Robot | Path | Permission |
GoogleBot | / | ✔ |
BingBot | / | ✔ |
BaiduSpider | / | ✔ |
YandexBot | / | ✔ |
Title | Mohammed |
Description | Mohammed Diaa Projects Mohammed Diaa Automate all the things Exploiting HTML-to-PDF Converters through HTML Imports Intro You’ve probably already heard ab |
Keywords | N/A |
WebSite | mhmdiaa.com |
Host IP | 104.21.75.194 |
Location | United States |
Site | Rank |
US$687,340
Last updated: 2023-05-17 10:10:18
mhmdiaa.com has Semrush global rank of 15,398,954. mhmdiaa.com has an estimated worth of US$ 687,340, based on its estimated Ads revenue. mhmdiaa.com receives approximately 79,309 unique visitors each day. Its web server is located in United States, with IP address 104.21.75.194. According to SiteAdvisor, mhmdiaa.com is safe to visit. |
Purchase/Sale Value | US$687,340 |
Daily Ads Revenue | US$635 |
Monthly Ads Revenue | US$19,035 |
Yearly Ads Revenue | US$228,409 |
Daily Unique Visitors | 5,288 |
Note: All traffic and earnings values are estimates. |
Host | Type | TTL | Data |
mhmdiaa.com. | A | 300 | IP: 104.21.75.194 |
mhmdiaa.com. | A | 300 | IP: 172.67.180.228 |
mhmdiaa.com. | AAAA | 300 | IPV6: 2606:4700:3032::6815:4bc2 |
mhmdiaa.com. | AAAA | 300 | IPV6: 2606:4700:3036::ac43:b4e4 |
mhmdiaa.com. | NS | 86400 | NS Record: mary.ns.cloudflare.com. |
mhmdiaa.com. | NS | 86400 | NS Record: tony.ns.cloudflare.com. |
mhmdiaa.com. | MX | 300 | MX Record: 10 mx1.privateemail.com. |
mhmdiaa.com. | MX | 300 | MX Record: 10 mx2.privateemail.com. |
mhmdiaa.com. | TXT | 300 | TXT Record: v=spf1 include:spf.privateemail.com ~all |
Mohammed Diaa Projects Mohammed Diaa Automate all the things Exploiting HTML-to-PDF Converters through HTML Imports Intro You’ve probably already heard about many different ways to exploit HTML-to-PDF converters and access sensitive info: you can try to <iframe> AWS’s 169.254.169.254 IP and read that sweet, sweet metadata. Didn’t work? Inject a <script> tag and use JavaScript. Filtered, too? Maybe try a <link> with a rel="attachment" property and attach a sensitive file to the PDF. No? At least use an <img> to send GET requests to internal hosts or fingerprint them using their favicons?... October 10, 2021 Blind XSS in Spotify’s Salesforce Integration This is the story of a blind XSS vulnerability that affected Spotify. It could have allowed an attacker to gain access to their customer support backend, which is built on Salesforce. First, some background. What is a “blind XSS vulnerability”? Blind XSS is a type of persistent XSS that occurs when the attacker |
HTTP/1.1 301 Moved Permanently Date: Sat, 19 Mar 2022 09:28:06 GMT Connection: keep-alive Cache-Control: max-age=3600 Expires: Sat, 19 Mar 2022 10:28:06 GMT Location: https://mhmdiaa.com/ Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEzpRi7Gq2fV6ZCOuf4B6W6mbvRATat7HCkaiNILa2YsrEwCa45lU9uL6yM4J4Xt8sj1k1W1L2geXIGbSoi5TvMJ1x2RazgtwVzTyEB31jSGSjzo11VpA7yzMXYjrajeFbHEVcq09GTP8A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 6ee52d12ce6a904e-FRA alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 HTTP/2 200 date: Sat, 19 Mar 2022 09:28:07 GMT content-type: text/html; charset=UTF-8 age: 1 cache-control: public, max-age=0, must-revalidate vary: Accept-Encoding x-nf-request-id: 01FYGR2T1RWNPX4EWZ9ANWK413 cf-cache-status: DYNAMIC expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyWllxymGFj6gsSk7XIEnf2fPSfBZu5PuJyfwmaZEckhsk8L2QitE6iPsTg2YRJMiEvUOxmqpZtmlTEqzHZ%2BfVEAe%2FFhX0LO4yjxvTidwRxACUP30cbEe9l%2FEib19k1BAPh6X%2B%2FsEb8v1w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 6ee52d135b0e9189-FRA alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 |
Domain Name: MHMDIAA.COM Registry Domain ID: 2267089157_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namecheap.com Registrar URL: http://www.namecheap.com Updated Date: 2021-07-26T15:15:16Z Creation Date: 2018-05-24T16:10:42Z Registry Expiry Date: 2022-05-24T16:10:42Z Registrar: NameCheap, Inc. Registrar IANA ID: 1068 Registrar Abuse Contact Email: abuse@namecheap.com Registrar Abuse Contact Phone: +1.6613102107 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: MARY.NS.CLOUDFLARE.COM Name Server: TONY.NS.CLOUDFLARE.COM DNSSEC: unsigned >>> Last update of whois database: 2022-03-19T10:28:36Z <<< |