urlscan.io logo urlscan.io
SecurityTrails logo

www.kitploit.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Effective URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Submission: On April 24 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 4 countries across 18 domains to perform 94 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.kitploit.com.
TLS certificate: Issued by GTS CA 1P5 on April 24th 2024. Valid for: 3 months.
This is the only time www.kitploit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 188.114.96.3 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.226 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 172.67.139.119 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f08... 32934 (FACEBOOK)
3 199.232.192.134 54113 (FASTLY)
1 142.250.184.233 15169 (GOOGLE)
1 157.240.0.6 32934 (FACEBOOK)
2 151.101.64.134 54113 (FASTLY)
2 2001:4860:480... 15169 (GOOGLE)
4 142.250.184.225 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.132 15169 (GOOGLE)
1 142.250.185.206 15169 (GOOGLE)
1 142.250.185.99 15169 (GOOGLE)
3 2600:9000:20e... 16509 (AMAZON-02)
2 54.230.228.78 16509 (AMAZON-02)
3 199.232.196.64 54113 (FASTLY)
94 29
5    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.kitploit.com
3    2a00:1450:4001:810::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
pagead2.googlesyndication.com
11    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2.bp.blogspot.com
4.bp.blogspot.com
1.bp.blogspot.com
14    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
4    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
7    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
kitploit-com.disqus.com
referrer.disqus.com
1    142.250.184.233 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f9.1e100.net
www.blogger.com
1    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
2    151.101.64.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
blogger.googleusercontent.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c1d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
1    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
fundingchoicesmessages.google.com
1    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
3    2600:9000:20e1:f800:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
2    54.230.228.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-78.muc50.r.cloudfront.net
cdn.viglink.com
3    199.232.196.64 (United States)

ASN54113 (FASTLY, US)
links.services.disqus.com
Apex Domain
Subdomains		 Transfer
18 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10504
5 MB
11 blogspot.com
2.bp.blogspot.com — Cisco Umbrella Rank: 18261
4.bp.blogspot.com — Cisco Umbrella Rank: 18982
1.bp.blogspot.com — Cisco Umbrella Rank: 15090
249 KB
8 disqus.com
kitploit-com.disqus.com
disqus.com — Cisco Umbrella Rank: 1224
referrer.disqus.com — Cisco Umbrella Rank: 8518
links.services.disqus.com — Cisco Umbrella Rank: 16945
50 KB
8 gstatic.com
fonts.gstatic.com
261 KB
8 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1791
ka-f.fontawesome.com — Cisco Umbrella Rank: 4267
198 KB
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2941
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 660
www.google.com — Cisco Umbrella Rank: 2
121 KB
5 kitploit.com
www.kitploit.com
189 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
285 KB
4 blogger.com
www.blogger.com — Cisco Umbrella Rank: 11548
59 KB
3 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 6123
27 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
190 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 363
40 KB
2 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 11795
775 B
2 google.nl
www.google.nl — Cisco Umbrella Rank: 10513
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
397 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
89 KB
0 feedburner.com Failed
feeds.feedburner.com Failed
94 18
Domain Requested by
18 blogger.googleusercontent.com www.kitploit.com
8 fonts.gstatic.com fonts.googleapis.com
www.kitploit.com
7 ka-f.fontawesome.com kit.fontawesome.com
www.kitploit.com
6 2.bp.blogspot.com www.kitploit.com
5 www.kitploit.com www.kitploit.com
ajax.googleapis.com
4 www.googletagmanager.com www.kitploit.com
www.googletagmanager.com
4 www.blogger.com www.kitploit.com
3 links.services.disqus.com c.disquscdn.com
www.kitploit.com
3 c.disquscdn.com kitploit-com.disqus.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 1.bp.blogspot.com www.kitploit.com
3 pagead2.googlesyndication.com www.kitploit.com
pagead2.googlesyndication.com
2 cdn.viglink.com www.kitploit.com
2 www.google.nl www.kitploit.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 disqus.com kitploit-com.disqus.com
2 kitploit-com.disqus.com www.kitploit.com
kitploit-com.disqus.com
2 connect.facebook.net www.kitploit.com
connect.facebook.net
2 4.bp.blogspot.com www.kitploit.com
2 fonts.googleapis.com www.kitploit.com
1 referrer.disqus.com www.kitploit.com
1 www.google.com www.kitploit.com
1 region1.analytics.google.com www.googletagmanager.com
1 ajax.googleapis.com www.kitploit.com
1 kit.fontawesome.com www.kitploit.com
0 feeds.feedburner.com Failed www.kitploit.com
94 27
Subject Issuer Validity Valid
kitploit.com
GTS CA 1P5		 2024-04-24 -
2024-07-23		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2024-03-05 -
2024-06-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-02 -
2024-05-02		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-16 -
2025-04-16		 a year crt.sh
*.google.nl
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
a.disquscdn.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-27		 a year crt.sh
viglink.com
Amazon RSA 2048 M02		 2023-09-13 -
2024-10-11		 a year crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-08 -
2024-09-08		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Frame ID: C1B4A89F29E3F06BB2ADECFE1ED8933D
Requests: 90 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=kitploit-com&t_u=https%3A%2F%2Fwww.kitploit.com%2F2016%2F01%2Fp0wnedshell-powershell-runspace-post.html%3Fm%3D0&t_d=%0Ap0wnedShell%20-%20PowerShell%20Runspace%20Post%20Exploitation%20Toolkit%0A&t_t=%0Ap0wnedShell%20-%20PowerShell%20Runspace%20Post%20Exploitation%20Toolkit%0A&s_o=default
Frame ID: 6F2F135FAECB03A210F30456500CD3A7
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=kitploit-com&t_u=https%3A%2F%2Fwww.kitploit.com%2F2016%2F01%2Fp0wnedshell-powershell-runspace-post.html%3Fm%3D0&t_d=%0Ap0wnedShell%20-%20PowerShell%20Runspace%20Post%20Exploitation%20Toolkit%0A&t_t=%0Ap0wnedShell%20-%20PowerShell%20Runspace%20Post%20Exploitation%20Toolkit%0A
Frame ID: 164EB6E040EEE41FCD1D8D0974320B9B
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 255EB0B7A141E7E5AEEFCFBE2FFAC192
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 63823C1EA4962284EFFE7A1CC3BD917F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

p0wnedShell - PowerShell Runspace Post Exploitation Toolkit

Page URL History Show full URLs

  1. http://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0 HTTP 307
    https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

94
Requests

96 %
HTTPS

54 %
IPv6

18
Domains

27
Subdomains

29
IPs

4
Countries

7336 kB
Transfer

10071 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0 HTTP 307
    https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

94 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request p0wnedshell-powershell-runspace-post.html
www.kitploit.com/2016/01/
Redirect Chain
  • http://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
  • https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
184 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ea078b7f72240950d3f160d9b02ea5b213a714b06f332519da4fe4822db07c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8798d7d16d170c75-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 24 Apr 2024 20:29:01 GMT
expires
Wed, 24 Apr 2024 20:29:01 GMT
last-modified
Wed, 24 Apr 2024 12:30:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FqD%2B40kZkjP9LVSAfNxSeyHePF7wNv0MUziH8F%2Bug0ZdrT8ElMuYlRMib5pEUmf3nphHKRssy%2BNQ%2FGqySI0wusmu%2BXK3G%2B0ZfyR0v%2BkiVifkanKPM5iT%2BO8d1U5lBB1xlq9j"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Non-Authoritative-Reason
HttpsUpgrades
3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 11:55:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30820
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7756
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 19:51:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 24 Apr 2025 11:55:21 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,700italic,400italic
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98333fb091c6ebe8f340384ffb95b405d52a0737bb38be04d30c329afcb828ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 20:29:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Apr 2024 20:29:01 GMT
5cd74af81c.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/5cd74af81c.js
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
146b95715a7970bd7b4dc7f80fc83740b056dad9e2ac7ff17d3b4bfd581bf3db

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
56
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8798d7d4196d1cb1-AMS
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F8h_gHIhPu9IH32GOcyi
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Apr 2025 12:18:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
5a9adc30b8ffea126c251500a0b6009b74848b0fbfa3c4aa105905463d547f2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51399
x-xss-protection
0
server
cafe
etag
13235898881819896307
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 24 Apr 2024 20:29:01 GMT
kitploit-Logo-2015-04-27%2B-%2B%25283%2529.png
2.bp.blogspot.com/-IQKG1FPPWQo/VT7jrl3D6KI/AAAAAAAAD70/IV92DTUDwAk/s1600/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-IQKG1FPPWQo/VT7jrl3D6KI/AAAAAAAAD70/IV92DTUDwAk/s1600/kitploit-Logo-2015-04-27%2B-%2B%25283%2529.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
508625fae19b1d7815e98a93c58e7e04faf4647684e4c442c226a7a24ae45a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:10:56 GMT
x-content-type-options
nosniff
age
8285
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="kitploit-Logo-2015-04-27 - (3).png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13996
x-xss-protection
0
server
fife
etag
"vfbe"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Apr 2024 18:10:56 GMT
PowerShell.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjNqsADAV4PvoA_Th5LXU-muYmGauPXKUm53NSeq_TBDIgqgMizr2j5lQmr35wg1euAA0eKqxOXu234CgZYuyD3bX7zs-8o4RONLIOIhhTzpHm32vHMM8hUIQpeuvNd6mUnVrfZvdCM9Q/s640/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjNqsADAV4PvoA_Th5LXU-muYmGauPXKUm53NSeq_TBDIgqgMizr2j5lQmr35wg1euAA0eKqxOXu234CgZYuyD3bX7zs-8o4RONLIOIhhTzpHm32vHMM8hUIQpeuvNd6mUnVrfZvdCM9Q/s640/PowerShell.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b47b6c8b9bbe8864cc07273add8545ec94b20eec1716f19cc36b7ba48b00e092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v144d"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="PowerShell.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22604
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:02 GMT
PowerShell.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjNqsADAV4PvoA_Th5LXU-muYmGauPXKUm53NSeq_TBDIgqgMizr2j5lQmr35wg1euAA0eKqxOXu234CgZYuyD3bX7zs-8o4RONLIOIhhTzpHm32vHMM8hUIQpeuvNd6mUnVrfZvdCM9Q/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjNqsADAV4PvoA_Th5LXU-muYmGauPXKUm53NSeq_TBDIgqgMizr2j5lQmr35wg1euAA0eKqxOXu234CgZYuyD3bX7zs-8o4RONLIOIhhTzpHm32vHMM8hUIQpeuvNd6mUnVrfZvdCM9Q/s72-c/PowerShell.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9b4742f214941031e2e22d605b6af619c5296ae434d24ee50980e4a652d655e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v144d"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="PowerShell.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2852
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:02 GMT
Categories-applications-utilities-icon.png
2.bp.blogspot.com/-8mkUYkKhDy4/VZ3stV-VaPI/AAAAAAAAEWc/1K5lkHucNLg/s1600/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-8mkUYkKhDy4/VZ3stV-VaPI/AAAAAAAAEWc/1K5lkHucNLg/s1600/Categories-applications-utilities-icon.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
12c6314b03c436ba5f0f32b273376f01616ae20d29c5ea649c1a0c8a3eb383b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:13:04 GMT
x-content-type-options
nosniff
age
8157
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="Categories-applications-utilities-icon.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19583
x-xss-protection
0
server
fife
etag
"v1168"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Apr 2024 18:13:04 GMT
logo-18-12-2013.png
2.bp.blogspot.com/-WwjKEu2q0WI/VNIbrcfrrVI/AAAAAAAADqM/zMtkZwZnWuQ/s320/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-WwjKEu2q0WI/VNIbrcfrrVI/AAAAAAAADqM/zMtkZwZnWuQ/s320/logo-18-12-2013.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
79d83a8f11fff6a9865965a4c20db2c38ba3e3955b52ceac05de4c8cdf6c443c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:10:57 GMT
x-content-type-options
nosniff
age
8284
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="logo-18-12-2013.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38892
x-xss-protection
0
server
fife
etag
"vea4"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Apr 2024 18:10:57 GMT
Facebook-icon.png
2.bp.blogspot.com/-DM4cNiHmKVo/WQKaXzv_V0I/AAAAAAAAHqQ/L5tBj1N6ia4i7Duz0ld7liegtnT7aT7rgCLcB/s1600/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-DM4cNiHmKVo/WQKaXzv_V0I/AAAAAAAAHqQ/L5tBj1N6ia4i7Duz0ld7liegtnT7aT7rgCLcB/s1600/Facebook-icon.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
46ce2cf31094fdb618af0551ffdfaf04f6394dd87e0787b686897edf1c975033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:10:57 GMT
x-content-type-options
nosniff
age
8284
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="Facebook-icon.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3177
x-xss-protection
0
server
fife
etag
"v1ea9"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Apr 2024 18:10:57 GMT
Twitter-icon.png
4.bp.blogspot.com/-77dad7pO4vM/WQKaYFjan4I/AAAAAAAAHqg/QQlR0T9ktP8MRuEAA7LstY-Kd2y4bJz1QCLcB/s1600/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-77dad7pO4vM/WQKaYFjan4I/AAAAAAAAHqg/QQlR0T9ktP8MRuEAA7LstY-Kd2y4bJz1QCLcB/s1600/Twitter-icon.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b6845903d74118a2abcdf07627624c0f8c980cbe62d01911cfab50f2025d63ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:10:57 GMT
x-content-type-options
nosniff
age
8284
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="Twitter-icon.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3382
x-xss-protection
0
server
fife
etag
"v1ea9"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Apr 2024 18:10:57 GMT
Pinterest-icon.png
2.bp.blogspot.com/-bgk7xQuiUyQ/WQKaX2ArLNI/AAAAAAAAHqU/UJFcDn04VLwEDUNTECNLuLDyqEnwc-A6ACLcB/s1600/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-bgk7xQuiUyQ/WQKaX2ArLNI/AAAAAAAAHqU/UJFcDn04VLwEDUNTECNLuLDyqEnwc-A6ACLcB/s1600/Pinterest-icon.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
04ca635a51dff510d8c7c1995c0965ec00180b0a191f3deb4b123ec4db623eda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:10:57 GMT
x-content-type-options
nosniff
age
8284
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="Pinterest-icon.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3952
x-xss-protection
0
server
fife
etag
"v1ea9"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Apr 2024 18:10:57 GMT
Rss-icon.png
1.bp.blogspot.com/-FFPrLoHCFuE/WQKaXyIMr1I/AAAAAAAAHqc/c6MenJNn2Lo6mdc1HdE--01GR6PzRU4_gCLcB/s1600/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-FFPrLoHCFuE/WQKaXyIMr1I/AAAAAAAAHqc/c6MenJNn2Lo6mdc1HdE--01GR6PzRU4_gCLcB/s1600/Rss-icon.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
757ffcf71e01cf4745539459418c2e0b451525ee58ab78e6a87130a93e165841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 17:40:27 GMT
x-content-type-options
nosniff
age
10114
content-disposition
inline;filename="Rss-icon.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3732
x-xss-protection
0
server
fife
etag
"v1ea9"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Apr 2024 17:40:27 GMT
cookie-monster.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqAys4PLVxvwwu5rH1k5FS4_Xj-t1vNR_t1CaIpBmCsP_Do205xg8QtSXKwEj046n0YqaKFxiBXvug_xNn0cNg6UpyS4OlyHeqsjUD6avvnlr7i-Hwz6fQChrTK8va7-mMhFeFsOPy-GEzFykr... 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqAys4PLVxvwwu5rH1k5FS4_Xj-t1vNR_t1CaIpBmCsP_Do205xg8QtSXKwEj046n0YqaKFxiBXvug_xNn0cNg6UpyS4OlyHeqsjUD6avvnlr7i-Hwz6fQChrTK8va7-mMhFeFsOPy-GEzFykrFP3iBelUSHWCCfSmJsDmWQCXzdM57oiHDwPQ5-09XQDq/s72-w640-c-h366/cookie-monster.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ec6ed99e44a8d93b05b6a3e1ad21e371beb62a2cbbdef873cfa355e5b16bb327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
x-content-type-options
nosniff
server
fife
etag
"v246f6"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="cookie-monster.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14126
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:01 GMT
VectorKernel.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTol_LxxyKXRoxfbjEuIqn_u5Mr19WSk36QzzZ0fKM0nHXkY1wnvB6TTavS4ycyQww3uEk6gh8Pw4uEyFs2kbBwaToIRujvIDiy-nl7TIT3I-yTz2IUO3zXo6gJ5YYFq0pcS78ZX5rj58r3f_6... 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTol_LxxyKXRoxfbjEuIqn_u5Mr19WSk36QzzZ0fKM0nHXkY1wnvB6TTavS4ycyQww3uEk6gh8Pw4uEyFs2kbBwaToIRujvIDiy-nl7TIT3I-yTz2IUO3zXo6gJ5YYFq0pcS78ZX5rj58r3f_6bZyDazA-KKLIi7AH8H6Qq-Krckr6LkAQUgyE1ECtd0Rm/s72-w640-c-h366/VectorKernel.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0477739e27e34a086edb454802a21cee8b8032adf32e8ed4cbdcdd8f442992ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
x-content-type-options
nosniff
server
fife
etag
"v246fb"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="VectorKernel.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11382
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:01 GMT
NoArgs_4.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEEPyOX8bGv9CXlZUibHtvNfCYJHkl2apdFO9S3eMEz3gUnEI25yX_3Cv3UQvL4lWM_fOmQ_BF0osw4MFVu6Pjb4fU-EDyWzPgaRsLYXpFvgR-q6DBXOwjM58BlXj1QvLgXLB1rwUAVxW9tNY8... 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEEPyOX8bGv9CXlZUibHtvNfCYJHkl2apdFO9S3eMEz3gUnEI25yX_3Cv3UQvL4lWM_fOmQ_BF0osw4MFVu6Pjb4fU-EDyWzPgaRsLYXpFvgR-q6DBXOwjM58BlXj1QvLgXLB1rwUAVxW9tNY8He7VdwDiIVsAWrBG6lUj22aR94g7jTZtY1q9LnWiMoQ8/s72-w640-c-h234/NoArgs_4.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
93bfe434216d9217b53c2ef0e1b822032fc05aae72b0031b4975f897a1361b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
x-content-type-options
nosniff
server
fife
etag
"v246f1"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="NoArgs_4.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6003
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:01 GMT
C2-Tracker.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEii3zoWIhX6JVdR0KPK2pSZV2VhkXh4lSwyGX5JcCPXinU2Bkekk4U3KQ71CeJsQdYYvStnSUYPI6SWBbDNUtID8yhindlGYUhUUVuKHanyAYNB0jw7qMslfhVYkErHTU1XehroWLuY0Fhz7Np6... 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEii3zoWIhX6JVdR0KPK2pSZV2VhkXh4lSwyGX5JcCPXinU2Bkekk4U3KQ71CeJsQdYYvStnSUYPI6SWBbDNUtID8yhindlGYUhUUVuKHanyAYNB0jw7qMslfhVYkErHTU1XehroWLuY0Fhz7Np6-HeSxgILnCgjfIggTFrMxANNhBj1a2lwkqOBJJrL8S8Y/s72-w640-c-h262/C2-Tracker.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d819ab3d3064cf42d2a75e322274cce81b5af2888725ffc42d1bf8fdaaf11952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
x-content-type-options
nosniff
server
fife
etag
"v2471f"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="C2-Tracker.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3740
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:01 GMT
frameless-bitb_1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_Wj5KmfWuQnQaf_RsN6p1YrWsk8Ji4Gz7O7qiABLCpjWRU8Dl4RddpWzd5bIBNoE6FV2a0bCqjmqSS9WfEnM7DnZ5GLOnWXuucJFMdXXFxtUCMxn_xg2Fj4HMASiLfuR4PT_ANqimbENRGiWX... 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_Wj5KmfWuQnQaf_RsN6p1YrWsk8Ji4Gz7O7qiABLCpjWRU8Dl4RddpWzd5bIBNoE6FV2a0bCqjmqSS9WfEnM7DnZ5GLOnWXuucJFMdXXFxtUCMxn_xg2Fj4HMASiLfuR4PT_ANqimbENRGiWXg1yqPZ3074ik5Of5d-dkqi_l4oFk5OX3X7vsRBvvIF96/s72-w640-c-h360/frameless-bitb_1.gif
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
000ad01bacfde4b60eaa22c95f0eecc6a1b6053581a77ae9b717d62fac1427bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
x-content-type-options
nosniff
server
fife
etag
"v246d2"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="frameless-bitb_1.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146130
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:01 GMT
logo-18-12-2013.png
2.bp.blogspot.com/-WwjKEu2q0WI/VNIbrcfrrVI/AAAAAAAADqM/zMtkZwZnWuQ/s1600/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-WwjKEu2q0WI/VNIbrcfrrVI/AAAAAAAADqM/zMtkZwZnWuQ/s1600/logo-18-12-2013.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
17825cd1a1eb026f78bc482cda5cccb3c32d26b07dd5b7f0e7375d4ad69ce0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:10:57 GMT
x-content-type-options
nosniff
age
8284
content-disposition
inline;filename="logo-18-12-2013.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34185
x-xss-protection
0
server
fife
etag
"vea4"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Apr 2024 18:10:57 GMT
PentestTools
feeds.feedburner.com/~fc/ 		0
0
js
www.googletagmanager.com/gtag/ 		188 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-65522301-1
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2670e9e5da4e348a0d6028ec10c5a9c03c551168bc244019725662a173d6032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70040
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 20:29:01 GMT
cookienotice.js
www.kitploit.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kitploit.com/js/cookienotice.js
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 14:51:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cf-ray
8798d7d4beed0c75-AMS
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 01 May 2024 17:07:38 GMT
848617736-widgets.js
www.blogger.com/static/v1/widgets/ 		141 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/848617736-widgets.js
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cc556f7a1301c1c932b1b1f696cbfbc5e131209812b9573204f69b305f05b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 11:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31729
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51485
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 21:51:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 24 Apr 2025 11:40:12 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=5cd74af81c
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5cd74af81c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
via
1.1 96e04892ec84a7161914f66c3ba3b5f0.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P2
age
3632428
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Y5QY9xGqbBhnhhsUO7VKbXBgW0DRKUeteLkGDvIoDSmXz2dY59NHa3bzYHmc%2Bb%2F4CoiAM4cTknexRGVj8rc02O08omocsoFa6nk2MbBcsstJRDmmVyqBEwg2pqtGoaS64uYPcNvFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8798d7d4aeeb0a73-AMS
access-control-allow-headers
fa-kit-token
x-amz-cf-id
YRLeq2bEbCf_uNfDttMdkrN8z-UDSN3v_334hse6sA5DtXbytDe2LA==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=5cd74af81c
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5cd74af81c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
via
1.1 701ed6d11cb535ec9687bbfbe3b14bc0.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P2
age
3646549
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPFROoZoQ87%2FVOH2f3vPonxbScZ963QPp2QeVVhq3KkVuK7dPmWFYFi661B5xpkF0o9boqbONylEeOZwmWITMm%2Bp3Giw%2BRZRjOiyEJiodvfQfe%2B6J%2Bo1Fj9rrkOmdH8GT4xrz4o6lw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8798d7d4aee60a73-AMS
access-control-allow-headers
fa-kit-token
x-amz-cf-id
ROWFn43RQWFv0W685deuzTc6yZnJu7J-LpTsNC_c7lGT9aMAFQ34eA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=5cd74af81c
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5cd74af81c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
via
1.1 beda7ef1ba9a3d6628bdfdae06bd482c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P2
age
2828935
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6J0PIQxd0n7aQWmRWPYOP6nqrIP5HTVckuMPYaLZ0zYgWdXOkTZ%2BhJWgpX9Z5yMZdUUqn4FoPhUPLCSVEId6iW8%2F%2FszgA1NkkMxjo5jvisDJuq9aX17eJWyuaPhjT0jorMmUykIEAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8798d7d4aee80a73-AMS
access-control-allow-headers
fa-kit-token
x-amz-cf-id
KJejwyUNIODWDzEVB_-M0DDU5njcI48cEEo248oQup65mtxFNCf75Q==
gtm.js
www.googletagmanager.com/ 		123 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5ZW7LXZ
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83fd8fc05348ba75e94765ddbbf5c4c509503104393c27c9ab0a3dc7fe1fe167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48441
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 20:01:01 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Apr 2024 20:29:01 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8317222231133660547&zx=31a14c1c-e045-45f7-b446-10fcb35d80a8
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 24 Apr 2024 20:29:01 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
bar_kitploit.png
4.bp.blogspot.com/-1HQTMP6EaWA/W4d8yPDo6II/AAAAAAAAMTs/JGd0YbJJ4vA9nYO0rbjjySSwVpjodOZAQCLcBGAs/s1600/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-1HQTMP6EaWA/W4d8yPDo6II/AAAAAAAAMTs/JGd0YbJJ4vA9nYO0rbjjySSwVpjodOZAQCLcBGAs/s1600/bar_kitploit.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f0ea08d94e9ad1d431148d70fd4f519dde6776dfe444d6969dcaa3e9b6b58612
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 17:27:41 GMT
x-content-type-options
nosniff
age
10880
content-disposition
inline;filename="bar_kitploit.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3748
x-xss-protection
0
server
fife
etag
"v313c"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Apr 2024 17:27:41 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,700italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 11:44:51 GMT
x-content-type-options
nosniff
age
31450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Apr 2025 11:44:51 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,700italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 11:39:38 GMT
x-content-type-options
nosniff
age
31763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Apr 2025 11:39:38 GMT
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,700italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 11:55:12 GMT
x-content-type-options
nosniff
age
30829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14160
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Apr 2025 11:55:12 GMT
6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,700italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fae9ee8da96ba004f96a5719e3cd323b3248c49a28e56777ce829900d50929ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:08:23 GMT
x-content-type-options
nosniff
age
166838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14200
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Apr 2025 22:08:23 GMT
336x280_80tools.png
1.bp.blogspot.com/-QHHMyQ0HsJI/X_6JG6A52dI/AAAAAAAAU_o/yMrwWn3Glt4rAop_-4CKxZ0JO9khhOeBwCNcBGAsYHQ/s0/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-QHHMyQ0HsJI/X_6JG6A52dI/AAAAAAAAU_o/yMrwWn3Glt4rAop_-4CKxZ0JO9khhOeBwCNcBGAsYHQ/s0/336x280_80tools.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3932876e30ca215f80b74402eefa0f1c62ff1a764d7918fb617a54aff41d010f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 17:25:49 GMT
x-content-type-options
nosniff
age
10992
content-disposition
inline;filename="336x280_80tools.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
server
fife
etag
"v5405"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Apr 2024 17:25:49 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
93f2eb01e18e177b07005fab415d64e50ab840f6b042b2c44ecf8af6aa192cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:29:01 GMT
content-md5
pYdMoHziCPo+6Nj8ahlXeQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1684
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1294, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
5k4u4D3o7hXv49VvlQlOe/eXGK+UjBOI4LgHqMaIepz9ZRD6OAGi7a8dfw/is+ofO5flUjj9SRzlDl1O7weNtA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
0dff33a2c4ee227c40e4bd30a2ce91fa
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"b20a7ce24d017114643ea1f9dc5a291d"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 24 Apr 2024 20:30:18 GMT
embed.js
kitploit-com.disqus.com/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kitploit-com.disqus.com/embed.js
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
77474ca5a73dd7b504a44d5bf22feb5026532a3260a625e8c95d4f83c2b6d35b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
server
openresty
Age
38
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
x-service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
26392
Windows
www.kitploit.com/feeds/posts/default/-/ 		281 KB
69 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kitploit.com/feeds/posts/default/-/Windows?alt=json-in-script&max-results=3&callback=jQuery1110014096451332105175_1713990541540&_=1713990541541
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1fd368389544a7005f96d0b15f20c42217fc6b5c70050108f166671b7cb455
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 12:30:31 GMT
server
cloudflare
etag
W/"21ed8b3b26484e38a752e87bb61b4027309378315fbf51b46fa982cf9a37a872"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4DTULP0rOUOAwc%2FVrZiXaEWY0SjKu%2FWvqB76LZUzwi6m0%2FbOpD1DcSOhhIzF2gYfapG1w%2B%2BeS1XCoNoT0PheylPB%2BQG0gtesPFIZR7xQyIBD3CCnJCVlEQQuw72%2FxkH469GQ"}],"group":"cf-nel","max_age":604800}
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cf-ray
8798d7d4ff1d0c75-AMS
expires
Wed, 24 Apr 2024 20:29:02 GMT
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
via
1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P2
age
3637596
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=psGJOq8MKbj1Z2R3SpBiozVru5UD3KIaJMihxRWc1mlESJfKQDrj3Mj6V7Z1cyB5kr%2FJhT%2B1Ry0GHvdQWT8SqoD%2Bykf26H1v1nDTL2TCEuy%2FJfes9kfic9NX3ggi0cniO%2FcI%2Boe0Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8798d7d5b8340a73-AMS
access-control-allow-headers
fa-kit-token
x-amz-cf-id
z5-8uVp4Q-Z-yFkOQCInG4TSsMvSNuzw8xloS6dGzsz8xLhJqTa9mQ==
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
via
1.1 c38563a65534cacc21516bd5450b0818.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P2
age
2907409
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
76736
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPqkdXfAm89xw3VQdcZnmrQuoSRjmBWM1EjBIkZmv2CUblIYLYMYeACODEe6mETzE4ZrzrFVKepP08GEbhdNLBdQ%2BlcJCY7%2BTqZ0RogRW9OkE02rwTAc8cQTj8jQV482UMZBkvPG4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8798d7d5b8360a73-AMS
access-control-allow-headers
fa-kit-token
x-amz-cf-id
T4i5qWs9tOSehx-yP3okl2AaibV4_dVjzQ911VXGKAiNHg_KTSE4wA==
free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
via
1.1 b3ca057e9cdd89c43806ec06db3b4046.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P2
age
3637596
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13216
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"b8f1c6a3a94d42b082c29f0b1db8ba95"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DH7MzrDiivVhkr9DgcOfeOg4z8Dvpv4G8qrWSEZk3UJik4zsFIO8Wmjx%2FYi%2BrLacdWRSj1V0DrvBJCF4mP8EKM4tv6z%2F0xsUqQagW6KidjqaYQYeWnttKWXuY99Kyerla63h8r%2FwYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8798d7d5b8390a73-AMS
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Id1AeFFFj2EJUbW6HJmgWnRfh1BUK0ksmd1gDrHRlMFnFuxSq0hwng==
free-fa-v4deprecations.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-v4deprecations.woff2
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b87c479eadc6a3eab40c4a0dbdcd525917ba8f22f66c6b647177d529a5e1543

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
via
1.1 c4fa254e2a3f0fe13ffe676ce8dbcda0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SOF50-P1
age
3632426
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
6792
last-modified
Wed, 04 Aug 2021 18:58:25 GMT
server
cloudflare
etag
"d1c11521f3c8677b87cc7e0a206dfbf6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dSrA4Oso%2F3mPtDi%2FLKLygfm5oQDGCcS5dZvyePpcN8XVgVfSdIrBAe19hSxKStA%2BE9uNybaZTT1Gtw8M3mBXWD%2BzB3eT%2FaNP8cVySmYfwzRXxNCWLZgHCdK2IH38SLF12Y5qGZuW0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8798d7d5b83a0a73-AMS
access-control-allow-headers
fa-kit-token
x-amz-cf-id
4b-sS1N1_M9Lpg60WBQv1tjcckUQjRyszwYqNKMSncCkMwE3l2lu3Q==
windows-exploit-suggester-tool-to.html
www.kitploit.com/2016/01/ 		187 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kitploit.com/2016/01/windows-exploit-suggester-tool-to.html?m=0
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae8a784b57f7615f9ed41e303e6f922d0d8736a4175ea7a994bd44bc33a4f1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Wed, 24 Apr 2024 12:30:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=asvqbPxtXyc50J%2BDLY%2FB5iLX%2Fe2sL%2FGVBOQ16ZZIMunG3DVARslV8J%2B4KjYDthLtEMMnK6N%2BKgFR%2BNiQUaQ2LfA3ah7a67cf5lKpwt9qe1ftIqej7m%2B%2BsOwbohTWtNbhq49Z"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
cf-ray
8798d7d5af880c75-AMS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Wed, 24 Apr 2024 20:29:01 GMT
dnstwist-domain-name-permutation-engine.html
www.kitploit.com/2016/01/ 		189 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kitploit.com/2016/01/dnstwist-domain-name-permutation-engine.html?m=0
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c535d26086183a81677770a2b2664f8da490815096782323809e08cf6104470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Wed, 24 Apr 2024 12:30:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ekRmoGpqVpET7%2FLc%2BoZ2kt8miS8i9TBKapPREoyER58TcomlvhqiWV4kXZRoUe7J5b8SxtoC2lBdO5pRmoDmw7mUwEe2DSeshZlSFWtvOTVgHo9EoNaa1%2BjabrPy6%2FocHxQR"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
cf-ray
8798d7d5af890c75-AMS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Wed, 24 Apr 2024 20:29:01 GMT
728x90_collaborative.png
1.bp.blogspot.com/-4OWAidWM2Ek/X_6JPU-FH_I/AAAAAAAAU_4/DS-WQh0mMuc1Yp4xTPupwqLhB98BjjUjgCNcBGAsYHQ/s0/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-4OWAidWM2Ek/X_6JPU-FH_I/AAAAAAAAU_4/DS-WQh0mMuc1Yp4xTPupwqLhB98BjjUjgCNcBGAsYHQ/s0/728x90_collaborative.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
644e855bb6984ca10209298814b346d90a04ff58e73a86a0b9af5fbe0a79c284
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="728x90_collaborative.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49343
x-xss-protection
0
server
fife
etag
"v5408"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Apr 2024 20:29:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51399
x-xss-protection
0
server
cafe
etag
13235898881819896307
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 24 Apr 2024 20:29:01 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8317222231133660547&zx=31a14c1c-e045-45f7-b446-10fcb35d80a8
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f9.1e100.net
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 24 Apr 2024 20:29:01 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
recommendations.js
kitploit-com.disqus.com/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kitploit-com.disqus.com/recommendations.js
Requested by
Host: kitploit-com.disqus.com
URL: https://kitploit-com.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
858bd345ce34adf2ee6d356280e168bdc31f354891df8c4f89b0d74c109474cd
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
content-type
application/javascript; charset=utf-8
cache-control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
x-service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
21450
sdk.js
connect.facebook.net/en_US/ 		299 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=bf03bdb34af142fb70adb7e23031c29c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
1f1904c69ce2ad4ae31e92c05f288067a3e48ce55c1534c5e2d5f7510fca6b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:29:01 GMT
content-md5
cZicAJclCxTaJiKZyM0e1Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87564
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4294, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
7gLlciGQcUSA5NNfR42V4BU/i9BRn43iJGbQ+e9RC+lm5wJxBVAlzGOtQm86AKB6i5siZbbenq5Uk0Xb7l/8VQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
6d660e43778733f66ae126e35ceb2001
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"a26a77f3e1b745c2bbd33c25a51f4d0d"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 24 Apr 2025 18:57:06 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404180101/ 		412 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7669852180477439&plah=www.kitploit.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
7a13bfa3aad2db0f2486f597e8aea7b8e6612013e009a97e40f6e33120551f0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143077
x-xss-protection
0
server
cafe
etag
11434017741492450410
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 24 Apr 2024 20:29:01 GMT
js
www.googletagmanager.com/gtag/ 		185 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-65522301-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZW7LXZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6fa51849c8487b4310f7753e1408738c9386d6e25a3e57fec1386828fc3dcd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69028
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 20:29:01 GMT
VectorKernel.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTol_LxxyKXRoxfbjEuIqn_u5Mr19WSk36QzzZ0fKM0nHXkY1wnvB6TTavS4ycyQww3uEk6gh8Pw4uEyFs2kbBwaToIRujvIDiy-nl7TIT3I-yTz2IUO3zXo6gJ5YYFq0pcS78ZX5rj58r3f_6... 		333 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTol_LxxyKXRoxfbjEuIqn_u5Mr19WSk36QzzZ0fKM0nHXkY1wnvB6TTavS4ycyQww3uEk6gh8Pw4uEyFs2kbBwaToIRujvIDiy-nl7TIT3I-yTz2IUO3zXo6gJ5YYFq0pcS78ZX5rj58r3f_6bZyDazA-KKLIi7AH8H6Qq-Krckr6LkAQUgyE1ECtd0Rm/w640-h366/VectorKernel.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
24a824f93b2caee9f9a4b3641b75c5a6c8f6b36184452ad09cf5230ae348b597
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v246fb"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="VectorKernel.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
341034
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:02 GMT
cookie-monster.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqAys4PLVxvwwu5rH1k5FS4_Xj-t1vNR_t1CaIpBmCsP_Do205xg8QtSXKwEj046n0YqaKFxiBXvug_xNn0cNg6UpyS4OlyHeqsjUD6avvnlr7i-Hwz6fQChrTK8va7-mMhFeFsOPy-GEzFykr... 		490 KB
491 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqAys4PLVxvwwu5rH1k5FS4_Xj-t1vNR_t1CaIpBmCsP_Do205xg8QtSXKwEj046n0YqaKFxiBXvug_xNn0cNg6UpyS4OlyHeqsjUD6avvnlr7i-Hwz6fQChrTK8va7-mMhFeFsOPy-GEzFykrFP3iBelUSHWCCfSmJsDmWQCXzdM57oiHDwPQ5-09XQDq/w640-h366/cookie-monster.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7b42b1dc506138ce79f674ec984f4c67c4655d638819fb32b9f2cddaf7273ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v246f6"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="cookie-monster.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
502146
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:02 GMT
NoArgs_4.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEEPyOX8bGv9CXlZUibHtvNfCYJHkl2apdFO9S3eMEz3gUnEI25yX_3Cv3UQvL4lWM_fOmQ_BF0osw4MFVu6Pjb4fU-EDyWzPgaRsLYXpFvgR-q6DBXOwjM58BlXj1QvLgXLB1rwUAVxW9tNY8... 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEEPyOX8bGv9CXlZUibHtvNfCYJHkl2apdFO9S3eMEz3gUnEI25yX_3Cv3UQvL4lWM_fOmQ_BF0osw4MFVu6Pjb4fU-EDyWzPgaRsLYXpFvgR-q6DBXOwjM58BlXj1QvLgXLB1rwUAVxW9tNY8He7VdwDiIVsAWrBG6lUj22aR94g7jTZtY1q9LnWiMoQ8/w640-h234/NoArgs_4.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6c0174b710ef829ca7b4c280c74d46f2e256b85d71a3e8834f5ab34180d48936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v246f1"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="NoArgs_4.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82078
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:02 GMT
NoArgs_2.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrCJJjl3qFjJ8rZ0Qed0Jk4em0k4f1ZdVOvR93LNzMlMW2wIQ5agZvfYArUiKapOYW1xhhSFXtPQlMPMf-cJr6itvsoUB0WYQbTdRgMw9dpFhndkTYr9WkeytV_YgUQnKCpDNZrBqwQk-z7d4O... 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrCJJjl3qFjJ8rZ0Qed0Jk4em0k4f1ZdVOvR93LNzMlMW2wIQ5agZvfYArUiKapOYW1xhhSFXtPQlMPMf-cJr6itvsoUB0WYQbTdRgMw9dpFhndkTYr9WkeytV_YgUQnKCpDNZrBqwQk-z7d4O4iAJrglT8wByPO767GLr5e92L84zshDlwCv687N5Tszh/w640-h232/NoArgs_2.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
29152e9ca4a4ee4b179abaf704d216181e908dfdac9d925b5f5082f64bc7c1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v246dd"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="NoArgs_2.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86149
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:02 GMT
NoArgs_3.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4KKE3dbpyw_-Mw6HDR08udGepbugJU9Lw5solQ_QMtfaMs1UKxr-mCIf79uCmsAjrDQZPSXUr9CX1f9mVLQQ1YI1LhJrcHH1yqvZCBwv94rWYgjB5dDwv1kaxQh3Uli-F1aE02hpJdM3WFEck... 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4KKE3dbpyw_-Mw6HDR08udGepbugJU9Lw5solQ_QMtfaMs1UKxr-mCIf79uCmsAjrDQZPSXUr9CX1f9mVLQQ1YI1LhJrcHH1yqvZCBwv94rWYgjB5dDwv1kaxQh3Uli-F1aE02hpJdM3WFEckXZ3rddMKCej5Tua4EIbIeNPr2bgcXXaZyFx2C7rF_XQo/w640-h336/NoArgs_3.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0ffcea863bfc6783ce33608752e75dadaf772ee36363090a5fb58d96646fbd85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v246f1"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="NoArgs_3.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86959
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:02 GMT
NoArgs_5.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhsOBiur33ps9cI_LzTI9NhBnJ7mZH_arGI19nSMkjVO-bz4SO4wb-pZT1J97CfzhXqljTo8QcNRkLR1BFdXn7234WjLr-5xpEcuEwVWLx5FlOPRRFDC8mYAhFc1Vs2lqsaVOeeTjk-a-h4G4Xg... 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhsOBiur33ps9cI_LzTI9NhBnJ7mZH_arGI19nSMkjVO-bz4SO4wb-pZT1J97CfzhXqljTo8QcNRkLR1BFdXn7234WjLr-5xpEcuEwVWLx5FlOPRRFDC8mYAhFc1Vs2lqsaVOeeTjk-a-h4G4XgTZS_0U1_DB-wKiZHFpkpwMKFn8VX_c6pIg-p18XTSeOX/w640-h332/NoArgs_5.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1eef649184d92eed85305439001fc37209b470c1d38e398f9ade72f933f8b439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v246f1"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="NoArgs_5.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85087
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:02 GMT
NoArgs_6.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1nm2x1AcvC5kQqHUkvjblFJSYENHleztRmAH2HgOx72IBzcXq4BAGxQjuZMPiKXbG2SUhokONUIk2tAmnt-kodAO9Omz3nfvcAlKiewuHANgfu2fyjN-wik3q-m_c9ur4L5Stn08dJgaNugNq... 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1nm2x1AcvC5kQqHUkvjblFJSYENHleztRmAH2HgOx72IBzcXq4BAGxQjuZMPiKXbG2SUhokONUIk2tAmnt-kodAO9Omz3nfvcAlKiewuHANgfu2fyjN-wik3q-m_c9ur4L5Stn08dJgaNugNqIj6AXooZ5yiHKYixjMJq8207Q9u-EKIZNVgSuBiMYOuf/w640-h282/NoArgs_6.gif
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0d3bd02c324f78e93227776f6c45788690b8899b3e28ed694173654822bc8bd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v246f1"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="NoArgs_6.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1637369
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:02 GMT
NoArgs_7.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0DxE9N5GY2GnidNkFA1tXKfFrhen0NHjQ41I3Enyqmq_757LqOk1BbGrqiqxUOJ3P-kF3Mb76rDF2B1MsHiWWmTjlkDh33wQP61AYVB_TwFviv2J0wS0s_xFcLoa9b-NlT4TrI0RfSbS-pXri... 		0
0
/
disqus.com/embed/comments/ Frame 6F2F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=kitploit-com&t_u=https%3A%2F%2Fwww.kitploit.com%2F2016%2F01%2Fp0wnedshell-powershell-runspace-post.html%3Fm%3D0&t_d=%0Ap0wnedShell%20-%20PowerShell%20Runspace%20Post%20Exploitation%20Toolkit%0A&t_t=%0Ap0wnedShell%20-%20PowerShell%20Runspace%20Post%20Exploitation%20Toolkit%0A&s_o=default
Requested by
Host: kitploit-com.disqus.com
URL: https://kitploit-com.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.kitploit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Age
0
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2769
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 24 Apr 2024 20:29:02 GMT
ETag
W/"lounge:view:10170074356.cdeb2d3d54c4e3d8202baec45f3d66eb.2"
Last-Modified
Wed, 24 Apr 2024 20:29:02 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
js
www.googletagmanager.com/gtag/ 		304 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X7ZW04TH92&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65522301-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
803e993eaf41835c38b3d1fe180ffaa35d358393f65901a936885951d44b4d4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103792
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 20:29:02 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65522301-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:20:02 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
540
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 24 Apr 2024 22:20:02 GMT
dnstwist.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEildQPGpV1OyF2C0xqIl7u2KSTY6rFpQGRBZ1Eq6iTaOTy2j9luRbJ7ROfyFh6QOaKLefhB8nxtBNdpux7dbg0WTmf76zG_nNPxd5sQB3cLWn2GnihX1VsLuaBFqn-MqP5B-fuxOdQmFI4/s640/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEildQPGpV1OyF2C0xqIl7u2KSTY6rFpQGRBZ1Eq6iTaOTy2j9luRbJ7ROfyFh6QOaKLefhB8nxtBNdpux7dbg0WTmf76zG_nNPxd5sQB3cLWn2GnihX1VsLuaBFqn-MqP5B-fuxOdQmFI4/s640/dnstwist.gif
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
fife /
Resource Hash
2dd0c69af4d28be6ff17d893da08019301547028c8f5490b24635835921668a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v143f"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="dnstwist.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2261583
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:04 GMT
dnstwist.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEildQPGpV1OyF2C0xqIl7u2KSTY6rFpQGRBZ1Eq6iTaOTy2j9luRbJ7ROfyFh6QOaKLefhB8nxtBNdpux7dbg0WTmf76zG_nNPxd5sQB3cLWn2GnihX1VsLuaBFqn-MqP5B-fuxOdQmFI4/s72-c/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEildQPGpV1OyF2C0xqIl7u2KSTY6rFpQGRBZ1Eq6iTaOTy2j9luRbJ7ROfyFh6QOaKLefhB8nxtBNdpux7dbg0WTmf76zG_nNPxd5sQB3cLWn2GnihX1VsLuaBFqn-MqP5B-fuxOdQmFI4/s72-c/dnstwist.gif
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
fife /
Resource Hash
b2a2749601d97c30a7b6d5f1c7f6737e48753e150ded566430c3e2eca5f8b4b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v143f"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="dnstwist.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
194433
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:02 GMT
PentestTools
feeds.feedburner.com/~fc/ 		0
0
collect
www.google-analytics.com/j/ 		2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=714658596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kitploit.com%2F2016%2F01%2Fp0wnedshell-powershell-runspace-post.html%3Fm%3D0&ul=nl-nl&de=UTF-8&dt=p0wnedShell%20-%20PowerShell%20Runspace%20Post%20Exploitation%20Toolkit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=321011253&gjid=1500198593&cid=368192752.1713990542&tid=UA-65522301-1&_gid=762321915.1713990542&_r=1&gtm=457e44m0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=736409904
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kitploit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
Windows-Exploit-Suggester.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMqWQhF544W1VQhLyMN1XU6SysMhfnrAsN5V0uGqLDZtrimK-o4_1j4F1DXXGVms-NX4oNb3WqGmlRHFKRCZNwJzdI9Ay1g9K_SW8USgPvfn-T2vGwvcm0Ba8YB0T6QGHVAObr-VIk5Lw/s640/ 		184 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMqWQhF544W1VQhLyMN1XU6SysMhfnrAsN5V0uGqLDZtrimK-o4_1j4F1DXXGVms-NX4oNb3WqGmlRHFKRCZNwJzdI9Ay1g9K_SW8USgPvfn-T2vGwvcm0Ba8YB0T6QGHVAObr-VIk5Lw/s640/Windows-Exploit-Suggester.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
fife /
Resource Hash
695458ac1ee2ccfa6fb21b9164c670d91136b99b2040365fd4f087163f87f807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v1450"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Windows-Exploit-Suggester.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188478
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:02 GMT
Windows-Exploit-Suggester.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMqWQhF544W1VQhLyMN1XU6SysMhfnrAsN5V0uGqLDZtrimK-o4_1j4F1DXXGVms-NX4oNb3WqGmlRHFKRCZNwJzdI9Ay1g9K_SW8USgPvfn-T2vGwvcm0Ba8YB0T6QGHVAObr-VIk5Lw/s72-c/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMqWQhF544W1VQhLyMN1XU6SysMhfnrAsN5V0uGqLDZtrimK-o4_1j4F1DXXGVms-NX4oNb3WqGmlRHFKRCZNwJzdI9Ay1g9K_SW8USgPvfn-T2vGwvcm0Ba8YB0T6QGHVAObr-VIk5Lw/s72-c/Windows-Exploit-Suggester.png
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
fife /
Resource Hash
aa76a1f817939fb059bc168f0321025e833a1c868c4bd873c83dd41d45976410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v1450"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Windows-Exploit-Suggester.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11619
x-xss-protection
0
expires
Thu, 25 Apr 2024 20:29:02 GMT
collect
region1.analytics.google.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-X7ZW04TH92&gtm=45je44m0v899327483za200&_p=1713990541544&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=368192752.1713990542&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1713990542&sct=1&seg=0&dl=https%3A%2F%2Fwww.kitploit.com%2F2016%2F01%2Fp0wnedshell-powershell-runspace-post.html%3Fm%3D0&dt=p0wnedShell%20-%20PowerShell%20Runspace%20Post%20Exploitation%20Toolkit&en=page_view&_fv=1&_ss=1&tfd=1159
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X7ZW04TH92&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 20:29:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kitploit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X7ZW04TH92&cid=368192752.1713990542&gtm=45je44m0v899327483za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X7ZW04TH92&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 20:29:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kitploit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X7ZW04TH92&cid=368192752.1713990542&gtm=45je44m0v899327483za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=153590344
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-7669852180477439
fundingchoicesmessages.google.com/i/ 		181 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7669852180477439?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7669852180477439&plah=www.kitploit.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
907083869796a49e6fbc9730ca9aa16add2ff820d634b2581814b681273d93dc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GoA0pmVO57ynFxC80x4zdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GoA0pmVO57ynFxC80x4zdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw1JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhHo6-60s3sgl0HF7fxggA-EQqpg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-65522301-1&cid=368192752.1713990542&jid=321011253&gjid=1500198593&_gid=762321915.1713990542&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1219819269
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kitploit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
disqus.com/recommendations/ Frame 164E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/recommendations/?base=default&f=kitploit-com&t_u=https%3A%2F%2Fwww.kitploit.com%2F2016%2F01%2Fp0wnedshell-powershell-runspace-post.html%3Fm%3D0&t_d=%0Ap0wnedShell%20-%20PowerShell%20Runspace%20Post%20Exploitation%20Toolkit%0A&t_t=%0Ap0wnedShell%20-%20PowerShell%20Runspace%20Post%20Exploitation%20Toolkit%0A
Requested by
Host: kitploit-com.disqus.com
URL: https://kitploit-com.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.kitploit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Age
0
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2276
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 24 Apr 2024 20:29:02 GMT
Last-Modified
Wed, 13 Dec 2023 19:12:53 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-65522301-1&cid=368192752.1713990542&jid=321011253&npa=1&_u=YEBAAUAAAAAAACAAI~&z=706929784
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-65522301-1&cid=368192752.1713990542&jid=321011253&npa=1&_u=YEBAAUAAAAAAACAAI~&z=706929784
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 20:29:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUczTmMYvyU0wl3caaPpEteGSNfVvtPXz_pnO0M1XyX459fDR0LuhMcZ-92FVfiEc8W9BlzwjswYMW9gkUSPoMty8SG6_7UTQTHAzI3ozd48hSWKj8HAkaHzwfewwq9pXZVqp2-iQ==
fundingchoicesmessages.google.com/f/ 		389 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUczTmMYvyU0wl3caaPpEteGSNfVvtPXz_pnO0M1XyX459fDR0LuhMcZ-92FVfiEc8W9BlzwjswYMW9gkUSPoMty8SG6_7UTQTHAzI3ozd48hSWKj8HAkaHzwfewwq9pXZVqp2-iQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzOTkwNTQyLDM4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cua2l0cGxvaXQuY29tLzIwMTYvMDEvcDB3bmVkc2hlbGwtcG93ZXJzaGVsbC1ydW5zcGFjZS1wb3N0Lmh0bWwiLG51bGwsW1s4LCJNQUEybTFYNk00NCJdLFs5LCJubCJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.MAA2m1X6M44.es5.O/am=wA/d=1/rs=AJlcJMxiNz6wM3WDyhLiZav_aY4t69N9DQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f72f2bc6be03997aebd5592a7db3413aef96556f6ffa738189a437166adb6697
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KL4XE8Yy_rE3zhWWHMYKmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KL4XE8Yy_rE3zhWWHMYKmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw05BiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP_nWctBWIhHo6-60s3sgmsaJn5kxEA_a4q8w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		106 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.MAA2m1X6M44.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwaiok0LWKI6Aye1Sph2BbYk-7EMw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Apr 2024 20:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 20:29:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Apr 2024 20:29:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 23:56:39 GMT
x-content-type-options
nosniff
age
419543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 23:56:39 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 00:50:53 GMT
x-content-type-options
nosniff
age
157089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Apr 2025 00:50:53 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 11:51:26 GMT
x-content-type-options
nosniff
age
31056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Apr 2025 11:51:26 GMT
AGSKWxV1fvG3KThnfkgrho22K00DOWBNNjsHbGAz2Ocb__iqZ1zMRrPkvWEZCrgywBXymhrIOfULla_vuWSfZg4W9mC96ayQNfm0LsBBi2rJ3tfwlGV4QXMP6wSOc2JybOGRPWG6vKdahw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV1fvG3KThnfkgrho22K00DOWBNNjsHbGAz2Ocb__iqZ1zMRrPkvWEZCrgywBXymhrIOfULla_vuWSfZg4W9mC96ayQNfm0LsBBi2rJ3tfwlGV4QXMP6wSOc2JybOGRPWG6vKdahw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.MAA2m1X6M44.es5.O/am=wA/d=1/rs=AJlcJMxiNz6wM3WDyhLiZav_aY4t69N9DQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mp2DnGqmWrGECagn1U-1fQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Apr 2024 20:29:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mp2DnGqmWrGECagn1U-1fQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1hDgFiIh6Pv-tKNbAIHlp-9xAQAxiIMbg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.kitploit.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.kitploit.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 18:30:08 GMT
x-content-type-options
nosniff
age
179934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Apr 2025 18:30:08 GMT
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: kitploit-com.disqus.com
URL: https://kitploit-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:f800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 03 Jan 2024 08:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f1c346ef88f452565cb5e3b14fa76bb6.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C2
age
9720830
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26578
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 21 Dec 2023 18:58:13 GMT
server
nginx
etag
"65848ac5-67d2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
SOcmovkKMdSrnxk3egHO50EsKf04i1BMO0gN87YE4FJyHKsYlMXRqQ==
expires
Thu, 02 Jan 2025 08:15:13 GMT
stat.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/stat.gif?event=cmp.present
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 20:29:03 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
x-xss-protection
1; mode=block
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 255E 		337 B
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: kitploit-com.disqus.com
URL: https://kitploit-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:f800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Tue, 23 Jan 2024 20:26:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f1c346ef88f452565cb5e3b14fa76bb6.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C2
age
7948930
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 08 Jan 2024 22:12:55 GMT
server
nginx
etag
"659c7367-f4"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
cBdS3ohKAXTzUj7T-BBtM2HOHFCpbA0b7p25XBkIMmFRe_GVNujMWg==
expires
Wed, 22 Jan 2025 20:26:53 GMT
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 6382 		337 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: kitploit-com.disqus.com
URL: https://kitploit-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:f800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Tue, 23 Jan 2024 20:26:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f1c346ef88f452565cb5e3b14fa76bb6.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C2
age
7948930
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 08 Jan 2024 22:12:55 GMT
server
nginx
etag
"659c7367-f4"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
cBdS3ohKAXTzUj7T-BBtM2HOHFCpbA0b7p25XBkIMmFRe_GVNujMWg==
expires
Wed, 22 Jan 2025 20:26:53 GMT
pixel.gif
cdn.viglink.com/images/ 		43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=7.092566623652393
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-78.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:00 GMT
via
1.1 b10eef4dff0375003ae9795596a9615c.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P5
age
9
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
accept-ranges
bytes
content-length
43
x-amz-cf-id
TR_-X5t1_GvAG2h-1U6dPmOC-q9qucMbPQGZ5vdYWd4eSq__VL9tfg==
pixel.gif
cdn.viglink.com/images/ 		43 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=7.092566623652393
Requested by
Host: www.kitploit.com
URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-78.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:29:00 GMT
via
1.1 b10eef4dff0375003ae9795596a9615c.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P5
age
9
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
accept-ranges
bytes
content-length
43
x-amz-cf-id
MQfoAjei5FFAO7l2T3TzU0UnvmMIW43WRPWBAW88VUocbsQUYC2WQA==
ping
links.services.disqus.com/api/ 		300 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e51954042a99c7d34e44215cedeeed19da6aa64301156bacf59c52c828e9ecd9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2024 20:29:03 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.kitploit.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
300
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
links.services.disqus.com/api/ 		0
0
domains
links.services.disqus.com/api/ 		58 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
356fefe38f80ee2ae181570e534795bbbcae69d95db1c04e63254be519ecf2ab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2024 20:29:03 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.kitploit.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
58
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
links.services.disqus.com/api/ 		58 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
b089430bce55e398ca56689656784b854798929e1df35b83c7cec62c15daa410

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.kitploit.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 24 Apr 2024 20:29:03 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.kitploit.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
58
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
feeds.feedburner.com
URL
https://feeds.feedburner.com/~fc/PentestTools?bg=660066&fg=FFFFFF&anim=1&label=listeners
Domain
blogger.googleusercontent.com
URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0DxE9N5GY2GnidNkFA1tXKfFrhen0NHjQ41I3Enyqmq_757LqOk1BbGrqiqxUOJ3P-kF3Mb76rDF2B1MsHiWWmTjlkDh33wQP61AYVB_TwFviv2J0wS0s_xFcLoa9b-NlT4TrI0RfSbS-pXric6RpQdk2XQORzz1W25b8zB_fz2RNVFDgx86GXLh-6HSc/w640-h282/NoArgs_7.gif
Domain
feeds.feedburner.com
URL
https://feeds.feedburner.com/~fc/PentestTools?bg=660066&fg=FFFFFF&anim=1&label=listeners
Domain
links.services.disqus.com
URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| FontAwesomeKitConfig function| $ function| jQuery string| no_image_url object| adsbygoogle object| _0x769b function| init function| adB function| getRanSideB function| getRanSideHor function| getRanSideLateral function| createPostHenry object| dataLayer object| imgACX object| linksAcx number| indexads1 string| adhtml string| Fscroll string| stickyWork string| FstickyWork number| related_number number| pageCount object| jQuery1110014096451332105175 object| imgACX2 object| linksAcx2 number| index2ad string| adhtml2 string| disqus_shortname object| creditsyear undefined| jQuery1110014096451332105175_1713990541540 undefined| url1 undefined| ad336x280 undefined| ad728x90_1 undefined| ad728x90_2 undefined| ad728x90_3 function| gtag function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_244421 object| cookieChoices function| disqus_config object| DISQUS function| disqus_recommendations_config object| FB object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga object| __buffer object| DISQUS_RECOMMENDATIONS object| gaplugins object| gaGlobal object| gaData object| googletag function| onYouTubeIframeAPIReady function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZDY5NjM0MDY2MDNiMWUzN2xvYWRlcl9qcw== string| ZDY5NjM0MDY2MDNiMWUzN2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady boolean| __v5k function| vl_cB function| vl_disable function| vglnk_17139905430786 object| vglnk undefined| vglnk_17139905435797 undefined| vglnk_17139905436909 undefined| vglnk_171399054390710

6 Cookies

Domain/Path Name / Value
.kitploit.com/ Name: _gid
Value: GA1.2.762321915.1713990542
.kitploit.com/ Name: _gat_gtag_UA_65522301_1
Value: 1
.kitploit.com/ Name: _ga_X7ZW04TH92
Value: GS1.1.1713990542.1.0.1713990542.60.0.0
.kitploit.com/ Name: _ga
Value: GA1.1.368192752.1713990542
.disqus.com/ Name: disqus_unique
Value: 3lfsuae1h19u74
disqus.com/ Name: __jid
Value: 3lhnmch1q45or2

35 Console Messages

Source Level URL
Text
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.kitploit.com/2016/01/p0wnedshell-powershell-runspace-post.html?m=0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
4.bp.blogspot.com
ajax.googleapis.com
blogger.googleusercontent.com
c.disquscdn.com
cdn.viglink.com
connect.facebook.net
disqus.com
feeds.feedburner.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ka-f.fontawesome.com
kit.fontawesome.com
kitploit-com.disqus.com
links.services.disqus.com
pagead2.googlesyndication.com
referrer.disqus.com
region1.analytics.google.com
stats.g.doubleclick.net
www.blogger.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.kitploit.com
blogger.googleusercontent.com
feeds.feedburner.com
links.services.disqus.com
142.250.184.225
142.250.184.233
142.250.185.132
142.250.185.206
142.250.185.226
142.250.185.99
151.101.64.134
157.240.0.6
172.67.139.119
188.114.96.3
199.232.192.134
199.232.196.64
2001:4860:4802:34::36
2001:4860:4802:38::178
2600:9000:20e1:f800:6:8656:f5c0:93a1
2606:4700:4400::ac40:93bc
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2009
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c1d::9d
2a03:2880:f084:105:face:b00c:0:3
54.230.228.78
000ad01bacfde4b60eaa22c95f0eecc6a1b6053581a77ae9b717d62fac1427bb
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0477739e27e34a086edb454802a21cee8b8032adf32e8ed4cbdcdd8f442992ea
04ca635a51dff510d8c7c1995c0965ec00180b0a191f3deb4b123ec4db623eda
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0d3bd02c324f78e93227776f6c45788690b8899b3e28ed694173654822bc8bd9
0ea078b7f72240950d3f160d9b02ea5b213a714b06f332519da4fe4822db07c8
0f1fd368389544a7005f96d0b15f20c42217fc6b5c70050108f166671b7cb455
0ffcea863bfc6783ce33608752e75dadaf772ee36363090a5fb58d96646fbd85
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12c6314b03c436ba5f0f32b273376f01616ae20d29c5ea649c1a0c8a3eb383b6
146b95715a7970bd7b4dc7f80fc83740b056dad9e2ac7ff17d3b4bfd581bf3db
17825cd1a1eb026f78bc482cda5cccb3c32d26b07dd5b7f0e7375d4ad69ce0c9
1eef649184d92eed85305439001fc37209b470c1d38e398f9ade72f933f8b439
1f1904c69ce2ad4ae31e92c05f288067a3e48ce55c1534c5e2d5f7510fca6b07
24a824f93b2caee9f9a4b3641b75c5a6c8f6b36184452ad09cf5230ae348b597
29152e9ca4a4ee4b179abaf704d216181e908dfdac9d925b5f5082f64bc7c1a7
2b87c479eadc6a3eab40c4a0dbdcd525917ba8f22f66c6b647177d529a5e1543
2dd0c69af4d28be6ff17d893da08019301547028c8f5490b24635835921668a5
356fefe38f80ee2ae181570e534795bbbcae69d95db1c04e63254be519ecf2ab
3932876e30ca215f80b74402eefa0f1c62ff1a764d7918fb617a54aff41d010f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
46ce2cf31094fdb618af0551ffdfaf04f6394dd87e0787b686897edf1c975033
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
508625fae19b1d7815e98a93c58e7e04faf4647684e4c442c226a7a24ae45a6e
5a9adc30b8ffea126c251500a0b6009b74848b0fbfa3c4aa105905463d547f2c
5cc556f7a1301c1c932b1b1f696cbfbc5e131209812b9573204f69b305f05b6c
644e855bb6984ca10209298814b346d90a04ff58e73a86a0b9af5fbe0a79c284
695458ac1ee2ccfa6fb21b9164c670d91136b99b2040365fd4f087163f87f807
6c0174b710ef829ca7b4c280c74d46f2e256b85d71a3e8834f5ab34180d48936
6c535d26086183a81677770a2b2664f8da490815096782323809e08cf6104470
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
757ffcf71e01cf4745539459418c2e0b451525ee58ab78e6a87130a93e165841
77474ca5a73dd7b504a44d5bf22feb5026532a3260a625e8c95d4f83c2b6d35b
79d83a8f11fff6a9865965a4c20db2c38ba3e3955b52ceac05de4c8cdf6c443c
7a13bfa3aad2db0f2486f597e8aea7b8e6612013e009a97e40f6e33120551f0f
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b42b1dc506138ce79f674ec984f4c67c4655d638819fb32b9f2cddaf7273ad5
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
803e993eaf41835c38b3d1fe180ffaa35d358393f65901a936885951d44b4d4d
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83fd8fc05348ba75e94765ddbbf5c4c509503104393c27c9ab0a3dc7fe1fe167
858bd345ce34adf2ee6d356280e168bdc31f354891df8c4f89b0d74c109474cd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
907083869796a49e6fbc9730ca9aa16add2ff820d634b2581814b681273d93dc
93bfe434216d9217b53c2ef0e1b822032fc05aae72b0031b4975f897a1361b98
93f2eb01e18e177b07005fab415d64e50ab840f6b042b2c44ecf8af6aa192cf1
98333fb091c6ebe8f340384ffb95b405d52a0737bb38be04d30c329afcb828ff
9b4742f214941031e2e22d605b6af619c5296ae434d24ee50980e4a652d655e0
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
aa76a1f817939fb059bc168f0321025e833a1c868c4bd873c83dd41d45976410
ae8a784b57f7615f9ed41e303e6f922d0d8736a4175ea7a994bd44bc33a4f1a9
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b089430bce55e398ca56689656784b854798929e1df35b83c7cec62c15daa410
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2a2749601d97c30a7b6d5f1c7f6737e48753e150ded566430c3e2eca5f8b4b1
b47b6c8b9bbe8864cc07273add8545ec94b20eec1716f19cc36b7ba48b00e092
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b6845903d74118a2abcdf07627624c0f8c980cbe62d01911cfab50f2025d63ad
c2670e9e5da4e348a0d6028ec10c5a9c03c551168bc244019725662a173d6032
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6fa51849c8487b4310f7753e1408738c9386d6e25a3e57fec1386828fc3dcd5
d819ab3d3064cf42d2a75e322274cce81b5af2888725ffc42d1bf8fdaaf11952
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51954042a99c7d34e44215cedeeed19da6aa64301156bacf59c52c828e9ecd9
ec6ed99e44a8d93b05b6a3e1ad21e371beb62a2cbbdef873cfa355e5b16bb327
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ea08d94e9ad1d431148d70fd4f519dde6776dfe444d6969dcaa3e9b6b58612
f72f2bc6be03997aebd5592a7db3413aef96556f6ffa738189a437166adb6697
fae9ee8da96ba004f96a5719e3cd323b3248c49a28e56777ce829900d50929ed
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda