https://www.haktuts.in/2015/04/000webhost-vulnerable-to-session-hijack.html