windows-hardening%2Fav-bypass%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22windows-hardening%5C%22%2C%5C%22av-bypass%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fwindows-hardening%2Fav-bypass%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oy0NymHRj27ifZrI1lPQ0PYRKeX1y2QOF8xyEoy8Y1h5p9ZFjhfdm%2BO3O33aMRf8aXf2eIV61ojgFVO08OjailYpKOQ%2F2fQpJOfDAYfmJLvvoWUZxzVJ79%2F0Dd1gMeDfReQKeEJrCWzEijV1N5ud"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 06 Dec 2024 08:14:21 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
priority: u=1,i
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.987,site:site_ysCdm
content-security-policy: default-src 'self'; script-src 'nonce-ZjMyMmI4NjItODI1Ni00Y2JmLTk4OWItMjBjY2QwM2RlYjQ5' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 1005ee5
referrer-policy: no-referrer-when-downgrade
cf-ray: 8edadc4b3ee566db-AMS
server: cloudflare

GET
H3 200 image
book.hacktricks.xyz/~gitbook/ 40 KB
41 KB 49ms
49ms Image
image/jpeg 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.hacktricks.xyz/~gitbook/image?url=https%3A%2F%2Fsrv.buysellads.com%2Fstatic%2F30242%2F75dd292262b51c4fedced0ce4e76293bf16c44b5&width=192&dpr=2&sign=f6b2e4b5&sv=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

805dee46882c3d5a473f5268ec2bb2c77baf4bf0ef85e3de4798c599550fee4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://book.hacktricks.xyz/windows-hardening/av-bypass

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "cfsMEx_tGuMmaxajuD3B95kKFTAHuDk5KNMJm5Hl4NDQ"
age: 259229
cf-bgj: imgq:0,h2pri
cf-resized: internal=ok/h q=0 n=15+700 c=0+0 v=2024.10.6 l=41468 f=false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35S1UtvB4F8o3YfCr9jSWTlMYfOGHLNC2TOfa25LWk89nMNC3rCCKH54UGMnEwTjf5DGF%2FZmzW103SvJqNEBA%2BLHBnJrTjBZ9%2BdbnGrQs7bWcVH6KyO5kK6EgsYYfJVAqmKNfdm0xfj0Hsh6RfE%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
warning: cf-images 299 "original is 44459B smaller"
x-matched-path: /~gitbook/image
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Dec 2024 08:21:06 GMT
content-type: image/jpeg
vary: Accept, Accept-Encoding
cf-placement: remote-SJC
priority: u=5,i
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edadc4c0fc466db-AMS
accept-ranges: bytes
content-length: 41468
server: cloudflare

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 742H1APzCf4
.youtube.com/	1970-01-21 05:50:25	Name: VISITOR_INFO1_LIVE Value: 5kbN5S3QDoM
.youtube.com/	1970-01-21 05:50:25	Name: VISITOR_PRIVACY_METADATA Value: CgJOTBIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgLA%3D%3D
.hacktricks.xyz/	1970-01-21 11:07:13	Name: _ga_45K19GNPSL Value: GS1.1.1733473265.1.0.1733473265.60.0.0
.hacktricks.xyz/	1970-01-21 11:07:13	Name: _ga Value: GA1.1.934558745.1733473265
.gitbook.com/	1970-01-21 11:07:13	Name: __session Value: 93dd2895-f6eb-4e97-b323-2ccf75f080d2R
.vimeo.com/	1970-01-21 01:31:15	Name: __cf_bm Value: 9zqgzpNssExERCEH1ufr1FvZiVo7UDjJ0.W2ilvT5yY-1733473266-1.0.1.1-zE071cIG_77Gby147OcUhYC0B_aVqhjHc7YqT6NkfHrPwdDJPZtP7o1ykshkaFwe
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: VWuhimp2dkkp02rA3AYjAnDS8WZSXg0qzdoDBHQyibA-1733473266032-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'nonce-ODg0Y2Y2NGQtMTg4Yi00NGY0LTk1MDUtNDI3YzhjM2EzYzQ0' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

129538173-files.gitbook.io
2783428383-files.gitbook.io
api.gitbook.com
app.gitbook.com
book.hacktricks.xyz
cdn.iframe.ly
integrations.gitbook.com
ka-p.fontawesome.com
region1.analytics.google.com
static.wixstatic.com
stats.g.doubleclick.net
www.google.nl
www.googletagmanager.com
172.64.146.167
172.64.147.209
2001:4860:4802:34::36
2600:9000:2490:7200:e:e47a:54c0:93a1
2600:9000:2490:ce00:e:e47a:54c0:93a1
2600:9000:2644:ae00:1e:5c56:d400:93a1
2606:4700:4400::ac40:93bc
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:400c:c06::9c
0007dacb56b8759bd82e3b92c7f6bb666a62e03a1311330d4d0b710f62456d69
089ffd01b4853d6163327b197cc641b21b3d440b0a415320e250b1a5580b85d3
0923585726b1c442b4eea4c6d413f96228a31247249e7693aeea3cd08c6411e0
0a687acfb6b6ec7eddd0c55e11cc6630f1508d882acdc036bb1fedb6f6e6a12b
0b24a7e0e2fd1795284365672d0c35049ceeee516476978d8c688aeb3d2fe634
0bd05e627badab4af4271fb8ff949734a47c02d1321c30f30fab3a4d2eacaac5
0c39457c52d0c8e364b6e85f6216840479aafd3840f5e1ec9e3875c114ce095c
0d227ad1e206549bd4ff147c5fe8be3ae6a0a652d233a1dc9b4913c4a59a6e0b
0d7ca962ff3fe3720a3f2f7693b7179b0d9d9d3f39d3cf21e37e89736f7b6d50
0e288d2f0e045be5d45b6013622071cc4360c40382628dc0b3041cf2f1cfea79
1182ef07bf26e7c978fed77a9afe16522fdec0f111df240648494d4075c21fd2
11aec833519062b2fc6b34b0ead7a12010703a1b922750b21e231d3e51c815da
14438a8fb82a9e8288f05ab19d969a6fd09d43a382b942dd84aab9f6e5979189
1ac231778047ec38b569dbc4a92d213ef180172a8870762e2542c4fd6f460c9a
1e0616b099a8212f4784f1e8fc76d8044c829bcd130c0cfe52dbff32078b4476
20715e74e92640dd148523f4afa0f0a36b5455c00a78ef1afba9c06f7abf3551
25f4b78072b864e10fa420f11ec65288ac46fd785f638fb65a71c3ee16451fa9
292339afa6df803ce7fc3215663b3c22e250c3ee07a8ba221a3f250d66f3c729
2b4fd140e46275980eba9833d549a6bfe6200b34fe9125c333aa94147f4c42a8
2b68bffdbbe1e58d9581c53c4c31de8ce9d6e2d839b7fc11881d9e8558a96efc
2bc2db27d52e7088902d87d48f5cb22e7eb3ad3479c14712c53687994283b923
2d561cf7653209af40270c123455e36d3ff8d41dbec150e10e01f11b61efba02
2d5791c65ca557a203bb77914aeec06c626b01c97890a0e37f5a2fc788708a4a
2d966a88cda9d7f02bcb63f0e76849e1d9da24f940f280bda5020f8301dabc23
32db2e9512d58c60881df7750d5d704f3f8e372d9ea9ef65defb50d1ee5afae1
33274ab10484f765d37aa20e0b2351b078da4e1d4b20c03955b21f2224ed1598
332bd2f87562c40a6e6e58546567edcc81bdfd27b67a5e49fbe2ef0b9c2271ef
3481cf80a982dbe5a22147066f25bbdb9c4a3d2cf18de55f8256eb46a730a35d
358b232d84389a9e0080047ad102d76c30f57281adefe2f27ea2b61ee487dc72
36c0c98c92da8c3ea588630c4c4b2187a2778ca560210bedda966d10c11ed383
3a452edfbaae7af03314d10ec9f219554840b9f0ee3a1d1199feaaaaeb9e05d9
3e6dafce9cdb0024fcb61013365544ac7e68dd9650f02a6a2c661b303cc980ba
3fd85634af321096efb353874247868a2338c72707a1cdb41b687c8ac96ecb5e
4004da2aa580e8470b304b63996e9d88f61df33db46ebaef41716b9aa2fd4d86
411e640935cdeeaed8b5659a5be3029facb6a5e2aa1c2a7780899e50e40dac6e
41f90d66e405853ca80d4d66f4bd8ea768a4a85b600ca29773c1c499b1e17933
42fe648d1929690902ee553e429cb0633a9d76773b2f6cab8a7a8be37da3d704
44c156a7a46a38c54a15ddde7a818e193cedc8773ee2d44585a79e6eec769c0d
4a7b507f13227fba37ac18b882ec236ffea81357e410089486eb370f145249ba
4bca7736b1f4e9b4d26394525b9e5144dabc8be1de3effd0e91e2c0b53f7e874
4bfb02d2bd4718f78dc3b21ef4481b5ffd6f2208b71ddf83329a0a2707e6aa59
4c780179fdc6281a24a03367341c70e2bd004f4f352299aea60d978ba6845253
4ea7e8aa9bf4351ddc47fb1566f1eab2977e697e6ce8aaaa7a273f8c098e81ac
55d3a1993be29f12cba95dcf42d9715efd32b022afcb9e8a42a24cf87e7f038c
561827433717f7a1f38f221ff17cdb17f6dc9a92c7e0c9adb26c2b06facf519a
5978d7f99b9781c89855ea6d0d1ed9125ebf74b774010f8f6b35c1950340cca9
5ba96c861932efc114634bcb1c964628f19c444780ea0ef4a1e1450e276d34df
603ed5f8a7e566e3af01cdd5010dd5c7e55301f390ee5c738c1a3618716a6274
60e52351d2ec23449fee6951d8379dd60ca9bcff29705f08d2cb8ab4457dc351
62b1730ee8253dc36e7c84049dcaadcb9726e812b0fcac3a2e10076ccf841930
62f113faca41d5691e231ee04f34d53fb11d8d89c91ea6a336b41eb21d2c7c43
64891b51805db7030d5a2a4771cf459bfcbe89d694db4afa641dde6fb43dc9ae
64bc2a00d28ef824b977ed1c523138d821eaa4576447153e02de70aacb071147
692d37fc6d63f7da63122fff44e845a353c23b1f3dfcce901f02ba2ecb504b67
6e69b9bc3fe6c8f32aa595be25c5bbcd9b477f93031111faf20f97363cb13116
6e86e1238beedf433b5bbb8589f06907ef13f4344cc544b7e0dcc76735103f9e
6e89790c3abe186bd8567aa1d8501f1a07f443454729947d28526cb6aaa1ab7d
6e8b19acc79b2357936ef1381c0ea3d34a38c8b73d096da65272b8be1ed41043
6f91da05970a88c68932e7b6142bdf5420675c1a3c077f52a5a72cbd11250a4a
71bcac653e958ed461e11237f293ea4055d0977e9e3781620c5e68d5239383f6
7460db3be9028d3324a7cbf0c6064ba017a505236ccd0d8bc01ba1dc7f483858
7466a78dbed3f23e3e077222a760bef941d21c0cd3758d033de04f1c9704be88
767fd2d28982540439616ff2cd2c3b6490f6c9f38b33c6035fd69529f6d33a77
76f9a4c4a0f0510a1241d047d2896d534124d341b8bff27d9321477b7d8ff258
78743bdfad4163c8559ee4f06d646adf79b77eadace2acdfed42c438aedeaf8f
78a9acd24a1ae7800eb6b46e160a1a5201edc54cc00307f20f5eda70b4218e59
78fc197427bdafab7cf6f4fc940507ffc5fc37a61747ac1a029b2a1951736673
7ab2a0562e22f0c92b3178ff3d9ca99c14646df6947a180f3e655305c7249f2c
7db5fb8313e34b49e80138ade8e83e5b68ce0b48eb623f0564ccf657f23c432e
7dce9a0b1385b0e644a4d36e14d542dfd63cc12e375126f4ac1a767079952160
7fff98ad61d96f71a9f7e209394fc556cc9e7ac67aada9e6289faab4acaa9266
805dee46882c3d5a473f5268ec2bb2c77baf4bf0ef85e3de4798c599550fee4d
83fd8cbba95893eb234808d36c7306d75cff973cfe2a79aef2a4928c83ec8e59
85b550a5d99a6956b35ba107f91ef686935e13669df1ba59b880cc462346fa34
85c93a7a4761d3ef9eb6e9ce388078e14d3707091bf68a6079baff8fb5819693
889837f12e5dcbd9198382501c3a45f707fe8719b3e16c3ecc669934f7c71a45
8d4dd2307427b2c3627961d1c2c8ee40de95df9330be03b0c1bbe1d0c23079bf
97c7c5fb089f6dd442b91e0a25ab029dfd7e993f1021f3ec54e79e95a0326f26
99d67773ac3e03b3959e2b8d18d6e68c4515209b0339bde61820362ae05c2976
a22d9b568818486c76a86eb06afa45f9b6ef5ec53b047f95bee47dfe38ac80a2
a2b5edbdd84e821da7830e59580a2581cfd2e2bfb01a197c3e9f919b7859fc0a
a61f4801d218306721b0b9314ebcd7eab57d2ea24dc8c9b56f176bcc4ed7dfe0
a65540109ec1e413cd9314ca8e3d8828fc8ea866765c189664e4b95f78307cc4
a7e028b16aa55b30bda76da681b1a98df68d46bfb08be440f1a6e8e0bd113993
a93a95257aafc93d6bc2ce9e2643613efb22287b09d9a4fb48d12bfd6c9a7f78
a9ace726a07c376e50d23fda2552280cc6ae95f391b1abc378fd00d38802f74c
aa10632845c92b62da88cdd77d4cc5513dbf810f551bafa6363f56bc2912147c
b053c1a8d1743d15e13597718631b7f7d8eb96c7d283d071fbdb8b37e5e05fa7
b59964a7a83ecf1245ab6335e27b9ae9ad14909d8a5149c5be5783f2ba108d4c
b5c1fa2a8114d0a5856d0c0863f0b4fe58afefe99bba193f6fc238e935675058
b7109859cb84e381156d50c08fe6e7c149925a0c940b9e7b98b77947e8dc8c2e
b7ecb43092c85e10d94eaca25de564ee3e8331bd93f194df338b680df1d2ab84
b95770336e7351fddbe909729fe3a08274c0dcd6fb0d6ef7302aeda48594e945
bac769c6de32173f6e139e86e584f930988552bb802820e3630704ef90531f41
baecf51bcc345638f89f956ca5d3cfd64ada9ae69f9a9313aae81c76680ed4fd
bc3e4f939379c5ca1cfd209b44663ee2b0f6b031eac932351b5b8d70cb91abc8
bf2a6a5f8c28ed6ebddf6fa704ad4f21d95c55a140c124b94dd4bf28b736a654
c05420d185aa8ae4447d406de1499907a8f06e842e27096cad4abf01a1b72a20
c2f70a72f322fa8c6f7b8887daa0c608af81f2865b04c973263b9fbdbb8c21a0
c3f6b54c642d999cce1a7eec61cd152e354f992deefaa208a1d04a064c402456
c47136260041fbb099dcaddd4db334aa18c41b42eadd44233eba8707e71c119b
c63c446f7cec55334ce70922d7cea869633b1f7011872ef52dc506477cf5ab93
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
cc5bbba6615e2892bbdbd13779a429f79e5abc580494a9a721f42d8aa6fab8f0
cee5363aac568e34acfcf4cb4f41d958f05ee6cb9db3278037321d04a2ec2fff
d0361d21e76d2e91567b169dfceff8e0b9974b99178c93fb7de9f7a91b16ea4d
d065db3bd8ef83a4536ae49b3b2a45d9cc835d3c6dca0ba10941bd4cb6d58ae1
d268957172dae19a9d1a09ace4588135bc9e0b0104464910613b5a9714a41498
d647cd376c51e1215768ef42fa04ea319b2526cef5067041fb5b132597d4f563
d9693ad8263536c42e0394d906e1d78934a28033e88fefb2a517dcda41228a5f
d9a14f3404b97c1a63d8bd4e76194b51a6f85bc5c4319ba2631ebe5839f2fcc6
da5ab61a0e6318087889c532c395774fa2fdf60f975221360ee3b4772634758e
dceef739a3784e7d962af1e9fa3eab86ba71473ef68044f395f456ea6b24587c
de0891c70111cc5ef2ed46fa0717afcc4822512b144d042a58f87e77267a9e66
df06b83215eadb46e642966aaafaf2ec26ee899aa3aacf56aceeaefca5492b6d
df1c7756b4ff30be65e0e3caa88ed6e493c968cb051d9ef932384814fb9eac90
e2a968d506fbf01e8f273c31d00d8e17d77dda4d1c9c089baa4a049eb9313b9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e447d9655e2799586f3c8d9a0add612f83f5d60588ed56d6a96fe36a37bbf40e
e4a811ea1b7f2b15e2cfcea0409a3f300e559d3098bd4ff19f82a971e5c74068
e4f261aeaf25e0dffc760ecd5e213c320d92379b876c03fb2b192025831e4121
e50e23ef344a9a377dcd838d39f2469c519af1f67b2bd98bc3e376d60a643da3
e5dcc33a6e850f1e0aa992b52864cd3d800cd709deae3c5feccb5d93973fbc11
e7027d2a7b3a9549393075f1a53753d87f72683b51092e2779c7f08a11e8c940
e71c9e7a39ceb8762c63ded70c32e28964a2fe7d8e88ba85e99cf6b7e7714004
e745a051fade69ed0d6a92fe8f0437d646bafe59a91f3c6654b0c4295c1ed91f
eada73c016775094674c94215fd8248667b11479eeff9c2634e9b903cfb28dc9
ec02e991d4ad7462e67fa5b905eec449119330f7021c0b062733050725d8f9c1
ec12eadda8cdc9627f9fcc9b8cca05d754165f881929b778f3ef1657e5ca897c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5a21135eee7aaea6067c49dd95606e4d7cd18da50e4adcb9ba7f27f7be48f4f
f912415e84ceb5a06689f96705479e1392fdcaae7507419c25b4b22a81806184
f97fd796ef4a560f2d471893e2619841689639839285f66cee40054cfe0711f3
fa5ee8e029db3a55be6a13d3d3178d8f6d9d15a400db3a88a6d3db518d622902
fac5c926867d3862fdb65d15c5a13fb8384e19b5f63b071028f1d5ae2583c7ac
fb48f684fd85ea8837d297114961d712749759bdc03b64fbc856a2df3ae900e0
fd0631963b09c6186809d6f2bbee60c36b376b86e4b3229357724830c3f44de4
fe09d72189c330176d84cdb3f3d6cdd472d04a4fa50b7a1d11e513dbaabd30c1
fe489d4c9ac52d1c839a81e3d30ba5a571f3c19e6499194cb6a58ca88db74425
ffb6addbbce17fdb50e13ace30f5ce756e5ca32b4ca911e354b83ef8dcb67822

book.hacktricks.xyz Open in urlscan Pro 172.64.147.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

97 %HTTPS

80 %IPv6

10 Domains

13 Subdomains

10 IPs

3 Countries

8091 kBTransfer

13274 kBSize

8 Cookies

76 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

book.hacktricks.xyz Open in urlscan Pro
172.64.147.209 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

97 %
HTTPS

80 %
IPv6

10
Domains

13
Subdomains

10
IPs

3
Countries

8091 kB
Transfer

13274 kB
Size

8
Cookies

155 HTTP transactions
0 data transactions